Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: vue Clear
ID Title
CVE-2026-55647 Cross-Site Scripting (XSS) in vue (CVE-2026-55647)
cross-site scripting in vue (CVE-2026-55647). Risk of unauthorized operations or information disclosure.
CVE-2026-59102 Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
CVE-2026-58034 Cross-Site Scripting (XSS) in vue (CVE-2026-58034)
cross-site scripting in vue (CVE-2026-58034). Risk of unauthorized operations or information disclosure.
CVE-2026-58035 Cross-Site Scripting (XSS) in vue (CVE-2026-58035)
cross-site scripting in vue (CVE-2026-58035). Risk of unauthorized operations or information disclosure.
CVE-2026-58176 Vulnerability in vue (CVE-2026-58176)
vulnerability in vue (CVE-2026-58176). Data can be tampered with by attackers.
CVE-2026-57958 Cross-Site Scripting (XSS) in laravel (CVE-2026-57958)
cross-site scripting in laravel (CVE-2026-57958). Risk of unauthorized operations or information disclosure.
CVE-2026-57950 ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control...
CVE-2026-57949 Vulnerability in vue (CVE-2026-57949)
vulnerability in vue (CVE-2026-57949). Confidential information can be exposed externally. Exploitable via `GET /admin-api/crm/follow-up-record/get`.
CVE-2026-36848 Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
Gigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.
CVE-2026-13528 Path Traversal in vue (CVE-2026-13528)
path traversal in vue (CVE-2026-13528). Risk of unauthorized operations or information disclosure.
CVE-2026-48787 OS Command Injection in vue (CVE-2026-48787)
OS command injection in vue (CVE-2026-48787). Risk of unauthorized operations or information disclosure. Exploitable via `POST /autoCode/addFunc`.
CVE-2026-53721 Vulnerability in nuxt (CVE-2026-53721)
vulnerability in nuxt (CVE-2026-53721). Confidential information can be exposed externally. Exploitable via ``routeRules``. Mitigation: upgrade to `3.21.7` or later.
CVE-2026-53722 Cross-Site Scripting (XSS) in nuxt (CVE-2026-53722)
cross-site scripting in nuxt (CVE-2026-53722). Risk of unauthorized operations or information disclosure. Exploitable via ``href``. Mitigation: upgrade to `3.21.7` or later.
CVE-2026-49993 Vulnerability in @nuxt/webpack-builder (CVE-2026-49993)
vulnerability in @nuxt/webpack-builder (CVE-2026-49993). Confidential information can be exposed externally. Exploitable via ``Origin``. Mitigation: upgrade to `3.21.7` or later.
CVE-2026-10173 Cross-Site Scripting (XSS) in vue (CVE-2026-10173)
cross-site scripting in vue (CVE-2026-10173). Risk of unauthorized operations or information disclosure.
CVE-2026-47200 Vulnerability in nuxt (CVE-2026-47200)
vulnerability in nuxt (CVE-2026-47200). Risk of unauthorized operations or information disclosure. Exploitable via ``experimental.componentIslands``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-9374 Vulnerability in vue (CVE-2026-9374)
vulnerability in vue (CVE-2026-9374). Risk of unauthorized operations or information disclosure.
CVE-2026-46342 Cross-Site Scripting (XSS) in nuxt (CVE-2026-46342)
cross-site scripting in nuxt (CVE-2026-46342). Risk of unauthorized operations or information disclosure. Exploitable via ``props``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-45670 Vulnerability in @nuxt/rspack-builder (CVE-2026-45670)
vulnerability in @nuxt/rspack-builder (CVE-2026-45670). Risk of unauthorized operations or information disclosure. Exploitable via ``script.src``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-45669 Vulnerability in nuxt (CVE-2026-45669)
vulnerability in nuxt (CVE-2026-45669). Risk of unauthorized operations or information disclosure. Exploitable via ``Location``. Mitigation: upgrade to `4.4.6` or later.
CVE-2026-23695 Cross-Site Scripting (XSS) in cockpit-hq/cockpit (CVE-2026-23695)
cross-site scripting in cockpit-hq/cockpit (CVE-2026-23695). Risk of unauthorized operations or information disclosure.
CVE-2026-44589 SSRF (Server-Side Request Forgery) in nuxt-og-image (CVE-2026-44589)
SSRF in nuxt-og-image (CVE-2026-44589). Risk of unauthorized operations or information disclosure. Exploitable via ``isBlockedUrl``. Mitigation: upgrade to `6.4.9` or later.
CVE-2026-45228 Cross-Site Scripting (XSS) in vue (CVE-2026-45228)
cross-site scripting in vue (CVE-2026-45228). Risk of unauthorized operations or information disclosure. Exploitable via `POST /update`.
CVE-2026-44245 Cross-Site Scripting (XSS) in github.com/kyverno/policy-reporter-ui (CVE-2026-44245)
cross-site scripting in github.com/kyverno/policy-reporter-ui (CVE-2026-44245). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.5.2` or later.
CVE-2026-43900 Cross-Site Scripting (XSS) in vue (CVE-2026-43900)
cross-site scripting in vue (CVE-2026-43900). Confidential information can be exposed externally. Mitigation: upgrade to `1.0.4-beta.1` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →