Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-57290 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57290)
vulnerability in csrf (CVE-2026-57290). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57295 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57295)
vulnerability in csrf (CVE-2026-57295). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57292 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57292)
vulnerability in csrf (CVE-2026-57292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57283 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-57283)
vulnerability in csrf (CVE-2026-57283). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9724 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9724)
vulnerability in wordpress (CVE-2026-9724). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9721 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-9721)
vulnerability in wordpress (CVE-2026-9721). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8905 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8905)
vulnerability in wordpress (CVE-2026-8905). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6292 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-6292)
vulnerability in wordpress (CVE-2026-6292). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11997 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11997)
vulnerability in wordpress (CVE-2026-11997). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10552 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-10552)
vulnerability in wordpress (CVE-2026-10552). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52800 |
|
Cross-Site Request Forgery (CSRF) in gogs.io/gogs (CVE-2026-52800)
vulnerability in gogs.io/gogs (CVE-2026-52800). Successful exploitation can lead to full system takeover. Exploitable via ``TeamsAction``. Mitigation: upgrade to `0.14.3` or later.
|
| CVE-2026-50132 |
|
Vulnerability in @budibase/server (CVE-2026-50132)
vulnerability in @budibase/server (CVE-2026-50132). Confidential information can be exposed externally. Exploitable via `GET /api/chat-links/`. Mitigation: upgrade to `3.39.0` or later.
|
| CVE-2026-49871 |
|
Cross-Site Request Forgery (CSRF) in apache (CVE-2026-49871)
vulnerability in apache (CVE-2026-49871). Confidential information can be exposed externally.
|
| CVE-2026-11775 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11775)
vulnerability in wordpress (CVE-2026-11775). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56024 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-56024)
vulnerability in csrf (CVE-2026-56024). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54220 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-54220)
vulnerability in csrf (CVE-2026-54220). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55745 |
|
Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55745)
vulnerability in cotonti/cotonti (CVE-2026-55745). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55742 |
|
Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55742)
vulnerability in cotonti/cotonti (CVE-2026-55742). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55744 |
|
Cross-Site Request Forgery (CSRF) in cotonti/cotonti (CVE-2026-55744)
vulnerability in cotonti/cotonti (CVE-2026-55744). Confidential information can be exposed externally.
|
| CVE-2026-55741 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-55741)
vulnerability in csrf (CVE-2026-55741). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11784 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-11784)
vulnerability in wordpress (CVE-2026-11784). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9591 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-9591)
vulnerability in csrf (CVE-2026-9591). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-22342 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
|
| CVE-2024-34810 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-34810)
vulnerability in csrf (CVE-2024-34810). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-35648 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-35648)
vulnerability in csrf (CVE-2024-35648). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-46955 |
|
Cross-Site Scripting (XSS) in c (CVE-2026-46955)
cross-site scripting in c (CVE-2026-46955). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46894 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46894)
vulnerability in c (CVE-2026-46894). Successful exploitation can lead to full system takeover.
|
| CVE-2026-46869 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46869)
vulnerability in c (CVE-2026-46869). Confidential information can be exposed externally.
|
| CVE-2026-46787 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46787)
vulnerability in c (CVE-2026-46787). Confidential information can be exposed externally.
|
| CVE-2026-46785 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46785)
vulnerability in c (CVE-2026-46785). Confidential information can be exposed externally.
|
| CVE-2026-46786 |
|
Cross-Site Request Forgery (CSRF) in c (CVE-2026-46786)
vulnerability in c (CVE-2026-46786). Successful exploitation can lead to full system takeover.
|
| CVE-2026-49043 |
|
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
Unauthenticated Cross Site Request Forgery (CSRF) in WP Migrate Lite <= 2.7.8 versions.
|
| CVE-2026-48518 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-48518 (CVE-2026-48518)
vulnerability in CVE-2026-48518 (CVE-2026-48518). Risk of unauthorized operations or information disclosure. Exploitable via `POST /multi-juicer/api/teams/{team}/join`.
|
| CVE-2026-53663 |
|
Cross-Site Request Forgery (CSRF) in react-router (CVE-2026-53663)
vulnerability in react-router (CVE-2026-53663). Risk of unauthorized operations or information disclosure. Exploitable via ``createBrowserRouter``. Mitigation: upgrade to `7.15.1` or later.
|
| CVE-2016-20083 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20083)
vulnerability in wordpress (CVE-2016-20083). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20074 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20074)
vulnerability in wordpress (CVE-2016-20074). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-20067 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2016-20067)
vulnerability in wordpress (CVE-2016-20067). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54359 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-54359 (CVE-2026-54359)
vulnerability in CVE-2026-54359 (CVE-2026-54359). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48612 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-48612 (CVE-2026-48612)
vulnerability in CVE-2026-48612 (CVE-2026-48612). Successful exploitation can lead to full system takeover.
|
| CVE-2022-47150 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-47150)
vulnerability in csrf (CVE-2022-47150). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-44630 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-44630)
vulnerability in csrf (CVE-2022-44630). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-32110 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-32110)
vulnerability in csrf (CVE-2024-32110). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53739 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-53739 (CVE-2026-53739)
vulnerability in CVE-2026-53739 (CVE-2026-53739). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-53736 |
|
Cross-Site Request Forgery (CSRF) in CVE-2026-53736 (CVE-2026-53736)
vulnerability in CVE-2026-53736 (CVE-2026-53736). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49396 |
|
Cross-Site Request Forgery (CSRF) in github.com/nezhahq/nezha (CVE-2026-49396)
vulnerability in github.com/nezhahq/nezha (CVE-2026-49396). Data can be tampered with by attackers. Exploitable via `GET /api/v1/cron/`. Mitigation: upgrade to `2.0.14` or later.
|
| CVE-2025-58468 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-58468)
vulnerability in csrf (CVE-2025-58468). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-39170 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-39170)
vulnerability in csrf (CVE-2026-39170). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8909 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8909)
vulnerability in wordpress (CVE-2026-8909). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8902 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8902)
vulnerability in wordpress (CVE-2026-8902). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8904 |
|
Cross-Site Request Forgery (CSRF) in wordpress (CVE-2026-8904)
vulnerability in wordpress (CVE-2026-8904). Risk of unauthorized operations or information disclosure.
|