Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-863 Clear
ID Title
CVE-2026-53853 OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns
CVE-2026-53854 Authorization Flaw in openclaw (CVE-2026-53854)
vulnerability in openclaw (CVE-2026-53854). Data can be tampered with by attackers. Mitigation: upgrade to `2026.4.25` or later.
CVE-2026-53855 OpenClaw: Shell positional parameters could weaken strict inline-eval checks
OpenClaw: Shell positional parameters could weaken strict inline-eval checks
CVE-2026-49983 Authorization Flaw in deno (CVE-2026-49983)
vulnerability in deno (CVE-2026-49983). Risk of unauthorized operations or information disclosure. Exploitable via ``env``. Mitigation: upgrade to `2.8.1` or later.
CVE-2026-5149 Authorization Flaw in wordpress (CVE-2026-5149)
vulnerability in wordpress (CVE-2026-5149). Confidential information can be exposed externally.
CVE-2026-54281 Authorization Flaw in @nestjs/platform-fastify (CVE-2026-54281)
vulnerability in @nestjs/platform-fastify (CVE-2026-54281). Risk of unauthorized operations or information disclosure. Exploitable via `GET /resource`. Mitigation: upgrade to `11.1.24` or later.
CVE-2026-47777 Vulnerability in CVE-2026-47777 (CVE-2026-47777)
vulnerability in CVE-2026-47777 (CVE-2026-47777). Data can be tampered with by attackers.
CVE-2016-20075 Authorization Flaw in wordpress (CVE-2016-20075)
vulnerability in wordpress (CVE-2016-20075). Successful exploitation can lead to full system takeover.
CVE-2026-34023 Authorization Flaw in CVE-2026-34023 (CVE-2026-34023)
vulnerability in CVE-2026-34023 (CVE-2026-34023). Risk of unauthorized operations or information disclosure.
CVE-2026-2470 Authorization Flaw in wordpress (CVE-2026-2470)
vulnerability in wordpress (CVE-2026-2470). Risk of unauthorized operations or information disclosure.
CVE-2026-54398 Authorization Flaw in CVE-2026-54398 (CVE-2026-54398)
vulnerability in CVE-2026-54398 (CVE-2026-54398). Risk of unauthorized operations or information disclosure.
CVE-2026-53834 Authorization Flaw in openclaw (CVE-2026-53834)
vulnerability in openclaw (CVE-2026-53834). Data can be tampered with by attackers.
CVE-2026-53835 Authorization Flaw in openclaw (CVE-2026-53835)
vulnerability in openclaw (CVE-2026-53835). Risk of unauthorized operations or information disclosure.
CVE-2026-53828 Authorization Flaw in openclaw (CVE-2026-53828)
vulnerability in openclaw (CVE-2026-53828). Successful exploitation can lead to full system takeover.
CVE-2026-53521 Authorization Flaw in github.com/nezhahq/nezha (CVE-2026-53521)
vulnerability in github.com/nezhahq/nezha (CVE-2026-53521). Risk of unauthorized operations or information disclosure. Exploitable via `PATCH /server/{id}`. Mitigation: upgrade to `2.1.0` or later.
CVE-2026-54091 Authorization Flaw in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-54091). Confidential information can be exposed externally. Exploitable via `GET /api/public/share/`. Mitigation: upgrade to `2.63.6` or later.
CVE-2026-54362 Authorization Flaw in CVE-2026-54362 (CVE-2026-54362)
vulnerability in CVE-2026-54362 (CVE-2026-54362). Risk of unauthorized operations or information disclosure.
CVE-2026-54397 Authorization Flaw in CVE-2026-54397 (CVE-2026-54397)
vulnerability in CVE-2026-54397 (CVE-2026-54397). Risk of unauthorized operations or information disclosure.
CVE-2026-54096 Authorization Flaw in github.com/filebrowser/filebrowser/v2 (CVE-2026-54096)
vulnerability in github.com/filebrowser/filebrowser/v2 (CVE-2026-54096). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/share/`. Mitigation: upgrade to `2.63.7` or later.
CVE-2026-54358 Authorization Flaw in privilege-escalation (CVE-2026-54358)
vulnerability in privilege-escalation (CVE-2026-54358). Risk of unauthorized operations or information disclosure.
CVE-2026-54357 Vulnerability in CVE-2026-54357 (CVE-2026-54357)
vulnerability in CVE-2026-54357 (CVE-2026-54357). Risk of unauthorized operations or information disclosure.
CVE-2026-42604 Authorization Flaw in CVE-2026-42604 (CVE-2026-42604)
vulnerability in CVE-2026-42604 (CVE-2026-42604). Risk of unauthorized operations or information disclosure. Exploitable via `POST /openid/config`.
CVE-2026-50008 Authorization Flaw in parse-server (CVE-2026-50008)
vulnerability in parse-server (CVE-2026-50008). Risk of unauthorized operations or information disclosure. Exploitable via ``routeAllowList``. Mitigation: upgrade to `9.9.1-alpha.3` or later.
CVE-2026-47236 Authorization Flaw in CVE-2026-47236 (CVE-2026-47236)
vulnerability in CVE-2026-47236 (CVE-2026-47236). Risk of unauthorized operations or information disclosure.
CVE-2026-7387 Authorization Flaw in mattermost (CVE-2026-7387)
vulnerability in mattermost (CVE-2026-7387). Successful exploitation can lead to full system takeover.
CVE-2026-6739 Authorization Flaw in mattermost (CVE-2026-6739)
vulnerability in mattermost (CVE-2026-6739). Confidential information can be exposed externally.
CVE-2026-44173 Authorization Flaw in mariadb (CVE-2026-44173)
vulnerability in mariadb (CVE-2026-44173). Risk of unauthorized operations or information disclosure.
CVE-2026-44169 Authorization Flaw in mariadb (CVE-2026-44169)
vulnerability in mariadb (CVE-2026-44169). Risk of unauthorized operations or information disclosure.
CVE-2026-45831 Authorization Flaw in trychroma (CVE-2026-45831)
vulnerability in trychroma (CVE-2026-45831). Successful exploitation can lead to full system takeover.
CVE-2026-53721 Vulnerability in nuxt (CVE-2026-53721)
vulnerability in nuxt (CVE-2026-53721). Confidential information can be exposed externally. Exploitable via ``routeRules``. Mitigation: upgrade to `3.21.7` or later.
CVE-2026-47195 Authorization Flaw in CVE-2026-47195 (CVE-2026-47195)
vulnerability in CVE-2026-47195 (CVE-2026-47195). Risk of unauthorized operations or information disclosure.
CVE-2026-47238 Vulnerability in CVE-2026-47238 (CVE-2026-47238)
vulnerability in CVE-2026-47238 (CVE-2026-47238). Risk of unauthorized operations or information disclosure.
CVE-2026-53808 Authorization Flaw in openclaw (CVE-2026-53808)
vulnerability in openclaw (CVE-2026-53808). Data can be tampered with by attackers.
CVE-2026-53807 Authorization Flaw in openclaw (CVE-2026-53807)
vulnerability in openclaw (CVE-2026-53807). Successful exploitation can lead to full system takeover.
CVE-2026-53809 Authorization Flaw in openclaw (CVE-2026-53809)
vulnerability in openclaw (CVE-2026-53809). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2026.4.25` or later.
CVE-2026-48089 Vulnerability in github.com/l3montree-dev/devguard (CVE-2026-48089)
vulnerability in github.com/l3montree-dev/devguard (CVE-2026-48089). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.4.2` or later.
CVE-2026-6269 Authorization Flaw in gitlab (CVE-2026-6269)
vulnerability in gitlab (CVE-2026-6269). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-6277 Authorization Flaw in gitlab (CVE-2026-6277)
vulnerability in gitlab (CVE-2026-6277). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-3553 Authorization Flaw in gitlab (CVE-2026-3553)
vulnerability in gitlab (CVE-2026-3553). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `18.10.8, 18.11.5, 19.0.2` or later.
CVE-2026-49219 Path Traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219)
path traversal in Magick.NET-Q16-AnyCPU (CVE-2026-49219). Confidential information can be exposed externally. Mitigation: upgrade to `14.14.0` or later.
CVE-2026-53738 Authorization Flaw in CVE-2026-53738 (CVE-2026-53738)
vulnerability in CVE-2026-53738 (CVE-2026-53738). Data can be tampered with by attackers.
CVE-2026-49823 Vulnerability in github.com/fission/fission (CVE-2026-49823)
vulnerability in github.com/fission/fission (CVE-2026-49823). Confidential information can be exposed externally. Exploitable via ``PackageRef.Namespace``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-49824 Vulnerability in github.com/fission/fission (CVE-2026-49824)
vulnerability in github.com/fission/fission (CVE-2026-49824). Confidential information can be exposed externally. Exploitable via ``spec.environment.namespace``. Mitigation: upgrade to `1.24.0` or later.
CVE-2026-48860 Authorization Flaw in erlang (CVE-2026-48860)
vulnerability in erlang (CVE-2026-48860). Confidential information can be exposed externally.
CVE-2026-45563 Vulnerability in nginx (CVE-2026-45563)
vulnerability in nginx (CVE-2026-45563). Risk of unauthorized operations or information disclosure. Exploitable via `GET /history/`.
CVE-2026-45552 Vulnerability in nginx (CVE-2026-45552)
vulnerability in nginx (CVE-2026-45552). Successful exploitation can lead to full system takeover.
CVE-2026-45550 Vulnerability in nginx (CVE-2026-45550)
vulnerability in nginx (CVE-2026-45550). Data can be tampered with by attackers. Exploitable via `PUT /smon/check`.
CVE-2026-45549 Vulnerability in nginx (CVE-2026-45549)
vulnerability in nginx (CVE-2026-45549). Risk of unauthorized operations or information disclosure.
CVE-2026-49397 Information Disclosure in github.com/nezhahq/nezha (CVE-2026-49397)
vulnerability in github.com/nezhahq/nezha (CVE-2026-49397). Risk of unauthorized operations or information disclosure. Exploitable via `GET /api/v1/service`. Mitigation: upgrade to `2.0.14` or later.
CVE-2026-24724 Authorization Flaw in qnap (CVE-2026-24724)
vulnerability in qnap (CVE-2026-24724). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →