Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-13373 Cross-Site Scripting (XSS) in CVE-2026-13373 (CVE-2026-13373)
cross-site scripting in CVE-2026-13373 (CVE-2026-13373). Risk of unauthorized operations or information disclosure.
CVE-2026-13371 Unsafe Deserialization in deserialization (CVE-2026-13371)
vulnerability in deserialization (CVE-2026-13371). Risk of unauthorized operations or information disclosure.
CVE-2026-13368 Use-After-Free in CVE-2026-13368 (CVE-2026-13368)
vulnerability in CVE-2026-13368 (CVE-2026-13368). Risk of unauthorized operations or information disclosure.
CVE-2026-13722 Vulnerability in CVE-2026-13722 (CVE-2026-13722)
vulnerability in CVE-2026-13722 (CVE-2026-13722). Risk of unauthorized operations or information disclosure.
CVE-2026-13376 Cross-Site Scripting (XSS) in CVE-2026-13376 (CVE-2026-13376)
cross-site scripting in CVE-2026-13376 (CVE-2026-13376). Risk of unauthorized operations or information disclosure.
CVE-2026-13375 Cross-Site Scripting (XSS) in CVE-2026-13375 (CVE-2026-13375)
cross-site scripting in CVE-2026-13375 (CVE-2026-13375). Risk of unauthorized operations or information disclosure.
CVE-2026-13053 Out-of-Bounds Write in CVE-2026-13053 (CVE-2026-13053)
out-of-bounds write in CVE-2026-13053 (CVE-2026-13053). Risk of unauthorized operations or information disclosure.
CVE-2026-13054 Path Traversal in path-traversal (CVE-2026-13054)
path traversal in path-traversal (CVE-2026-13054). Risk of unauthorized operations or information disclosure.
CVE-2026-13050 Out-of-Bounds Write in CVE-2026-13050 (CVE-2026-13050)
out-of-bounds write in CVE-2026-13050 (CVE-2026-13050). Risk of unauthorized operations or information disclosure.
CVE-2026-13079 Vulnerability in privilege-escalation (CVE-2026-13079)
vulnerability in privilege-escalation (CVE-2026-13079). Risk of unauthorized operations or information disclosure.
CVE-2026-13084 Vulnerability in dos (CVE-2026-13084)
vulnerability in dos (CVE-2026-13084). Risk of unauthorized operations or information disclosure.
CVE-2026-57100 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-57100)
SSRF in ssrf (CVE-2026-57100). Successful exploitation can lead to full system takeover.
CVE-2026-54998 Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate...
CVE-2026-45499 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-45499)
SSRF in ssrf (CVE-2026-45499). Successful exploitation can lead to full system takeover.
CVE-2026-41106 Open Redirect in microsoft (CVE-2026-41106)
vulnerability in microsoft (CVE-2026-41106). Confidential information can be exposed externally.
CVE-2026-26145 Vulnerability in microsoft (CVE-2026-26145)
vulnerability in microsoft (CVE-2026-26145). Confidential information can be exposed externally.
CVE-2026-50722 Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly...
CVE-2026-50721 Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify...
CVE-2026-12413 An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart....
An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart....
CVE-2026-52192 Vulnerability in dos (CVE-2026-52192)
vulnerability in dos (CVE-2026-52192). Risk of unauthorized operations or information disclosure.
CVE-2026-52189 Vulnerability in dos (CVE-2026-52189)
vulnerability in dos (CVE-2026-52189). Risk of unauthorized operations or information disclosure.
CVE-2026-38972 Vulnerability in c (CVE-2026-38972)
vulnerability in c (CVE-2026-38972). Successful exploitation can lead to full system takeover.
CVE-2026-38970 Vulnerability in CVE-2026-38970 (CVE-2026-38970)
vulnerability in CVE-2026-38970 (CVE-2026-38970). Risk of unauthorized operations or information disclosure.
CVE-2026-52188 Buffer Overflow in dos (CVE-2026-52188)
vulnerability in dos (CVE-2026-52188). Risk of unauthorized operations or information disclosure.
CVE-2026-38971 Out-of-Bounds Read in cpp (CVE-2026-38971)
vulnerability in cpp (CVE-2026-38971). Confidential information can be exposed externally.
CVE-2026-58460 Path Traversal in react (CVE-2026-58460)
path traversal in react (CVE-2026-58460). Data can be tampered with by attackers.
CVE-2026-52191 Vulnerability in dos (CVE-2026-52191)
vulnerability in dos (CVE-2026-52191). Risk of unauthorized operations or information disclosure.
CVE-2026-59102 Cross-Site Scripting (XSS) in vue (CVE-2026-59102)
cross-site scripting in vue (CVE-2026-59102). Risk of unauthorized operations or information disclosure.
CVE-2026-38968 Vulnerability in cpp (CVE-2026-38968)
vulnerability in cpp (CVE-2026-38968). Successful exploitation can lead to full system takeover.
CVE-2026-59100 Vulnerability in CVE-2026-59100 (CVE-2026-59100)
vulnerability in CVE-2026-59100 (CVE-2026-59100). Risk of unauthorized operations or information disclosure.
CVE-2026-38969 Vulnerability in CVE-2026-38969 (CVE-2026-38969)
vulnerability in CVE-2026-38969 (CVE-2026-38969). Data can be tampered with by attackers.
CVE-2026-59101 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59101)
SSRF in ssrf (CVE-2026-59101). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v1/setup/test-downloader`.
CVE-2026-59095 SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-59095)
SSRF in ssrf (CVE-2026-59095). Confidential information can be exposed externally.
CVE-2026-59099 Vulnerability in CVE-2026-59099 (CVE-2026-59099)
vulnerability in CVE-2026-59099 (CVE-2026-59099). Confidential information can be exposed externally.
CVE-2026-59097 Vulnerability in CVE-2026-59097 (CVE-2026-59097)
vulnerability in CVE-2026-59097 (CVE-2026-59097). Risk of unauthorized operations or information disclosure.
CVE-2026-59098 Vulnerability in CVE-2026-59098 (CVE-2026-59098)
vulnerability in CVE-2026-59098 (CVE-2026-59098). Confidential information can be exposed externally.
CVE-2026-59096 Vulnerability in CVE-2026-59096 (CVE-2026-59096)
vulnerability in CVE-2026-59096 (CVE-2026-59096). Data can be tampered with by attackers. Exploitable via `Host header`.
CVE-2026-58578 Vulnerability in dos (CVE-2026-58578)
vulnerability in dos (CVE-2026-58578). Risk of unauthorized operations or information disclosure.
CVE-2026-58579 Cross-Site Scripting (XSS) in CVE-2026-58579 (CVE-2026-58579)
cross-site scripting in CVE-2026-58579 (CVE-2026-58579). Risk of unauthorized operations or information disclosure.
CVE-2026-59093 Vulnerability in weaviate (CVE-2026-59093)
vulnerability in weaviate (CVE-2026-59093). Successful exploitation can lead to full system takeover. Exploitable via `POST /authz/users/{id}/assign`.
CVE-2026-59094 Vulnerability in CVE-2026-59094 (CVE-2026-59094)
vulnerability in CVE-2026-59094 (CVE-2026-59094). Risk of unauthorized operations or information disclosure.
CVE-2026-58580 Vulnerability in CVE-2026-58580 (CVE-2026-58580)
vulnerability in CVE-2026-58580 (CVE-2026-58580). Data can be tampered with by attackers.
CVE-2026-59092 Vulnerability in dos (CVE-2026-59092)
vulnerability in dos (CVE-2026-59092). Confidential information can be exposed externally.
CVE-2026-58381 Vulnerability in dos (CVE-2026-58381)
vulnerability in dos (CVE-2026-58381). Risk of unauthorized operations or information disclosure.
CVE-2026-58467 Path Traversal in nginx (CVE-2026-58467)
path traversal in nginx (CVE-2026-58467). Confidential information can be exposed externally.
CVE-2026-58466 Vulnerability in CVE-2026-58466 (CVE-2026-58466)
vulnerability in CVE-2026-58466 (CVE-2026-58466). Successful exploitation can lead to full system takeover.
CVE-2025-71385 Cross-Site Scripting (XSS) in netdata (CVE-2025-71385)
cross-site scripting in netdata (CVE-2025-71385). Risk of unauthorized operations or information disclosure.
CVE-2026-52187 Vulnerability in dos (CVE-2026-52187)
vulnerability in dos (CVE-2026-52187). Risk of unauthorized operations or information disclosure.
CVE-2026-49360 Vulnerability in recce (CVE-2026-49360)
vulnerability in recce (CVE-2026-49360). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.50.0` or later.
CVE-2026-49353 Vulnerability in 9router (CVE-2026-49353)
vulnerability in 9router (CVE-2026-49353). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/mcp/`.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →