Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-862 Clear
ID Title
CVE-2026-27424 Vulnerability in CVE-2026-27424 (CVE-2026-27424)
vulnerability in CVE-2026-27424 (CVE-2026-27424). Risk of unauthorized operations or information disclosure.
CVE-2026-44392 Vulnerability in jvn (CVE-2026-44392)
vulnerability in jvn (CVE-2026-44392). Risk of unauthorized operations or information disclosure.
CVE-2026-5200 Vulnerability in wordpress (CVE-2026-5200)
vulnerability in wordpress (CVE-2026-5200). Successful exploitation can lead to full system takeover.
CVE-2025-15369 Vulnerability in wordpress (CVE-2025-15369)
vulnerability in wordpress (CVE-2025-15369). Risk of unauthorized operations or information disclosure.
CVE-2026-8610 Vulnerability in wordpress (CVE-2026-8610)
vulnerability in wordpress (CVE-2026-8610). Risk of unauthorized operations or information disclosure.
CVE-2026-34358 Vulnerability in privilege-escalation (CVE-2026-34358)
vulnerability in privilege-escalation (CVE-2026-34358). Confidential information can be exposed externally.
CVE-2026-34233 Vulnerability in CVE-2026-34233 (CVE-2026-34233)
vulnerability in CVE-2026-34233 (CVE-2026-34233). Confidential information can be exposed externally.
CVE-2026-8096 Vulnerability in wordpress (CVE-2026-8096)
vulnerability in wordpress (CVE-2026-8096). Confidential information can be exposed externally.
CVE-2026-34154 Vulnerability in discourse (CVE-2026-34154)
vulnerability in discourse (CVE-2026-34154). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.1.4, 2026.3.1, 2026.4.1` or later.
CVE-2026-47100 Vulnerability in CVE-2026-47100 (CVE-2026-47100)
vulnerability in CVE-2026-47100 (CVE-2026-47100). Data can be tampered with by attackers.
CVE-2026-45442 Vulnerability in CVE-2026-45442 (CVE-2026-45442)
vulnerability in CVE-2026-45442 (CVE-2026-45442). Risk of unauthorized operations or information disclosure.
CVE-2026-33514 Vulnerability in discourse (CVE-2026-33514)
vulnerability in discourse (CVE-2026-33514). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.1.4, 2026.3.1, 2026.4.1` or later.
CVE-2026-32312 Vulnerability in glpi-project (CVE-2026-32312)
vulnerability in glpi-project (CVE-2026-32312). Risk of unauthorized operations or information disclosure.
CVE-2026-30950 AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated Session Hijack...
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated Session Hijacking via IDOR. If an authenticated attacker can determine the session_id of another user's session, t...
CVE-2026-45244 Vulnerability in @steipete/summarize (CVE-2026-45244)
vulnerability in @steipete/summarize (CVE-2026-45244). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.15.0` or later.
CVE-2026-45242 Vulnerability in @steipete/summarize (CVE-2026-45242)
vulnerability in @steipete/summarize (CVE-2026-45242). Data can be tampered with by attackers. Mitigation: upgrade to `0.15.0` or later.
CVE-2026-45243 Vulnerability in @steipete/summarize (CVE-2026-45243)
vulnerability in @steipete/summarize (CVE-2026-45243). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.15.0` or later.
CVE-2026-45625 Vulnerability in github.com/getarcaneapp/arcane/backend (CVE-2026-45625)
vulnerability in github.com/getarcaneapp/arcane/backend (CVE-2026-45625). Successful exploitation can lead to full system takeover. Exploitable via `PUT /customize/git-repositories/{id}`. Mitigation: upgrade to `1.19.0` or later.
CVE-2026-3117 Vulnerability in mattermost (CVE-2026-3117)
vulnerability in mattermost (CVE-2026-3117). Risk of unauthorized operations or information disclosure.
CVE-2026-5163 Vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163)
vulnerability in github.com/mattermost/mattermost/server/v8 (CVE-2026-5163). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.0-20260401090745-f4d1abe7e8f5` or later.
CVE-2026-3637 Vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637)
vulnerability in github.com/mattermost/mattermost/server/public (CVE-2026-3637). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.3.0` or later.
CVE-2026-1631 Vulnerability in wordpress (CVE-2026-1631)
vulnerability in wordpress (CVE-2026-1631). Risk of unauthorized operations or information disclosure.
CVE-2025-4202 Vulnerability in wordpress (CVE-2025-4202)
vulnerability in wordpress (CVE-2025-4202). Risk of unauthorized operations or information disclosure.
CVE-2026-8681 Vulnerability in wordpress (CVE-2026-8681)
vulnerability in wordpress (CVE-2026-8681). Risk of unauthorized operations or information disclosure.
CVE-2026-46365 Vulnerability in phpMyFAQ/phpMyFAQ (CVE-2026-46365)
vulnerability in phpMyFAQ/phpMyFAQ (CVE-2026-46365). Risk of unauthorized operations or information disclosure. Exploitable via `DELETE /admin/api/content/tags/{tagId}`. Mitigation: upgrade to `4.1.2` or later.
CVE-2026-45007 Vulnerability in thorsten/phpmyfaq (CVE-2026-45007)
vulnerability in thorsten/phpmyfaq (CVE-2026-45007). Risk of unauthorized operations or information disclosure. Exploitable via ``ConfigurationTabController.php``. Mitigation: upgrade to `4.1.2` or later.
CVE-2026-44718 Vulnerability in CVE-2026-44718 (CVE-2026-44718)
vulnerability in CVE-2026-44718 (CVE-2026-44718). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.10.0` or later.
CVE-2026-44719 Vulnerability in CVE-2026-44719 (CVE-2026-44719)
vulnerability in CVE-2026-44719 (CVE-2026-44719). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.10.0` or later.
CVE-2026-45717 Vulnerability in @budibase/server (CVE-2026-45717)
vulnerability in @budibase/server (CVE-2026-45717). Successful exploitation can lead to full system takeover. Exploitable via `PUT /api/datasources/`. Mitigation: upgrade to `3.38.1` or later.
CVE-2026-2031 Vulnerability in CVE-2026-2031 (CVE-2026-2031)
vulnerability in CVE-2026-2031 (CVE-2026-2031). Risk of unauthorized operations or information disclosure.
CVE-2026-4683 Vulnerability in wordpress (CVE-2026-4683)
vulnerability in wordpress (CVE-2026-4683). Risk of unauthorized operations or information disclosure.
CVE-2026-7563 Vulnerability in wordpress (CVE-2026-7563)
vulnerability in wordpress (CVE-2026-7563). Risk of unauthorized operations or information disclosure.
CVE-2026-4094 The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to...
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to...
CVE-2026-8547 Vulnerability in privilege-escalation (CVE-2026-8547)
vulnerability in privilege-escalation (CVE-2026-8547). Successful exploitation can lead to full system takeover.
CVE-2026-45667 Vulnerability in open-webui (CVE-2026-45667)
vulnerability in open-webui (CVE-2026-45667). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `0.8.0` or later.
CVE-2026-45399 Vulnerability in open-webui (CVE-2026-45399)
vulnerability in open-webui (CVE-2026-45399). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/tasks`. Mitigation: upgrade to `0.9.0` or later.
CVE-2026-45395 Privilege Escalation in open-webui (CVE-2026-45395)
vulnerability in open-webui (CVE-2026-45395). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/v1/tools/id/{id}/update`. Mitigation: upgrade to `0.9.5` or later.
CVE-2026-45350 Vulnerability in open-webui (CVE-2026-45350)
vulnerability in open-webui (CVE-2026-45350). Confidential information can be exposed externally. Exploitable via ``tool_id``. Mitigation: upgrade to `0.8.6` or later.
CVE-2026-44592 Vulnerability in CVE-2026-44592 (CVE-2026-44592)
vulnerability in CVE-2026-44592 (CVE-2026-44592). Data can be tampered with by attackers. Mitigation: upgrade to `1.1.1` or later.
CVE-2026-41315 OS Command Injection in midoks (CVE-2026-41315)
OS command injection in midoks (CVE-2026-41315). Successful exploitation can lead to full system takeover.
CVE-2026-44884 Vulnerability in github.com/portainer/portainer (CVE-2026-44884)
vulnerability in github.com/portainer/portainer (CVE-2026-44884). Confidential information can be exposed externally. Exploitable via `GET /api/custom_templates/{id}/file`. Mitigation: upgrade to `2.39.1` or later.
CVE-2026-44849 Vulnerability in github.com/portainer/portainer (CVE-2026-44849)
vulnerability in github.com/portainer/portainer (CVE-2026-44849). Successful exploitation can lead to full system takeover. Exploitable via `POST /services/create`. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-44848 Vulnerability in github.com/portainer/portainer (CVE-2026-44848)
vulnerability in github.com/portainer/portainer (CVE-2026-44848). Successful exploitation can lead to full system takeover. Exploitable via `POST /plugins/pull`. Mitigation: upgrade to `2.41.0` or later.
CVE-2026-46444 Vulnerability in flowise (CVE-2026-46444)
vulnerability in flowise (CVE-2026-46444). Successful exploitation can lead to full system takeover. Exploitable via ``WHITELIST_URLS``. Mitigation: upgrade to `3.1.2` or later.
CVE-2026-6472 Vulnerability in postgresql (CVE-2026-6472)
vulnerability in postgresql (CVE-2026-6472). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `14.23.0, 15.18.0, 16.14.0, 17.10.0, 18.4.0` or later.
CVE-2026-44482 Vulnerability in CVE-2026-44482 (CVE-2026-44482)
vulnerability in CVE-2026-44482 (CVE-2026-44482). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.1.8` or later.
CVE-2026-4029 Vulnerability in wordpress (CVE-2026-4029)
vulnerability in wordpress (CVE-2026-4029). Confidential information can be exposed externally.
CVE-2026-4030 Vulnerability in wordpress (CVE-2026-4030)
vulnerability in wordpress (CVE-2026-4030). Successful exploitation can lead to full system takeover.
CVE-2026-4031 Vulnerability in wordpress (CVE-2026-4031)
vulnerability in wordpress (CVE-2026-4031). Confidential information can be exposed externally.
CVE-2026-6512 Vulnerability in wordpress (CVE-2026-6512)
vulnerability in wordpress (CVE-2026-6512). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →