Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-35433 |
|
Vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433)
vulnerability in Microsoft.WindowsDesktop.App.Runtime.win-arm64 (CVE-2026-35433). Confidential information can be exposed externally. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-32175 |
|
Vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175)
vulnerability in Microsoft.NetCore.App.Runtime.win-arm (CVE-2026-32175). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `10.0.8` or later.
|
| CVE-2026-32177 |
|
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in .NET allows an unauthorized attacker to elevate privileges locally.
|
| CVE-2026-7432 |
|
Vulnerability in ivanti (CVE-2026-7432)
vulnerability in ivanti (CVE-2026-7432). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7431 |
|
Vulnerability in ivanti (CVE-2026-7431)
vulnerability in ivanti (CVE-2026-7431). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6297 |
|
Use-After-Free in Google chrome (CVE-2026-6297)
vulnerability in Google chrome (CVE-2026-6297). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32178 |
|
Vulnerability in dotnet (CVE-2026-32178)
vulnerability in dotnet (CVE-2026-32178). Confidential information can be exposed externally. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-26171 |
|
Vulnerability in dotnet (CVE-2026-26171)
vulnerability in dotnet (CVE-2026-26171). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.0.26, 9.0.15, 10.0.6` or later.
|
| CVE-2026-43941 |
|
Vulnerability in electerm (CVE-2026-43941)
vulnerability in electerm (CVE-2026-43941). Successful exploitation can lead to full system takeover. Exploitable via ``shell.openExternal``.
|
| CVE-2026-8018 |
|
Vulnerability in google (CVE-2026-8018)
vulnerability in google (CVE-2026-8018). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7989 |
|
Vulnerability in google (CVE-2026-7989)
vulnerability in google (CVE-2026-7989). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7979 |
|
Vulnerability in google (CVE-2026-7979)
vulnerability in google (CVE-2026-7979). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7959 |
|
Vulnerability in google (CVE-2026-7959)
vulnerability in google (CVE-2026-7959). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7946 |
|
Vulnerability in google (CVE-2026-7946)
vulnerability in google (CVE-2026-7946). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7932 |
|
Vulnerability in chromium (CVE-2026-7932)
vulnerability in chromium (CVE-2026-7932). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `148.0.7778.96-1~deb12u1` or later.
|
| CVE-2026-7916 |
|
Vulnerability in google (CVE-2026-7916)
vulnerability in google (CVE-2026-7916). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7910 |
|
Use-After-Free in google (CVE-2026-7910)
vulnerability in google (CVE-2026-7910). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7902 |
|
Out-of-Bounds Read in google (CVE-2026-7902)
vulnerability in google (CVE-2026-7902). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7572 |
|
Vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572)
vulnerability in www.velocidex.com/golang/velociraptor (CVE-2026-7572). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.76.5` or later.
|
| CVE-2026-42249 |
|
Path Traversal in path-traversal (CVE-2026-42249)
path traversal in path-traversal (CVE-2026-42249). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42248 |
|
Vulnerability in ollama (CVE-2026-42248)
vulnerability in ollama (CVE-2026-42248). Successful exploitation can lead to full system takeover.
|
| CVE-2026-32202 KEV |
|
[KEV] Vulnerability in Microsoft windows (CVE-2026-32202)
vulnerability in Microsoft windows (CVE-2026-32202). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-3087 |
|
Path Traversal in libpython (CVE-2026-3087)
path traversal in libpython (CVE-2026-3087). Data can be tampered with by attackers. Mitigation: upgrade to `3.14.5` or later.
|
| CVE-2026-6919 |
|
Use-After-Free in google (CVE-2026-6919)
vulnerability in google (CVE-2026-6919). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6920 |
|
Out-of-Bounds Read in google (CVE-2026-6920)
vulnerability in google (CVE-2026-6920). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6921 |
|
Vulnerability in google (CVE-2026-6921)
vulnerability in google (CVE-2026-6921). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33825 KEV |
|
[KEV] Vulnerability in Microsoft defender (CVE-2026-33825)
vulnerability in Microsoft defender (CVE-2026-33825). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-33518 |
|
Vulnerability in esri (CVE-2026-33518)
vulnerability in esri (CVE-2026-33518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33519 |
|
Vulnerability in esri (CVE-2026-33519)
vulnerability in esri (CVE-2026-33519). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6318 |
|
Use-After-Free in google (CVE-2026-6318)
vulnerability in google (CVE-2026-6318). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6314 |
|
Out-of-Bounds Write in google (CVE-2026-6314)
out-of-bounds write in google (CVE-2026-6314). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6317 |
|
Use-After-Free in google (CVE-2026-6317)
vulnerability in google (CVE-2026-6317). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6316 |
|
Use-After-Free in google (CVE-2026-6316)
vulnerability in google (CVE-2026-6316). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6312 |
|
Vulnerability in google (CVE-2026-6312)
vulnerability in google (CVE-2026-6312). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6308 |
|
Out-of-Bounds Read in google (CVE-2026-6308)
vulnerability in google (CVE-2026-6308). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6309 |
|
Use-After-Free in google (CVE-2026-6309)
vulnerability in google (CVE-2026-6309). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6310 |
|
Use-After-Free in google (CVE-2026-6310)
vulnerability in google (CVE-2026-6310). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6311 |
|
Vulnerability in google (CVE-2026-6311)
vulnerability in google (CVE-2026-6311). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6301 |
|
Vulnerability in google (CVE-2026-6301)
vulnerability in google (CVE-2026-6301). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6302 |
|
Use-After-Free in google (CVE-2026-6302)
vulnerability in google (CVE-2026-6302). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6304 |
|
Use-After-Free in google (CVE-2026-6304)
vulnerability in google (CVE-2026-6304). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6306 |
|
Vulnerability in google (CVE-2026-6306)
vulnerability in google (CVE-2026-6306). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6303 |
|
Use-After-Free in google (CVE-2026-6303)
vulnerability in google (CVE-2026-6303). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6305 |
|
Vulnerability in google (CVE-2026-6305)
vulnerability in google (CVE-2026-6305). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6296 |
|
Vulnerability in google (CVE-2026-6296)
vulnerability in google (CVE-2026-6296). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6299 |
|
Use-After-Free in google (CVE-2026-6299)
vulnerability in google (CVE-2026-6299). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6300 |
|
Use-After-Free in google (CVE-2026-6300)
vulnerability in google (CVE-2026-6300). Successful exploitation can lead to full system takeover.
|
| CVE-2026-6298 |
|
Vulnerability in google (CVE-2026-6298)
vulnerability in google (CVE-2026-6298). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-33414 |
|
OS Command Injection in podman-project (CVE-2026-33414)
OS command injection in podman-project (CVE-2026-33414). Successful exploitation can lead to full system takeover.
|
| CVE-2026-33116 |
|
Vulnerability in csharp (CVE-2026-33116)
vulnerability in csharp (CVE-2026-33116). Risk of unauthorized operations or information disclosure.
|