Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-56360 |
|
Vulnerability in n8n (CVE-2026-56360)
vulnerability in n8n (CVE-2026-56360). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54763 |
|
Vulnerability in traefik (CVE-2026-54763)
vulnerability in traefik (CVE-2026-54763). Confidential information can be exposed externally.
|
| CVE-2026-24013 |
|
Vulnerability in apache (CVE-2026-24013)
vulnerability in apache (CVE-2026-24013). Confidential information can be exposed externally.
|
| CVE-2026-45489 |
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Microsoft Edge (Chromium-based) Spoofing Vulnerability
|
| CVE-2026-14381 |
|
Vulnerability in google (CVE-2026-14381)
vulnerability in google (CVE-2026-14381). Data can be tampered with by attackers.
|
| CVE-2026-58593 |
|
Vulnerability in nodebb (CVE-2026-58593)
vulnerability in nodebb (CVE-2026-58593). Data can be tampered with by attackers.
|
| CVE-2026-24270 |
|
Vulnerability in dos (CVE-2026-24270)
vulnerability in dos (CVE-2026-24270). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14118 |
|
Vulnerability in google (CVE-2026-14118)
vulnerability in google (CVE-2026-14118). Data can be tampered with by attackers.
|
| CVE-2026-13984 |
|
Vulnerability in google (CVE-2026-13984)
vulnerability in google (CVE-2026-13984). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-13985 |
|
Vulnerability in google (CVE-2026-13985)
vulnerability in google (CVE-2026-13985). Data can be tampered with by attackers.
|
| CVE-2026-13207 |
|
Vulnerability in CVE-2026-13207 (CVE-2026-13207)
vulnerability in CVE-2026-13207 (CVE-2026-13207). Confidential information can be exposed externally.
|
| CVE-2026-58370 |
|
Vulnerability in CVE-2026-58370 (CVE-2026-58370)
vulnerability in CVE-2026-58370 (CVE-2026-58370). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7656 |
|
Vulnerability in c (CVE-2026-7656)
vulnerability in c (CVE-2026-7656). Data can be tampered with by attackers.
|
| CVE-2026-54089 |
|
Authentication Bypass in CVE-2026-54089 (CVE-2026-54089)
authentication bypass in CVE-2026-54089 (CVE-2026-54089). Confidential information can be exposed externally.
|
| CVE-2026-52690 |
|
Vulnerability in CVE-2026-52690 (CVE-2026-52690)
vulnerability in CVE-2026-52690 (CVE-2026-52690). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25119 |
|
Vulnerability in gogs.io/gogs (CVE-2026-25119)
vulnerability in gogs.io/gogs (CVE-2026-25119). Risk of unauthorized operations or information disclosure. Exploitable via ``ENABLE_REVERSE_PROXY_AUTHENTICATION``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-49231 |
|
Vulnerability in apache (CVE-2026-49231)
vulnerability in apache (CVE-2026-49231). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39999 |
|
Vulnerability in apache (CVE-2026-39999)
vulnerability in apache (CVE-2026-39999). Confidential information can be exposed externally.
|
| CVE-2026-56020 |
|
Vulnerability in CVE-2026-56020 (CVE-2026-56020)
vulnerability in CVE-2026-56020 (CVE-2026-56020). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2.641` or later.
|
| CVE-2026-50141 |
|
Vulnerability in CVE-2026-50141 (CVE-2026-50141)
vulnerability in CVE-2026-50141 (CVE-2026-50141). Risk of unauthorized operations or information disclosure. Exploitable via ``agent_id``.
|
| CVE-2026-55202 |
|
Vulnerability in CVE-2026-55202 (CVE-2026-55202)
vulnerability in CVE-2026-55202 (CVE-2026-55202). Confidential information can be exposed externally. Exploitable via `Host header`.
|
| CVE-2026-49468 |
|
Vulnerability in litellm (CVE-2026-49468)
vulnerability in litellm (CVE-2026-49468). Successful exploitation can lead to full system takeover. Exploitable via ``request.url.path``. Mitigation: upgrade to `1.84.0` or later.
|
| CVE-2026-52845 |
|
Authentication Bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845)
authentication bypass in github.com/caddyserver/caddy/v2 (CVE-2026-52845). Confidential information can be exposed externally. Exploitable via `GET /index.php`. Mitigation: upgrade to `2.11.4` or later.
|
| CVE-2026-53857 |
|
OpenClaw: Zalo allowFrom could bind to mutable display names
OpenClaw: Zalo allowFrom could bind to mutable display names
|
| CVE-2026-53849 |
|
OpenClaw: Discord allowFrom could bind to mutable display names
OpenClaw: Discord allowFrom could bind to mutable display names
|
| CVE-2026-54308 |
|
Vulnerability in n8n (CVE-2026-54308)
vulnerability in n8n (CVE-2026-54308). Risk of unauthorized operations or information disclosure. Exploitable via ``MicrosoftAgent365Trigger``. Mitigation: upgrade to `2.25.7` or later.
|
| CVE-2026-42662 |
|
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
|
| CVE-2026-27089 |
|
Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions.
Unauthenticated Bypass Vulnerability in WpTravelly <= 2.1.7 versions.
|
| CVE-2026-36537 |
|
Vulnerability in CVE-2026-36537 (CVE-2026-36537)
vulnerability in CVE-2026-36537 (CVE-2026-36537). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49757 |
|
Vulnerability in ash_authentication (CVE-2026-49757)
vulnerability in ash_authentication (CVE-2026-49757). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.14.0, 5.0.0-rc.10` or later.
|
| CVE-2026-34025 |
|
Vulnerability in CVE-2026-34025 (CVE-2026-34025)
vulnerability in CVE-2026-34025 (CVE-2026-34025). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53833 |
|
Vulnerability in openclaw (CVE-2026-53833)
vulnerability in openclaw (CVE-2026-53833). Confidential information can be exposed externally.
|
| CVE-2026-53832 |
|
Vulnerability in CVE-2026-53832 (CVE-2026-53832)
vulnerability in CVE-2026-53832 (CVE-2026-53832). Confidential information can be exposed externally.
|
| CVE-2026-53823 |
|
Vulnerability in privilege-escalation (CVE-2026-53823)
vulnerability in privilege-escalation (CVE-2026-53823). Confidential information can be exposed externally.
|
| CVE-2026-5792 |
|
Vulnerability in CVE-2026-5792 (CVE-2026-5792)
vulnerability in CVE-2026-5792 (CVE-2026-5792). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53817 |
|
Vulnerability in openclaw (CVE-2026-53817)
vulnerability in openclaw (CVE-2026-53817). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.22` or later.
|
| CVE-2026-53811 |
|
Vulnerability in openclaw (CVE-2026-53811)
vulnerability in openclaw (CVE-2026-53811). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `2026.5.7` or later.
|
| CVE-2026-6090 |
|
Vulnerability in CVE-2026-6090 (CVE-2026-6090)
vulnerability in CVE-2026-6090 (CVE-2026-6090). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47381 |
|
Vulnerability in nocodb (CVE-2026-47381)
vulnerability in nocodb (CVE-2026-47381). Risk of unauthorized operations or information disclosure. Exploitable via ``testConnection``. Mitigation: upgrade to `2026.05.1` or later.
|
| CVE-2026-48567 |
|
Vulnerability in microsoft (CVE-2026-48567)
vulnerability in microsoft (CVE-2026-48567). Data can be tampered with by attackers.
|
| CVE-2026-11019 |
|
Vulnerability in google (CVE-2026-11019)
vulnerability in google (CVE-2026-11019). Data can be tampered with by attackers.
|
| CVE-2026-11001 |
|
Vulnerability in google (CVE-2026-11001)
vulnerability in google (CVE-2026-11001). Data can be tampered with by attackers.
|
| CVE-2026-8644 |
|
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing.
|
| CVE-2026-42674 |
|
Vulnerability in CVE-2026-42674 (CVE-2026-42674)
vulnerability in CVE-2026-42674 (CVE-2026-42674). Data can be tampered with by attackers.
|
| CVE-2026-47123 |
|
Vulnerability in laravel (CVE-2026-47123)
vulnerability in laravel (CVE-2026-47123). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.220` or later.
|
| CVE-2026-46414 |
|
Vulnerability in CVE-2026-46414 (CVE-2026-46414)
vulnerability in CVE-2026-46414 (CVE-2026-46414). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8676 |
|
Vulnerability in CVE-2026-8676 (CVE-2026-8676)
vulnerability in CVE-2026-8676 (CVE-2026-8676). Successful exploitation can lead to full system takeover.
|
| CVE-2018-25361 |
|
Vulnerability in CVE-2018-25361 (CVE-2018-25361)
vulnerability in CVE-2018-25361 (CVE-2018-25361). Confidential information can be exposed externally.
|
| CVE-2026-39309 |
|
Vulnerability in CVE-2026-39309 (CVE-2026-39309)
vulnerability in CVE-2026-39309 (CVE-2026-39309). Confidential information can be exposed externally.
|
| CVE-2026-8960 |
|
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
Spoofing issue in WebExtensions. This vulnerability was fixed in Firefox 151.
|