Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-54369 |
|
Vulnerability in privilege-escalation (CVE-2026-54369)
vulnerability in privilege-escalation (CVE-2026-54369). Confidential information can be exposed externally.
|
| CVE-2026-54371 |
|
Vulnerability in privilege-escalation (CVE-2026-54371)
vulnerability in privilege-escalation (CVE-2026-54371). Confidential information can be exposed externally.
|
| CVE-2026-25707 |
|
Vulnerability in path-traversal (CVE-2026-25707)
vulnerability in path-traversal (CVE-2026-25707). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58054 |
|
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when...
|
| CVE-2026-12415 |
|
Privilege Escalation in wordpress (CVE-2026-12415)
vulnerability in wordpress (CVE-2026-12415). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55069 |
|
Vulnerability in privilege-escalation (CVE-2026-55069)
vulnerability in privilege-escalation (CVE-2026-55069). Confidential information can be exposed externally. Mitigation: upgrade to `1.3.24` or later.
|
| CVE-2026-46710 |
|
Vulnerability in privilege-escalation (CVE-2026-46710)
vulnerability in privilege-escalation (CVE-2026-46710). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `8.9.6` or later.
|
| CVE-2026-57518 |
|
Vulnerability in privilege-escalation (CVE-2026-57518)
vulnerability in privilege-escalation (CVE-2026-57518). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9640 |
|
Authorization Flaw in privilege-escalation (CVE-2026-9640)
vulnerability in privilege-escalation (CVE-2026-9640). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56030 |
|
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
Unauthenticated Privilege Escalation in Paytium <= 5.0.2 versions.
|
| CVE-2026-56028 |
|
Vulnerability in privilege-escalation (CVE-2026-56028)
vulnerability in privilege-escalation (CVE-2026-56028). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56033 |
|
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
Unauthenticated Privilege Escalation in Dokan Pro <= 5.0.4 versions.
|
| CVE-2026-56038 |
|
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
Contributor Privilege Escalation in Frisbii Pay <= 1.8.2 versions.
|
| CVE-2026-56008 |
|
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions.
|
| CVE-2026-56010 |
|
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions.
|
| CVE-2026-40702 |
|
Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
|
| CVE-2026-11800 |
|
Vulnerability in privilege-escalation (CVE-2026-11800)
vulnerability in privilege-escalation (CVE-2026-11800). Confidential information can be exposed externally.
|
| CVE-2026-57520 |
|
Vulnerability in privilege-escalation (CVE-2026-57520)
vulnerability in privilege-escalation (CVE-2026-57520). Data can be tampered with by attackers.
|
| CVE-2026-54573 |
|
Authorization Flaw in privilege-escalation (CVE-2026-54573)
vulnerability in privilege-escalation (CVE-2026-54573). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0` or later.
|
| CVE-2026-57589 |
|
Use-After-Free in c (CVE-2026-57589)
vulnerability in c (CVE-2026-57589). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52943 |
|
Vulnerability in privilege-escalation (CVE-2026-52943)
vulnerability in privilege-escalation (CVE-2026-52943). Successful exploitation can lead to full system takeover.
|
| CVE-2026-4297 |
|
Vulnerability in wordpress (CVE-2026-4297)
vulnerability in wordpress (CVE-2026-4297). Successful exploitation can lead to full system takeover.
|
| CVE-2026-12417 |
|
Vulnerability in wordpress (CVE-2026-12417)
vulnerability in wordpress (CVE-2026-12417). Successful exploitation can lead to full system takeover. Exploitable via ``wp_ajax_nopriv_pravel_change_password``.
|
| CVE-2026-12112 |
|
Authentication Bypass in privilege-escalation (CVE-2026-12112)
authentication bypass in privilege-escalation (CVE-2026-12112). Successful exploitation can lead to full system takeover.
|
| CVE-2026-55736 |
|
Vulnerability in privilege-escalation (CVE-2026-55736)
vulnerability in privilege-escalation (CVE-2026-55736). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56694 |
|
Authorization Flaw in privilege-escalation (CVE-2026-56694)
vulnerability in privilege-escalation (CVE-2026-56694). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56693 |
|
Vulnerability in privilege-escalation (CVE-2026-56693)
vulnerability in privilege-escalation (CVE-2026-56693). Data can be tampered with by attackers.
|
| CVE-2026-56402 |
|
Vulnerability in privilege-escalation (CVE-2026-56402)
vulnerability in privilege-escalation (CVE-2026-56402). Data can be tampered with by attackers.
|
| CVE-2026-54099 |
|
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container...
|
| CVE-2026-56239 |
|
Privilege Escalation in privilege-escalation (CVE-2026-56239)
vulnerability in privilege-escalation (CVE-2026-56239). Data can be tampered with by attackers.
|
| CVE-2026-12673 |
|
Vulnerability in privilege-escalation (CVE-2026-12673)
vulnerability in privilege-escalation (CVE-2026-12673). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11551 |
|
Vulnerability in wordpress (CVE-2026-11551)
vulnerability in wordpress (CVE-2026-11551). Successful exploitation can lead to full system takeover.
|
| CVE-2026-23879 |
|
Vulnerability in py7zr (CVE-2026-23879)
vulnerability in py7zr (CVE-2026-23879). Successful exploitation can lead to full system takeover. Exploitable via ``py7zr``. Mitigation: upgrade to `1.1.3` or later.
|
| CVE-2020-37254 |
|
Vulnerability in privilege-escalation (CVE-2020-37254)
vulnerability in privilege-escalation (CVE-2020-37254). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20090 |
|
Vulnerability in privilege-escalation (CVE-2016-20090)
vulnerability in privilege-escalation (CVE-2016-20090). Successful exploitation can lead to full system takeover.
|
| CVE-2016-20092 |
|
Vulnerability in privilege-escalation (CVE-2016-20092)
vulnerability in privilege-escalation (CVE-2016-20092). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56142 |
|
Vulnerability in privilege-escalation (CVE-2026-56142)
vulnerability in privilege-escalation (CVE-2026-56142). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47833 |
|
Vulnerability in privilege-escalation (CVE-2026-47833)
vulnerability in privilege-escalation (CVE-2026-47833). Confidential information can be exposed externally.
|
| CVE-2026-49252 |
|
Vulnerability in @deepstream/server (CVE-2026-49252)
vulnerability in @deepstream/server (CVE-2026-49252). Confidential information can be exposed externally. Exploitable via ``__proto__``. Mitigation: upgrade to `10.0.5` or later.
|
| CVE-2026-11958 |
|
Vulnerability in c (CVE-2026-11958)
vulnerability in c (CVE-2026-11958). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-55201 |
|
Path Traversal in path-traversal (CVE-2026-55201)
path traversal in path-traversal (CVE-2026-55201). Confidential information can be exposed externally.
|
| CVE-2026-48821 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2026-48821)
cross-site scripting in privilege-escalation (CVE-2026-48821). Confidential information can be exposed externally.
|
| CVE-2026-54805 |
|
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
Subscriber Privilege Escalation in Falang multilanguage <= 1.4.2 versions.
|
| CVE-2026-54803 |
|
Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions.
Subscriber Privilege Escalation in SMS Alert Order Notifications <= 3.9.4 versions.
|
| CVE-2026-54807 |
|
Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions.
Unauthenticated Privilege Escalation in Registration Form for WooCommerce <= 1.0.9 versions.
|
| CVE-2026-54196 |
|
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
Subscriber Privilege Escalation in JetFormBuilder <= 3.6.1 versions.
|
| CVE-2026-49058 |
|
Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions.
Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions.
|
| CVE-2026-39546 |
|
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
Subscriber Privilege Escalation in MultiLoca <= 4.2.15 versions.
|
| CVE-2026-27395 |
|
Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.
Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions.
|
| CVE-2026-12448 |
|
Privilege Escalation in privilege-escalation (CVE-2026-12448)
vulnerability in privilege-escalation (CVE-2026-12448). Successful exploitation can lead to full system takeover.
|