Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: rce Clear
ID Title
CVE-2026-3082 Vulnerability in gstreamer (CVE-2026-3082)
vulnerability in gstreamer (CVE-2026-3082). Successful exploitation can lead to full system takeover.
CVE-2026-3085 Vulnerability in gstreamer (CVE-2026-3085)
vulnerability in gstreamer (CVE-2026-3085). Successful exploitation can lead to full system takeover.
CVE-2026-3083 Vulnerability in gstreamer (CVE-2026-3083)
vulnerability in gstreamer (CVE-2026-3083). Successful exploitation can lead to full system takeover.
CVE-2026-2923 Out-of-Bounds Write in gstreamer (CVE-2026-2923)
out-of-bounds write in gstreamer (CVE-2026-2923). Successful exploitation can lead to full system takeover.
CVE-2026-2921 Vulnerability in gstreamer (CVE-2026-2921)
vulnerability in gstreamer (CVE-2026-2921). Successful exploitation can lead to full system takeover.
CVE-2026-2922 Out-of-Bounds Write in gstreamer (CVE-2026-2922)
out-of-bounds write in gstreamer (CVE-2026-2922). Successful exploitation can lead to full system takeover.
CVE-2026-2920 Vulnerability in gstreamer (CVE-2026-2920)
vulnerability in gstreamer (CVE-2026-2920). Successful exploitation can lead to full system takeover.
CVE-2026-21708 SQL Injection in veeam (CVE-2026-21708)
SQL injection in veeam (CVE-2026-21708). Confidential information can be exposed externally.
CVE-2026-21669 Code Injection in veeam (CVE-2026-21669)
code injection in veeam (CVE-2026-21669). Successful exploitation can lead to full system takeover.
CVE-2026-21671 Code Injection in veeam (CVE-2026-21671)
code injection in veeam (CVE-2026-21671). Successful exploitation can lead to full system takeover.
CVE-2026-28292 OS Command Injection in simple-git-project (CVE-2026-28292)
OS command injection in simple-git-project (CVE-2026-28292). Successful exploitation can lead to full system takeover.
CVE-2026-1286 Unsafe Deserialization in deserialization (CVE-2026-1286)
vulnerability in deserialization (CVE-2026-1286). Successful exploitation can lead to full system takeover.
CVE-2026-29091 Vulnerability in locutus (CVE-2026-29091)
vulnerability in locutus (CVE-2026-29091). Successful exploitation can lead to full system takeover.
CVE-2026-2743 Path Traversal in path-traversal (CVE-2026-2743)
path traversal in path-traversal (CVE-2026-2743). Successful exploitation can lead to full system takeover.
CVE-2026-0847 Path Traversal in nltk (CVE-2026-0847)
path traversal in nltk (CVE-2026-0847). Confidential information can be exposed externally. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-28364 Vulnerability in c (CVE-2026-28364)
vulnerability in c (CVE-2026-28364). Confidential information can be exposed externally.
CVE-2026-25109 OS Command Injection in copeland (CVE-2026-25109)
OS command injection in copeland (CVE-2026-25109). Successful exploitation can lead to full system takeover.
CVE-2026-20910 OS Command Injection in copeland (CVE-2026-20910)
OS command injection in copeland (CVE-2026-20910). Successful exploitation can lead to full system takeover.
CVE-2026-27148 Vulnerability in storybook (CVE-2026-27148)
vulnerability in storybook (CVE-2026-27148). Successful exploitation can lead to full system takeover.
CVE-2026-27606 Path Traversal in path-traversal (CVE-2026-27606)
path traversal in path-traversal (CVE-2026-27606). Successful exploitation can lead to full system takeover.
CVE-2025-14905 Vulnerability in c (CVE-2025-14905)
vulnerability in c (CVE-2025-14905). Successful exploitation can lead to full system takeover. Exploitable via ``schema_attr_enum_callback``.
CVE-2026-2044 Vulnerability in gimp (CVE-2026-2044)
vulnerability in gimp (CVE-2026-2044). Successful exploitation can lead to full system takeover.
CVE-2026-2048 Out-of-Bounds Write in gimp (CVE-2026-2048)
out-of-bounds write in gimp (CVE-2026-2048). Successful exploitation can lead to full system takeover.
CVE-2026-2047 Vulnerability in gimp (CVE-2026-2047)
vulnerability in gimp (CVE-2026-2047). Successful exploitation can lead to full system takeover.
CVE-2026-2045 Out-of-Bounds Write in gimp (CVE-2026-2045)
out-of-bounds write in gimp (CVE-2026-2045). Successful exploitation can lead to full system takeover.
CVE-2026-0797 Vulnerability in gimp (CVE-2026-0797)
vulnerability in gimp (CVE-2026-0797). Successful exploitation can lead to full system takeover.
CVE-2026-2033 Path Traversal in path-traversal (CVE-2026-2033)
path traversal in path-traversal (CVE-2026-2033). Risk of unauthorized operations or information disclosure.
CVE-2026-26200 Vulnerability in hdfgroup (CVE-2026-26200)
vulnerability in hdfgroup (CVE-2026-26200). Successful exploitation can lead to full system takeover.
CVE-2025-13590 Unrestricted File Upload in wso2 (CVE-2025-13590)
vulnerability in wso2 (CVE-2025-13590). Successful exploitation can lead to full system takeover.
CVE-2026-0974 Vulnerability in wordpress (CVE-2026-0974)
vulnerability in wordpress (CVE-2026-0974). Successful exploitation can lead to full system takeover.
CVE-2025-14009 Code Injection in nltk (CVE-2025-14009)
code injection in nltk (CVE-2025-14009). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.9.3` or later.
CVE-2026-22208 Vulnerability in CVE-2026-22208 (CVE-2026-22208)
vulnerability in CVE-2026-22208 (CVE-2026-22208). Successful exploitation can lead to full system takeover.
CVE-2025-65480 OS Command Injection in CVE-2025-65480 (CVE-2025-65480)
OS command injection in CVE-2025-65480 (CVE-2025-65480). Successful exploitation can lead to full system takeover.
CVE-2026-1615 Code Injection in CVE-2026-1615 (CVE-2026-1615)
code injection in CVE-2026-1615 (CVE-2026-1615). Successful exploitation can lead to full system takeover.
CVE-2026-22778 Vulnerability in vllm (CVE-2026-22778)
vulnerability in vllm (CVE-2026-22778). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.14.1` or later.
CVE-2026-24881 Vulnerability in dos (CVE-2026-24881)
vulnerability in dos (CVE-2026-24881). Successful exploitation can lead to full system takeover.
CVE-2025-15467 Out-of-Bounds Write in cisa (CVE-2025-15467)
out-of-bounds write in cisa (CVE-2025-15467). Successful exploitation can lead to full system takeover.
CVE-2025-15059 Vulnerability in gimp (CVE-2025-15059)
vulnerability in gimp (CVE-2025-15059). Successful exploitation can lead to full system takeover.
CVE-2025-56005 Unsafe Deserialization in dabeaz (CVE-2025-56005)
vulnerability in dabeaz (CVE-2025-56005). Successful exploitation can lead to full system takeover. Exploitable via ``picklefile``.
CVE-2021-47839 Cross-Site Scripting (XSS) in CVE-2021-47839 (CVE-2021-47839)
cross-site scripting in CVE-2021-47839 (CVE-2021-47839). Risk of unauthorized operations or information disclosure.
CVE-2025-69262 pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings....
pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Code E...
CVE-2025-69264 Vulnerability in pnpm (CVE-2025-69264)
vulnerability in pnpm (CVE-2025-69264). Successful exploitation can lead to full system takeover.
CVE-2025-11157 Unsafe Deserialization in CVE-2025-11157 (CVE-2025-11157)
vulnerability in CVE-2025-11157 (CVE-2025-11157). Successful exploitation can lead to full system takeover.
CVE-2025-2155 Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
Unrestricted Upload of File with Dangerous Type vulnerability in Echo Call Center Services Trade...
CVE-2023-53888 Code Injection in zomp (CVE-2023-53888)
code injection in zomp (CVE-2023-53888). Successful exploitation can lead to full system takeover.
CVE-2025-34291 KEV [KEV] Vulnerability in langflow (CVE-2025-34291)
vulnerability in langflow (CVE-2025-34291). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `1.7.0` or later.
CVE-2025-63258 Command Injection in CVE-2025-63258 (CVE-2025-63258)
command injection in CVE-2025-63258 (CVE-2025-63258). Risk of unauthorized operations or information disclosure.
CVE-2025-56399 Code Injection in laravel (CVE-2025-56399)
code injection in laravel (CVE-2025-56399). Successful exploitation can lead to full system takeover.
CVE-2025-55752 Vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752)
vulnerability in org.apache.tomcat:tomcat (CVE-2025-55752). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `9.0.109, 10.1.45, 11.0.11` or later.
CVE-2025-54236 KEV [KEV] Vulnerability in Adobe commerce (CVE-2025-54236)
vulnerability in Adobe commerce (CVE-2025-54236). Confidential information can be exposed externally. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →