Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57981 |
|
Use-After-Free in microsoft (CVE-2026-57981)
vulnerability in microsoft (CVE-2026-57981). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27660 |
|
Vulnerability in CVE-2026-27660 (CVE-2026-27660)
vulnerability in CVE-2026-27660 (CVE-2026-27660). Data can be tampered with by attackers.
|
| CVE-2026-26307 |
|
Vulnerability in CVE-2026-26307 (CVE-2026-26307)
vulnerability in CVE-2026-26307 (CVE-2026-26307). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25782 |
|
Vulnerability in CVE-2026-25782 (CVE-2026-25782)
vulnerability in CVE-2026-25782 (CVE-2026-25782). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25718 |
|
Vulnerability in CVE-2026-25718 (CVE-2026-25718)
vulnerability in CVE-2026-25718 (CVE-2026-25718). Confidential information can be exposed externally.
|
| CVE-2026-25712 |
|
Vulnerability in CVE-2026-25712 (CVE-2026-25712)
vulnerability in CVE-2026-25712 (CVE-2026-25712). Confidential information can be exposed externally.
|
| CVE-2026-14611 |
|
Information Disclosure in CVE-2026-14611 (CVE-2026-14611)
vulnerability in CVE-2026-14611 (CVE-2026-14611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-24690 |
|
Vulnerability in CVE-2026-24690 (CVE-2026-24690)
vulnerability in CVE-2026-24690 (CVE-2026-24690). Data can be tampered with by attackers.
|
| CVE-2026-26232 |
|
Vulnerability in CVE-2026-26232 (CVE-2026-26232)
vulnerability in CVE-2026-26232 (CVE-2026-26232). Confidential information can be exposed externally.
|
| CVE-2026-20909 |
|
Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
Gitea versions before 1.25.5 have insufficient permission checks when listing tracked time entries.
|
| CVE-2026-27657 |
|
Gitea versions before 1.25.5 allow a user to change another user's primary email address.
Gitea versions before 1.25.5 allow a user to change another user's primary email address.
|
| CVE-2026-26292 |
|
Vulnerability in CVE-2026-26292 (CVE-2026-26292)
vulnerability in CVE-2026-26292 (CVE-2026-26292). Successful exploitation can lead to full system takeover.
|
| CVE-2026-26247 |
|
Vulnerability in CVE-2026-26247 (CVE-2026-26247)
vulnerability in CVE-2026-26247 (CVE-2026-26247). Confidential information can be exposed externally.
|
| CVE-2026-22547 |
|
Vulnerability in CVE-2026-22547 (CVE-2026-22547)
vulnerability in CVE-2026-22547 (CVE-2026-22547). Confidential information can be exposed externally.
|
| CVE-2026-14610 |
|
Buffer Overflow in cpp (CVE-2026-14610)
vulnerability in cpp (CVE-2026-14610). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14609 |
|
Vulnerability in CVE-2026-14609 (CVE-2026-14609)
vulnerability in CVE-2026-14609 (CVE-2026-14609). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12481 |
|
Unsafe Deserialization in deserialization (CVE-2026-12481)
vulnerability in deserialization (CVE-2026-12481). Successful exploitation can lead to full system takeover. Exploitable via ``Lambda``.
|
| CVE-2026-58426 |
|
Vulnerability in CVE-2026-58426 (CVE-2026-58426)
vulnerability in CVE-2026-58426 (CVE-2026-58426). Confidential information can be exposed externally.
|
| CVE-2026-58424 |
|
Permanent Fork PR Workflow Approval Gate Bypass
Permanent Fork PR Workflow Approval Gate Bypass
|
| CVE-2026-58423 |
|
Authentication Bypass in CVE-2026-58423 (CVE-2026-58423)
authentication bypass in CVE-2026-58423 (CVE-2026-58423). Confidential information can be exposed externally.
|
| CVE-2026-58422 |
|
Vulnerability in CVE-2026-58422 (CVE-2026-58422)
vulnerability in CVE-2026-58422 (CVE-2026-58422). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58421 |
|
Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
Unauthenticated ReDoS via CODEOWNERS pattern matching allows denial of service
|
| CVE-2026-58419 |
|
Notification API leaks private issue metadata after access revocation
Notification API leaks private issue metadata after access revocation
|
| CVE-2026-58418 |
|
SSRF via HTTP Redirect in Repository Migration
SSRF via HTTP Redirect in Repository Migration
|
| CVE-2026-28740 |
|
Vulnerability in CVE-2026-28740 (CVE-2026-28740)
vulnerability in CVE-2026-28740 (CVE-2026-28740). Confidential information can be exposed externally.
|
| CVE-2026-27775 |
|
Authorization Flaw in CVE-2026-27775 (CVE-2026-27775)
vulnerability in CVE-2026-27775 (CVE-2026-27775). Successful exploitation can lead to full system takeover.
|
| CVE-2026-27771 |
|
Vulnerability in CVE-2026-27771 (CVE-2026-27771)
vulnerability in CVE-2026-27771 (CVE-2026-27771). Confidential information can be exposed externally.
|
| CVE-2026-27761 |
|
Authorization Flaw in CVE-2026-27761 (CVE-2026-27761)
vulnerability in CVE-2026-27761 (CVE-2026-27761). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-25038 |
|
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
Gitea 1.26.2 allows unauthorized users to access labels of private organizations.
|
| CVE-2026-24451 |
|
Information Disclosure in CVE-2026-24451 (CVE-2026-24451)
vulnerability in CVE-2026-24451 (CVE-2026-24451). Confidential information can be exposed externally.
|
| CVE-2026-22874 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-22874)
SSRF in ssrf (CVE-2026-22874). Confidential information can be exposed externally.
|
| CVE-2026-20896 |
|
Vulnerability in CVE-2026-20896 (CVE-2026-20896)
vulnerability in CVE-2026-20896 (CVE-2026-20896). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20779 |
|
Vulnerability in CVE-2026-20779 (CVE-2026-20779)
vulnerability in CVE-2026-20779 (CVE-2026-20779). Confidential information can be exposed externally.
|
| CVE-2026-14355 |
|
Vulnerability in CVE-2026-14355 (CVE-2026-14355)
vulnerability in CVE-2026-14355 (CVE-2026-14355). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14608 |
|
Vulnerability in CVE-2026-14608 (CVE-2026-14608)
vulnerability in CVE-2026-14608 (CVE-2026-14608). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14607 |
|
Buffer Overflow in c (CVE-2026-14607)
vulnerability in c (CVE-2026-14607). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14606 |
|
Buffer Overflow in CVE-2026-14606 (CVE-2026-14606)
vulnerability in CVE-2026-14606 (CVE-2026-14606). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14605 |
|
Buffer Overflow in CVE-2026-14605 (CVE-2026-14605)
vulnerability in CVE-2026-14605 (CVE-2026-14605). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58379 |
|
Vulnerability in dos (CVE-2026-58379)
vulnerability in dos (CVE-2026-58379). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14604 |
|
Buffer Overflow in cpp (CVE-2026-14604)
vulnerability in cpp (CVE-2026-14604). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14631 |
|
Vulnerability in webpackjs (CVE-2026-14631)
vulnerability in webpackjs (CVE-2026-14631). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`.
|
| CVE-2026-14620 |
|
Cross-Site Request Forgery (CSRF) in webpackjs (CVE-2026-14620)
vulnerability in webpackjs (CVE-2026-14620). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14615 |
|
Vulnerability in CVE-2026-14615 (CVE-2026-14615)
vulnerability in CVE-2026-14615 (CVE-2026-14615). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14614 |
|
Vulnerability in CVE-2026-14614 (CVE-2026-14614)
vulnerability in CVE-2026-14614 (CVE-2026-14614). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14613 |
|
Vulnerability in CVE-2026-14613 (CVE-2026-14613)
vulnerability in CVE-2026-14613 (CVE-2026-14613). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-14612 |
|
Out-of-Bounds Write in dos (CVE-2026-14612)
out-of-bounds write in dos (CVE-2026-14612). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49815 |
|
OS Command Injection in dell (CVE-2026-49815)
OS command injection in dell (CVE-2026-49815). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49814 |
|
OS Command Injection in dell (CVE-2026-49814)
OS command injection in dell (CVE-2026-49814). Successful exploitation can lead to full system takeover.
|
| CVE-2026-53478 |
|
OS Command Injection in dell (CVE-2026-53478)
OS command injection in dell (CVE-2026-53478). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14460 |
|
Vulnerability in CVE-2026-14460 (CVE-2026-14460)
vulnerability in CVE-2026-14460 (CVE-2026-14460). Successful exploitation can lead to full system takeover.
|