Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-33381 |
|
Vulnerability in grafana (CVE-2026-33381)
vulnerability in grafana (CVE-2026-33381). Confidential information can be exposed externally. Mitigation: upgrade to `11.6.14, 12.2.8, 12.3.6, 12.4.3, 13.0.1` or later.
|
| CVE-2026-28374 |
|
Vulnerability in grafana (CVE-2026-28374)
vulnerability in grafana (CVE-2026-28374). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.6.14, 12.2.8, 12.3.6, 12.4.3, 13.0.1` or later.
|
| CVE-2026-44007 |
|
Vulnerability in vm2 (CVE-2026-44007)
vulnerability in vm2 (CVE-2026-44007). Successful exploitation can lead to full system takeover. Exploitable via ``NodeVM``. Mitigation: upgrade to `3.11.1` or later.
|
| CVE-2026-36738 |
|
Vulnerability in u-speed (CVE-2026-36738)
vulnerability in u-speed (CVE-2026-36738). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44774 |
|
Vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774)
vulnerability in github.com/traefik/traefik/v3 (CVE-2026-44774). Successful exploitation can lead to full system takeover. Exploitable via `PUT /api/providers/rest`. Mitigation: upgrade to `3.6.17` or later.
|
| CVE-2026-44341 |
|
Vulnerability in CVE-2026-44341 (CVE-2026-44341)
vulnerability in CVE-2026-44341 (CVE-2026-44341). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44352 |
|
Vulnerability in CVE-2026-44352 (CVE-2026-44352)
vulnerability in CVE-2026-44352 (CVE-2026-44352). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.3` or later.
|
| CVE-2026-42158 |
|
Vulnerability in CVE-2026-42158 (CVE-2026-42158)
vulnerability in CVE-2026-42158 (CVE-2026-42158). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.2.3` or later.
|
| CVE-2026-44874 |
|
Vulnerability in arubanetworks (CVE-2026-44874)
vulnerability in arubanetworks (CVE-2026-44874). Confidential information can be exposed externally.
|
| CVE-2026-44225 |
|
Path Traversal in CVE-2026-44225 (CVE-2026-44225)
path traversal in CVE-2026-44225 (CVE-2026-44225). Confidential information can be exposed externally. Mitigation: upgrade to `0.1.1` or later.
|
| CVE-2026-42823 |
|
Vulnerability in microsoft (CVE-2026-42823)
vulnerability in microsoft (CVE-2026-42823). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44277 |
|
Vulnerability in fortinet (CVE-2026-44277)
vulnerability in fortinet (CVE-2026-44277). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42832 |
|
Vulnerability in microsoft (CVE-2026-42832)
vulnerability in microsoft (CVE-2026-42832). Confidential information can be exposed externally.
|
| CVE-2026-41100 |
|
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
Improper access control in M365 Copilot allows an authorized attacker to perform spoofing locally.
|
| CVE-2026-41614 |
|
Vulnerability in microsoft (CVE-2026-41614)
vulnerability in microsoft (CVE-2026-41614). Confidential information can be exposed externally.
|
| CVE-2026-41102 |
|
Vulnerability in microsoft (CVE-2026-41102)
vulnerability in microsoft (CVE-2026-41102). Confidential information can be exposed externally.
|
| CVE-2026-41101 |
|
Vulnerability in microsoft (CVE-2026-41101)
vulnerability in microsoft (CVE-2026-41101). Confidential information can be exposed externally.
|
| CVE-2026-40381 |
|
Vulnerability in microsoft (CVE-2026-40381)
vulnerability in microsoft (CVE-2026-40381). Successful exploitation can lead to full system takeover.
|
| CVE-2026-41086 |
|
Vulnerability in microsoft (CVE-2026-41086)
vulnerability in microsoft (CVE-2026-41086). Successful exploitation can lead to full system takeover.
|
| CVE-2026-40420 |
|
Vulnerability in microsoft (CVE-2026-40420)
vulnerability in microsoft (CVE-2026-40420). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33834 |
|
Vulnerability in microsoft (CVE-2026-33834)
vulnerability in microsoft (CVE-2026-33834). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32209 |
|
Vulnerability in microsoft (CVE-2026-32209)
vulnerability in microsoft (CVE-2026-32209). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-43524 |
|
Vulnerability in apple (CVE-2025-43524)
vulnerability in apple (CVE-2025-43524). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42177 |
|
Vulnerability in CVE-2026-42177 (CVE-2026-42177)
vulnerability in CVE-2026-42177 (CVE-2026-42177). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.1` or later.
|
| CVE-2026-40300 |
|
Vulnerability in zulip (CVE-2026-40300)
vulnerability in zulip (CVE-2026-40300). Confidential information can be exposed externally. Mitigation: upgrade to `12.0` or later.
|
| CVE-2026-20887 |
|
Vulnerability in dos (CVE-2026-20887)
vulnerability in dos (CVE-2026-20887). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42074 |
|
Vulnerability in openclaude (CVE-2026-42074)
vulnerability in openclaude (CVE-2026-42074). Successful exploitation can lead to full system takeover. Exploitable via ``dangerouslyDisableSandbox``. Mitigation: upgrade to `0.5.1` or later.
|
| CVE-2026-40020 |
|
Vulnerability in dovecot (CVE-2026-40020)
vulnerability in dovecot (CVE-2026-40020). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-43652 |
|
Vulnerability in apple (CVE-2026-43652)
vulnerability in apple (CVE-2026-43652). Confidential information can be exposed externally.
|
| CVE-2026-28965 |
|
Vulnerability in apple (CVE-2026-28965)
vulnerability in apple (CVE-2026-28965). Confidential information can be exposed externally.
|
| CVE-2026-28974 |
|
Vulnerability in apple (CVE-2026-28974)
vulnerability in apple (CVE-2026-28974). Confidential information can be exposed externally.
|
| CVE-2026-28988 |
|
Vulnerability in apple (CVE-2026-28988)
vulnerability in apple (CVE-2026-28988). Confidential information can be exposed externally.
|
| CVE-2026-28978 |
|
Vulnerability in apple (CVE-2026-28978)
vulnerability in apple (CVE-2026-28978). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28993 |
|
Vulnerability in apple (CVE-2026-28993)
vulnerability in apple (CVE-2026-28993). Confidential information can be exposed externally.
|
| CVE-2026-28922 |
|
Information Disclosure in apple (CVE-2026-28922)
vulnerability in apple (CVE-2026-28922). Confidential information can be exposed externally.
|
| CVE-2026-28930 |
|
Vulnerability in apple (CVE-2026-28930)
vulnerability in apple (CVE-2026-28930). Confidential information can be exposed externally.
|
| CVE-2026-28957 |
|
Vulnerability in apple (CVE-2026-28957)
vulnerability in apple (CVE-2026-28957). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28910 |
|
Vulnerability in apple (CVE-2026-28910)
vulnerability in apple (CVE-2026-28910). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34754 |
|
Vulnerability in mantisbt/mantisbt (CVE-2026-34754)
vulnerability in mantisbt/mantisbt (CVE-2026-34754). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.28.2` or later.
|
| CVE-2026-34390 |
|
Vulnerability in mantisbt/mantisbt (CVE-2026-34390)
vulnerability in mantisbt/mantisbt (CVE-2026-34390). Risk of unauthorized operations or information disclosure. Exploitable via `PUT /project/{id}/users`. Mitigation: upgrade to `2.28.2` or later.
|
| CVE-2026-7813 |
|
Vulnerability in pgadmin4 (CVE-2026-7813)
vulnerability in pgadmin4 (CVE-2026-7813). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.15` or later.
|
| CVE-2025-9973 |
|
Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
|
| CVE-2026-8233 |
|
Vulnerability in CVE-2026-8233 (CVE-2026-8233)
vulnerability in CVE-2026-8233 (CVE-2026-8233). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42569 |
|
Vulnerability in nabeel/phpvms (CVE-2026-42569)
vulnerability in nabeel/phpvms (CVE-2026-42569). Data can be tampered with by attackers. Mitigation: upgrade to `7.0.6` or later.
|
| CVE-2026-20167 |
|
Vulnerability in Cisco dos (CVE-2026-20167)
vulnerability in Cisco dos (CVE-2026-20167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-1749 |
|
Vulnerability in CVE-2026-1749 (CVE-2026-1749)
vulnerability in CVE-2026-1749 (CVE-2026-1749). Confidential information can be exposed externally.
|
| CVE-2026-37709 |
|
Vulnerability in snipe/snipe-it (CVE-2026-37709)
vulnerability in snipe/snipe-it (CVE-2026-37709). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.4.1` or later.
|
| CVE-2026-42205 |
|
Vulnerability in avo (CVE-2026-42205)
vulnerability in avo (CVE-2026-42205). Successful exploitation can lead to full system takeover. Exploitable via `POST /admin/resources/posts/actions`. Mitigation: upgrade to `3.31.2` or later.
|
| CVE-2026-44556 |
|
Vulnerability in open-webui (CVE-2026-44556)
vulnerability in open-webui (CVE-2026-44556). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2026-41487 |
|
Vulnerability in langfuse (CVE-2026-41487)
vulnerability in langfuse (CVE-2026-41487). Risk of unauthorized operations or information disclosure.
|