Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-288 Clear
ID Title
CVE-2026-42735 Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare...
CVE-2026-42745 Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
Authentication Bypass Using an Alternate Path or Channel vulnerability in ZAYTECH Smart Online...
CVE-2025-68711 Vulnerability in c (CVE-2025-68711)
vulnerability in c (CVE-2025-68711). Risk of unauthorized operations or information disclosure.
CVE-2025-68708 Vulnerability in c (CVE-2025-68708)
vulnerability in c (CVE-2025-68708). Risk of unauthorized operations or information disclosure.
CVE-2025-68710 Vulnerability in c (CVE-2025-68710)
vulnerability in c (CVE-2025-68710). Risk of unauthorized operations or information disclosure.
CVE-2026-45217 Vulnerability in CVE-2026-45217 (CVE-2026-45217)
vulnerability in CVE-2026-45217 (CVE-2026-45217). Risk of unauthorized operations or information disclosure.
CVE-2026-33843 Vulnerability in microsoft (CVE-2026-33843)
vulnerability in microsoft (CVE-2026-33843). Confidential information can be exposed externally.
CVE-2026-24206 Vulnerability in dos (CVE-2026-24206)
vulnerability in dos (CVE-2026-24206). Risk of unauthorized operations or information disclosure.
CVE-2026-24207 Vulnerability in dos (CVE-2026-24207)
vulnerability in dos (CVE-2026-24207). Successful exploitation can lead to full system takeover.
CVE-2026-8598 Vulnerability in cisa (CVE-2026-8598)
vulnerability in cisa (CVE-2026-8598). Confidential information can be exposed externally.
CVE-2026-45577 Vulnerability in neotoma (CVE-2026-45577)
vulnerability in neotoma (CVE-2026-45577). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.11.1` or later.
CVE-2026-4320 Vulnerability in privilege-escalation (CVE-2026-4320)
vulnerability in privilege-escalation (CVE-2026-4320). Risk of unauthorized operations or information disclosure.
CVE-2026-4524 Vulnerability in gitlab (CVE-2026-4524)
vulnerability in gitlab (CVE-2026-4524). Confidential information can be exposed externally. Mitigation: upgrade to `18.9.7, 18.10.6, 18.11.3` or later.
CVE-2026-40621 Vulnerability in CVE-2026-40621 (CVE-2026-40621)
vulnerability in CVE-2026-40621 (CVE-2026-40621). Successful exploitation can lead to full system takeover.
CVE-2026-35422 Vulnerability in microsoft (CVE-2026-35422)
vulnerability in microsoft (CVE-2026-35422). Data can be tampered with by attackers.
CVE-2026-42300 Vulnerability in github.com/l3montree-dev/devguard (CVE-2026-42300)
vulnerability in github.com/l3montree-dev/devguard (CVE-2026-42300). Risk of unauthorized operations or information disclosure. Exploitable via ``SessionMiddleware``. Mitigation: upgrade to `1.2.2` or later.
CVE-2026-42303 Vulnerability in ethyca-fides (CVE-2026-42303)
vulnerability in ethyca-fides (CVE-2026-42303). Risk of unauthorized operations or information disclosure. Exploitable via ``true``. Mitigation: upgrade to `2.83.2` or later.
CVE-2026-8321 A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function...
A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function...
CVE-2026-45109 Vulnerability in next (CVE-2026-45109)
vulnerability in next (CVE-2026-45109). Confidential information can be exposed externally. Exploitable via ``middleware.ts``. Mitigation: upgrade to `16.2.6` or later.
CVE-2026-44575 Vulnerability in next (CVE-2026-44575)
vulnerability in next (CVE-2026-44575). Confidential information can be exposed externally. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-44574 Vulnerability in next (CVE-2026-44574)
vulnerability in next (CVE-2026-44574). Confidential information can be exposed externally. Mitigation: upgrade to `16.2.5` or later.
CVE-2026-41308 Vulnerability in pwpush (CVE-2026-41308)
vulnerability in pwpush (CVE-2026-41308). Risk of unauthorized operations or information disclosure.
CVE-2026-40022 Vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022)
vulnerability in org.apache.camel:camel-platform-http-main (CVE-2026-40022). Confidential information can be exposed externally. Mitigation: upgrade to `4.20.0` or later.
CVE-2026-3605 Vulnerability in hashicorp (CVE-2026-3605)
vulnerability in hashicorp (CVE-2026-3605). Data can be tampered with by attackers.
CVE-2026-34040 Vulnerability in github.com/moby/moby (CVE-2026-34040)
vulnerability in github.com/moby/moby (CVE-2026-34040). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `29.3.1` or later.
CVE-2026-4700 Vulnerability in mozilla (CVE-2026-4700)
vulnerability in mozilla (CVE-2026-4700). Successful exploitation can lead to full system takeover.
CVE-2025-70082 OS Command Injection in lantronix (CVE-2025-70082)
OS command injection in lantronix (CVE-2025-70082). Successful exploitation can lead to full system takeover.
CVE-2025-67039 Vulnerability in lantronix (CVE-2025-67039)
vulnerability in lantronix (CVE-2025-67039). Confidential information can be exposed externally. Exploitable via `Authorization header`.
CVE-2025-67041 OS Command Injection in lantronix (CVE-2025-67041)
OS command injection in lantronix (CVE-2025-67041). Successful exploitation can lead to full system takeover.
CVE-2026-1603 KEV [KEV] Vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603)
vulnerability in Ivanti endpoint-manager-epm (CVE-2026-1603). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2026-2775 Vulnerability in mozilla (CVE-2026-2775)
vulnerability in mozilla (CVE-2026-2775). Successful exploitation can lead to full system takeover.
CVE-2026-1618 Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc....
Authentication Bypass Using an Alternate Path or Channel vulnerability in Universal Software Inc....
CVE-2026-24858 KEV [KEV] Vulnerability in Fortinet multiple-products (CVE-2026-24858)
vulnerability in Fortinet multiple-products (CVE-2026-24858). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2026-23760 KEV [KEV] Vulnerability in Smartertools smartermail (CVE-2026-23760)
vulnerability in Smartertools smartermail (CVE-2026-23760). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-34026 KEV [KEV] Vulnerability in Versa concerto (CVE-2025-34026)
vulnerability in Versa concerto (CVE-2025-34026). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2746 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2746)
vulnerability in Kentico xperience-cms (CVE-2025-2746). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-2747 KEV [KEV] Vulnerability in Kentico xperience-cms (CVE-2025-2747)
vulnerability in Kentico xperience-cms (CVE-2025-2747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-22862 Vulnerability in fortinet (CVE-2025-22862)
vulnerability in fortinet (CVE-2025-22862). Successful exploitation can lead to full system takeover.
CVE-2025-57819 KEV [KEV] SQL Injection in Sangoma freepbx (CVE-2025-57819)
SQL injection in Sangoma freepbx (CVE-2025-57819). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2025-51452 Vulnerability in totolink (CVE-2025-51452)
vulnerability in totolink (CVE-2025-51452). Successful exploitation can lead to full system takeover.
CVE-2025-4427 KEV [KEV] Vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427)
vulnerability in Ivanti endpoint-manager-mobile-epmm (CVE-2025-4427). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-24472 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2025-24472). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2024-55591 KEV [KEV] Vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591)
vulnerability in Fortinet fortios-and-fortiproxy (CVE-2024-55591). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
CVE-2024-6684 Vulnerability in CVE-2024-6684 (CVE-2024-6684)
vulnerability in CVE-2024-6684 (CVE-2024-6684). Risk of unauthorized operations or information disclosure.
CVE-2024-5620 Vulnerability in CVE-2024-5620 (CVE-2024-5620)
vulnerability in CVE-2024-5620 (CVE-2024-5620). Risk of unauthorized operations or information disclosure.
CVE-2023-37057 Vulnerability in CVE-2023-37057 (CVE-2023-37057)
vulnerability in CVE-2023-37057 (CVE-2023-37057). Successful exploitation can lead to full system takeover.
CVE-2024-26566 Vulnerability in iscute (CVE-2024-26566)
vulnerability in iscute (CVE-2024-26566). Data can be tampered with by attackers.
CVE-2024-27198 KEV [KEV] Vulnerability in Jetbrains teamcity (CVE-2024-27198)
vulnerability in Jetbrains teamcity (CVE-2024-27198). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2024-1709 KEV [KEV] Vulnerability in Connectwise screenconnect (CVE-2024-1709)
vulnerability in Connectwise screenconnect (CVE-2024-1709). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-46747 KEV [KEV] Vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747)
vulnerability in F5 big-ip-configuration-utility (CVE-2023-46747). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →