Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

ID Title
CVE-2026-14158 Unrestricted File Upload in wordpress (CVE-2026-14158)
vulnerability in wordpress (CVE-2026-14158). Successful exploitation can lead to full system takeover.
CVE-2025-49656 Vulnerability in jvn (CVE-2025-49656)
vulnerability in jvn (CVE-2025-49656). Risk of unauthorized operations or information disclosure.
CVE-2026-60002 Use-After-Free in CVE-2026-60002 (CVE-2026-60002)
vulnerability in CVE-2026-60002 (CVE-2026-60002). Confidential information can be exposed externally.
CVE-2026-60001 sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
CVE-2026-60000 Vulnerability in dos (CVE-2026-60000)
vulnerability in dos (CVE-2026-60000). Risk of unauthorized operations or information disclosure.
CVE-2026-59999 Vulnerability in CVE-2026-59999 (CVE-2026-59999)
vulnerability in CVE-2026-59999 (CVE-2026-59999). Data can be tampered with by attackers.
CVE-2026-59998 Vulnerability in CVE-2026-59998 (CVE-2026-59998)
vulnerability in CVE-2026-59998 (CVE-2026-59998). Risk of unauthorized operations or information disclosure.
CVE-2026-59997 Vulnerability in CVE-2026-59997 (CVE-2026-59997)
vulnerability in CVE-2026-59997 (CVE-2026-59997). Risk of unauthorized operations or information disclosure.
CVE-2026-59996 Vulnerability in CVE-2026-59996 (CVE-2026-59996)
vulnerability in CVE-2026-59996 (CVE-2026-59996). Risk of unauthorized operations or information disclosure.
CVE-2026-59995 Vulnerability in CVE-2026-59995 (CVE-2026-59995)
vulnerability in CVE-2026-59995 (CVE-2026-59995). Risk of unauthorized operations or information disclosure.
CVE-2026-56843 Vulnerability in c (CVE-2026-56843)
vulnerability in c (CVE-2026-56843). Successful exploitation can lead to full system takeover.
CVE-2026-53508 Vulnerability in github.com/oasdiff/oasdiff (CVE-2026-53508)
vulnerability in github.com/oasdiff/oasdiff (CVE-2026-53508). Risk of unauthorized operations or information disclosure. Exploitable via ``breaking``. Mitigation: upgrade to `1.18.1` or later.
CVE-2026-53572 Vulnerability in github.com/kedacore/keda/v2 (CVE-2026-53572)
vulnerability in github.com/kedacore/keda/v2 (CVE-2026-53572). Risk of unauthorized operations or information disclosure. Exploitable via ``host``. Mitigation: upgrade to `2.20.0` or later.
GHSA-f66q-9rf6-8795 Authentication Bypass in Flask-Security-Too (GHSA-f66q-9rf6-8795)
authentication bypass in Flask-Security-Too (GHSA-f66q-9rf6-8795). Risk of unauthorized operations or information disclosure. Exploitable via `POST /wan-verify`. Mitigation: upgrade to `5.8.1` or later.
CVE-2026-53553 Path Traversal in github.com/zhenorzz/goploy (CVE-2026-53553)
path traversal in github.com/zhenorzz/goploy (CVE-2026-53553). Risk of unauthorized operations or information disclosure. Exploitable via ``filePath``.
CVE-2026-53552 Vulnerability in github.com/zhenorzz/goploy (CVE-2026-53552)
vulnerability in github.com/zhenorzz/goploy (CVE-2026-53552). Risk of unauthorized operations or information disclosure. Exploitable via ``Project.AddFile``.
GHSA-q855-8rh5-jfgq Vulnerability in ha-mcp (GHSA-q855-8rh5-jfgq)
vulnerability in ha-mcp (GHSA-q855-8rh5-jfgq). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/settings/tools`. Mitigation: upgrade to `7.10.0` or later.
GHSA-cwv4-h3j5-w3cf Vulnerability in rama (GHSA-cwv4-h3j5-w3cf)
vulnerability in rama (GHSA-cwv4-h3j5-w3cf). Risk of unauthorized operations or information disclosure. Exploitable via ``ServeDir``. Mitigation: upgrade to `0.3.0-rc.1` or later.
CVE-2026-53533 Command Injection in aiosmtplib (CVE-2026-53533)
command injection in aiosmtplib (CVE-2026-53533). Risk of unauthorized operations or information disclosure. Exploitable via ``aiosmtplib``. Mitigation: upgrade to `5.1.1` or later.
CVE-2026-53487 Vulnerability in github.com/zxh326/kite (CVE-2026-53487)
vulnerability in github.com/zxh326/kite (CVE-2026-53487). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/overview`. Mitigation: upgrade to `0.12.3` or later.
GHSA-gq4g-fpc9-vjfq Vulnerability in web-auth/webauthn-lib (GHSA-gq4g-fpc9-vjfq)
vulnerability in web-auth/webauthn-lib (GHSA-gq4g-fpc9-vjfq). Risk of unauthorized operations or information disclosure. Exploitable via ``FakeCredentialGenerator``. Mitigation: upgrade to `5.3.5` or later.
CVE-2026-53531 Vulnerability in ratex-parser (CVE-2026-53531)
vulnerability in ratex-parser (CVE-2026-53531). Risk of unauthorized operations or information disclosure. Exploitable via ``SIGABRT``. Mitigation: upgrade to `0.1.11` or later.
CVE-2026-53530 Vulnerability in ratex-parser (CVE-2026-53530)
vulnerability in ratex-parser (CVE-2026-53530). Risk of unauthorized operations or information disclosure. Exploitable via ``parse_symbol_inner``. Mitigation: upgrade to `0.1.11` or later.
CVE-2026-59705 Vulnerability in CVE-2026-59705 (CVE-2026-59705)
vulnerability in CVE-2026-59705 (CVE-2026-59705). Successful exploitation can lead to full system takeover.
CVE-2026-59704 Vulnerability in CVE-2026-59704 (CVE-2026-59704)
vulnerability in CVE-2026-59704 (CVE-2026-59704). Confidential information can be exposed externally. Exploitable via `GET /api/video/ai`.
CVE-2026-51937 Vulnerability in CVE-2026-51937 (CVE-2026-51937)
vulnerability in CVE-2026-51937 (CVE-2026-51937). Risk of unauthorized operations or information disclosure.
CVE-2026-50811 Vulnerability in c (CVE-2026-50811)
vulnerability in c (CVE-2026-50811). Risk of unauthorized operations or information disclosure.
CVE-2026-50810 Vulnerability in c (CVE-2026-50810)
vulnerability in c (CVE-2026-50810). Risk of unauthorized operations or information disclosure.
CVE-2026-37271 Vulnerability in CVE-2026-37271 (CVE-2026-37271)
vulnerability in CVE-2026-37271 (CVE-2026-37271). Risk of unauthorized operations or information disclosure.
CVE-2026-37270 Vulnerability in CVE-2026-37270 (CVE-2026-37270)
vulnerability in CVE-2026-37270 (CVE-2026-37270). Risk of unauthorized operations or information disclosure.
CVE-2026-36163 Vulnerability in CVE-2026-36163 (CVE-2026-36163)
vulnerability in CVE-2026-36163 (CVE-2026-36163). Risk of unauthorized operations or information disclosure.
CVE-2026-36162 Vulnerability in CVE-2026-36162 (CVE-2026-36162)
vulnerability in CVE-2026-36162 (CVE-2026-36162). Risk of unauthorized operations or information disclosure.
CVE-2026-14895 Vulnerability in dos (CVE-2026-14895)
vulnerability in dos (CVE-2026-14895). Risk of unauthorized operations or information disclosure.
CVE-2026-14740 Out-of-Bounds Read in CVE-2026-14740 (CVE-2026-14740)
vulnerability in CVE-2026-14740 (CVE-2026-14740). Risk of unauthorized operations or information disclosure.
CVE-2026-14739 Out-of-Bounds Write in CVE-2026-14739 (CVE-2026-14739)
out-of-bounds write in CVE-2026-14739 (CVE-2026-14739). Risk of unauthorized operations or information disclosure.
CVE-2026-14380 Vulnerability in CVE-2026-14380 (CVE-2026-14380)
vulnerability in CVE-2026-14380 (CVE-2026-14380). Risk of unauthorized operations or information disclosure.
CVE-2026-59706 Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
CVE-2026-59153 Vulnerability in CVE-2026-59153 (CVE-2026-59153)
vulnerability in CVE-2026-59153 (CVE-2026-59153). Risk of unauthorized operations or information disclosure.
CVE-2026-58266 Vulnerability in CVE-2026-58266 (CVE-2026-58266)
vulnerability in CVE-2026-58266 (CVE-2026-58266). Confidential information can be exposed externally.
CVE-2026-55490 Vulnerability in CVE-2026-55490 (CVE-2026-55490)
vulnerability in CVE-2026-55490 (CVE-2026-55490). Risk of unauthorized operations or information disclosure.
CVE-2026-55418 Vulnerability in CVE-2026-55418 (CVE-2026-55418)
vulnerability in CVE-2026-55418 (CVE-2026-55418). Confidential information can be exposed externally.
CVE-2026-55408 Code Injection in CVE-2026-55408 (CVE-2026-55408)
code injection in CVE-2026-55408 (CVE-2026-55408). Risk of unauthorized operations or information disclosure.
CVE-2026-54698 Authorization Flaw in CVE-2026-54698 (CVE-2026-54698)
vulnerability in CVE-2026-54698 (CVE-2026-54698). Risk of unauthorized operations or information disclosure.
CVE-2026-54607 SSRF (Server-Side Request Forgery) in CVE-2026-54607 (CVE-2026-54607)
SSRF in CVE-2026-54607 (CVE-2026-54607). Confidential information can be exposed externally.
CVE-2026-54602 Vulnerability in CVE-2026-54602 (CVE-2026-54602)
vulnerability in CVE-2026-54602 (CVE-2026-54602). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/core/ai/record/getRecord`.
CVE-2026-54601 Vulnerability in CVE-2026-54601 (CVE-2026-54601)
vulnerability in CVE-2026-54601 (CVE-2026-54601). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/core/dataset/collection/create/reTrainingCollection`.
CVE-2026-49033 Vulnerability in CVE-2026-49033 (CVE-2026-49033)
vulnerability in CVE-2026-49033 (CVE-2026-49033). Successful exploitation can lead to full system takeover.
CVE-2026-42958 Use-After-Free in CVE-2026-42958 (CVE-2026-42958)
vulnerability in CVE-2026-42958 (CVE-2026-42958). Successful exploitation can lead to full system takeover.
CVE-2026-28378 Vulnerability in CVE-2026-28378 (CVE-2026-28378)
vulnerability in CVE-2026-28378 (CVE-2026-28378). Risk of unauthorized operations or information disclosure.
CVE-2026-59707 SSRF (Server-Side Request Forgery) in CVE-2026-59707 (CVE-2026-59707)
SSRF in CVE-2026-59707 (CVE-2026-59707). Confidential information can be exposed externally. Exploitable via `POST /models/apply`.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →