Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42301 |
|
Vulnerability in CVE-2026-42301 (CVE-2026-42301)
vulnerability in CVE-2026-42301 (CVE-2026-42301). Successful exploitation can lead to full system takeover.
|
| CVE-2026-29202 |
|
Vulnerability in CVE-2026-29202 (CVE-2026-29202)
vulnerability in CVE-2026-29202 (CVE-2026-29202). Successful exploitation can lead to full system takeover. Exploitable via ``plugin``.
|
| CVE-2026-29201 |
|
Vulnerability in CVE-2026-29201 (CVE-2026-29201)
vulnerability in CVE-2026-29201 (CVE-2026-29201). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44337 |
|
Vulnerability in praison (CVE-2026-44337)
vulnerability in praison (CVE-2026-44337). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44336 |
|
Vulnerability in praison (CVE-2026-44336)
vulnerability in praison (CVE-2026-44336). Successful exploitation can lead to full system takeover. Exploitable via ``praisonai.rules.create``.
|
| CVE-2026-43944 |
|
Vulnerability in electerm (CVE-2026-43944)
vulnerability in electerm (CVE-2026-43944). Successful exploitation can lead to full system takeover. Exploitable via ``opts``. Mitigation: upgrade to `> 3.8.8` or later.
|
| CVE-2026-42261 |
|
Vulnerability in ssrf (CVE-2026-42261)
vulnerability in ssrf (CVE-2026-42261). Confidential information can be exposed externally. Exploitable via `POST /api/skills/fetch-remote`.
|
| CVE-2026-33844 |
|
Vulnerability in apache (CVE-2026-33844)
vulnerability in apache (CVE-2026-33844). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6973 KEV |
|
[KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2026-6973). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-7989 |
|
Vulnerability in google (CVE-2026-7989)
vulnerability in google (CVE-2026-7989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7916 |
|
Vulnerability in google (CVE-2026-7916)
vulnerability in google (CVE-2026-7916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-43117 |
|
Vulnerability in linux (CVE-2026-43117)
vulnerability in linux (CVE-2026-43117). Confidential information can be exposed externally.
|
| CVE-2026-34197 KEV |
|
[KEV] Vulnerability in Apache activemq (CVE-2026-34197)
vulnerability in Apache activemq (CVE-2026-34197). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-32201 KEV |
|
[KEV] Vulnerability in Microsoft sharepoint-server (CVE-2026-32201)
vulnerability in Microsoft sharepoint-server (CVE-2026-32201). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-1854 KEV |
|
[KEV] Vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854)
vulnerability in Microsoft visual-basic-for-applications-vba (CVE-2012-1854). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-20393 KEV |
|
[KEV] Vulnerability in Cisco multiple-products (CVE-2025-20393)
vulnerability in Cisco multiple-products (CVE-2025-20393). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-54236 KEV |
|
[KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.
|
| CVE-2025-6558 KEV |
|
[KEV] Vulnerability in Google chromium (CVE-2025-6558)
vulnerability in Google chromium (CVE-2025-6558). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-21413 KEV |
|
[KEV] Vulnerability in Microsoft office-outlook (CVE-2024-21413)
vulnerability in Microsoft office-outlook (CVE-2024-21413). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3714 KEV |
|
[KEV] Vulnerability in imagemagick (CVE-2016-3714)
vulnerability in imagemagick (CVE-2016-3714). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-38189 KEV |
|
[KEV] Vulnerability in Microsoft project (CVE-2024-38189)
vulnerability in Microsoft project (CVE-2024-38189). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-30040 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2024-30040)
vulnerability in Microsoft windows (CVE-2024-30040). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-3400 KEV |
|
[KEV] Vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400)
vulnerability in Palo alto networks palo-alto-networks (CVE-2024-3400). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-41266 KEV |
|
[KEV] Vulnerability in Qlik sense (CVE-2023-41266)
vulnerability in Qlik sense (CVE-2023-41266). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-36563 KEV |
|
[KEV] Vulnerability in Microsoft wordpad (CVE-2023-36563)
vulnerability in Microsoft wordpad (CVE-2023-36563). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2014-8361 KEV |
|
[KEV] Vulnerability in Realtek sdk (CVE-2014-8361)
vulnerability in Realtek sdk (CVE-2014-8361). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-25489 KEV |
|
[KEV] Vulnerability in Samsung mobile-devices (CVE-2021-25489)
vulnerability in Samsung mobile-devices (CVE-2021-25489). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-2868 KEV |
|
[KEV] Vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868)
vulnerability in Barracuda networks barracuda-networks (CVE-2023-2868). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-3904 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2010-3904)
vulnerability in Linux kernel (CVE-2010-3904). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-39197 KEV |
|
[KEV] Vulnerability in Fortra cobalt-strike (CVE-2022-39197)
vulnerability in Fortra cobalt-strike (CVE-2022-39197). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-30900 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2021-30900)
vulnerability in Apple ios (CVE-2021-30900). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2015-2291 KEV |
|
[KEV] Vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291)
vulnerability in Intel ethernet-diagnostics-driver-for-windows (CVE-2015-2291). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-22952 KEV |
|
[KEV] Vulnerability in Sugarcrm multiple-products (CVE-2023-22952)
vulnerability in Sugarcrm multiple-products (CVE-2023-22952). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-11357 KEV |
|
[KEV] Vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357)
vulnerability in Telerik user-interface-ui-for-aspnet-ajax (CVE-2017-11357). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-42827 KEV |
|
[KEV] Vulnerability in Apple ios-and-ipados (CVE-2022-42827)
vulnerability in Apple ios-and-ipados (CVE-2022-42827). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-6282 KEV |
|
[KEV] Vulnerability in Linux kernel (CVE-2013-6282)
vulnerability in Linux kernel (CVE-2013-6282). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2010-2568 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2010-2568)
vulnerability in Microsoft windows (CVE-2010-2568). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-32917 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2022-32917)
vulnerability in Apple ios (CVE-2022-32917). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-37969 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2022-37969)
vulnerability in Microsoft windows (CVE-2022-37969). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-3075 KEV |
|
[KEV] Vulnerability in Google chromium-mojo (CVE-2022-3075)
vulnerability in Google chromium-mojo (CVE-2022-3075). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-31010 KEV |
|
[KEV] Vulnerability in Apple ios (CVE-2021-31010)
vulnerability in Apple ios (CVE-2021-31010). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-32894 KEV |
|
[KEV] Vulnerability in Apple ios-and-macos (CVE-2022-32894)
vulnerability in Apple ios-and-macos (CVE-2022-32894). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-32893 KEV |
|
[KEV] Vulnerability in Apple ios-and-macos (CVE-2022-32893)
vulnerability in Apple ios-and-macos (CVE-2022-32893). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-2856 KEV |
|
[KEV] Vulnerability in Google chromium-intents (CVE-2022-2856)
vulnerability in Google chromium-intents (CVE-2022-2856). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2022-29499 KEV |
|
[KEV] Vulnerability in Mitel mivoice-connect (CVE-2022-29499)
vulnerability in Mitel mivoice-connect (CVE-2022-29499). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2019-7193 KEV |
|
[KEV] Vulnerability in Qnap qts (CVE-2019-7193)
vulnerability in Qnap qts (CVE-2019-7193). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-0151 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2012-0151)
vulnerability in Microsoft windows (CVE-2012-0151). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2013-3896 KEV |
|
[KEV] Vulnerability in Microsoft silverlight (CVE-2013-3896)
vulnerability in Microsoft silverlight (CVE-2013-3896). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-0034 KEV |
|
[KEV] Vulnerability in Microsoft silverlight (CVE-2016-0034)
vulnerability in Microsoft silverlight (CVE-2016-0034). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-19949 KEV |
|
[KEV] Vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949)
vulnerability in Qnap network-attached-storage-nas (CVE-2018-19949). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|