Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-50872 |
|
Code Injection in CVE-2026-50872 (CVE-2026-50872)
code injection in CVE-2026-50872 (CVE-2026-50872). Successful exploitation can lead to full system takeover.
|
| CVE-2026-30120 |
|
Code Injection in remotion (CVE-2026-30120)
code injection in remotion (CVE-2026-30120). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `4.0.410` or later.
|
| CVE-2026-54271 |
|
Code Injection in protobufjs-cli (CVE-2026-54271)
code injection in protobufjs-cli (CVE-2026-54271). Confidential information can be exposed externally. Exploitable via ``pbjs``. Mitigation: upgrade to `2.5.0` or later.
|
| CVE-2026-52704 |
|
Code Injection in CVE-2026-52704 (CVE-2026-52704)
code injection in CVE-2026-52704 (CVE-2026-52704). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11860 |
|
Code Injection in deserialization (CVE-2026-11860)
code injection in deserialization (CVE-2026-11860). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12202 |
|
Cross-Site Scripting (XSS) in CVE-2026-12202 (CVE-2026-12202)
cross-site scripting in CVE-2026-12202 (CVE-2026-12202). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12208 |
|
Code Injection in CVE-2026-12208 (CVE-2026-12208)
code injection in CVE-2026-12208 (CVE-2026-12208). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12209 |
|
Code Injection in CVE-2026-12209 (CVE-2026-12209)
code injection in CVE-2026-12209 (CVE-2026-12209). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12176 |
|
Cross-Site Scripting (XSS) in CVE-2026-12176 (CVE-2026-12176)
cross-site scripting in CVE-2026-12176 (CVE-2026-12176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12130 |
|
Cross-Site Scripting (XSS) in CVE-2026-12130 (CVE-2026-12130)
cross-site scripting in CVE-2026-12130 (CVE-2026-12130). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12129 |
|
Cross-Site Scripting (XSS) in CVE-2026-12129 (CVE-2026-12129)
cross-site scripting in CVE-2026-12129 (CVE-2026-12129). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-54057 |
|
Code Injection in kovidgoyal (CVE-2026-54057)
code injection in kovidgoyal (CVE-2026-54057). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42851 |
|
Code Injection in kovidgoyal (CVE-2026-42851)
code injection in kovidgoyal (CVE-2026-42851). Successful exploitation can lead to full system takeover. Exploitable via ``cat``.
|
| CVE-2026-45833 |
|
Code Injection in trychroma (CVE-2026-45833)
code injection in trychroma (CVE-2026-45833). Successful exploitation can lead to full system takeover.
|
| CVE-2026-54133 |
|
Vulnerability in jmespath (CVE-2026-54133)
vulnerability in jmespath (CVE-2026-54133). Successful exploitation can lead to full system takeover. Exploitable via ``JP_PHP_COMPILE``. Mitigation: upgrade to `2.9.1` or later.
|
| CVE-2026-52858 |
|
Code Injection in vim (CVE-2026-52858)
code injection in vim (CVE-2026-52858). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52860 |
|
Code Injection in vim (CVE-2026-52860)
code injection in vim (CVE-2026-52860). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47162 |
|
Vulnerability in vim (CVE-2026-47162)
vulnerability in vim (CVE-2026-47162). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47167 |
|
Code Injection in vim (CVE-2026-47167)
code injection in vim (CVE-2026-47167). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50223 |
|
Code Injection in apache (CVE-2026-50223)
code injection in apache (CVE-2026-50223). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45558 |
|
Vulnerability in c (CVE-2026-45558)
vulnerability in c (CVE-2026-45558). Successful exploitation can lead to full system takeover. Exploitable via `POST /api/service/haproxy/`.
|
| CVE-2026-47906 |
|
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third...
|
| CVE-2026-45583 |
|
Code Injection in microsoft (CVE-2026-45583)
code injection in microsoft (CVE-2026-45583). Successful exploitation can lead to full system takeover.
|
| CVE-2026-0414 |
|
Code Injection in netgear (CVE-2026-0414)
code injection in netgear (CVE-2026-0414). Data can be tampered with by attackers.
|
| CVE-2026-47292 |
|
Code Injection in microsoft (CVE-2026-47292)
code injection in microsoft (CVE-2026-47292). Successful exploitation can lead to full system takeover.
|
| CVE-2017-20251 |
|
Code Injection in wordpress (CVE-2017-20251)
code injection in wordpress (CVE-2017-20251). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8795 |
|
Vulnerability in CVE-2026-8795 (CVE-2026-8795)
vulnerability in CVE-2026-8795 (CVE-2026-8795). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11688 |
|
Code Injection in google (CVE-2026-11688)
code injection in google (CVE-2026-11688). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11393 |
|
Code Injection in Amazon aws (CVE-2026-11393)
code injection in Amazon aws (CVE-2026-11393). Successful exploitation can lead to full system takeover.
|
| CVE-2026-52778 |
|
Code Injection in dos (CVE-2026-52778)
code injection in dos (CVE-2026-52778). Successful exploitation can lead to full system takeover.
|
| CVE-2026-42890 |
|
Code Injection in actual (CVE-2026-42890)
code injection in actual (CVE-2026-42890). Risk of unauthorized operations or information disclosure. Exploitable via ``actual``. Mitigation: upgrade to `26.5.0` or later.
|
| CVE-2026-25856 |
|
Code Injection in c (CVE-2026-25856)
code injection in c (CVE-2026-25856). Successful exploitation can lead to full system takeover.
|
| CVE-2026-11534 |
|
Cross-Site Scripting (XSS) in CVE-2026-11534 (CVE-2026-11534)
cross-site scripting in CVE-2026-11534 (CVE-2026-11534). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11518 |
|
Cross-Site Scripting (XSS) in CVE-2026-11518 (CVE-2026-11518)
cross-site scripting in CVE-2026-11518 (CVE-2026-11518). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11520 |
|
Cross-Site Scripting (XSS) in CVE-2026-11520 (CVE-2026-11520)
cross-site scripting in CVE-2026-11520 (CVE-2026-11520). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11512 |
|
Cross-Site Scripting (XSS) in CVE-2026-11512 (CVE-2026-11512)
cross-site scripting in CVE-2026-11512 (CVE-2026-11512). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11491 |
|
Cross-Site Scripting (XSS) in CVE-2026-11491 (CVE-2026-11491)
cross-site scripting in CVE-2026-11491 (CVE-2026-11491). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11468 |
|
Cross-Site Scripting (XSS) in CVE-2026-11468 (CVE-2026-11468)
cross-site scripting in CVE-2026-11468 (CVE-2026-11468). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11436 |
|
Cross-Site Scripting (XSS) in CVE-2026-11436 (CVE-2026-11436)
cross-site scripting in CVE-2026-11436 (CVE-2026-11436). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11434 |
|
Cross-Site Scripting (XSS) in CVE-2026-11434 (CVE-2026-11434)
cross-site scripting in CVE-2026-11434 (CVE-2026-11434). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11429 |
|
Path Traversal in path-traversal (CVE-2026-11429)
path traversal in path-traversal (CVE-2026-11429). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `8.1.1` or later.
|
| CVE-2026-49493 |
|
Code Injection in CVE-2026-49493 (CVE-2026-49493)
code injection in CVE-2026-49493 (CVE-2026-49493). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `0.8.28` or later.
|
| CVE-2026-11338 |
|
Cross-Site Scripting (XSS) in CVE-2026-11338 (CVE-2026-11338)
cross-site scripting in CVE-2026-11338 (CVE-2026-11338). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11337 |
|
Cross-Site Scripting (XSS) in CVE-2026-11337 (CVE-2026-11337)
cross-site scripting in CVE-2026-11337 (CVE-2026-11337). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48017 |
|
Code Injection in dbgate-api (CVE-2026-48017)
code injection in dbgate-api (CVE-2026-48017). Successful exploitation can lead to full system takeover. Exploitable via `POST /runners/load-reader`. Mitigation: upgrade to `7.1.9` or later.
|
| CVE-2026-11231 |
|
Code Injection in google (CVE-2026-11231)
code injection in google (CVE-2026-11231). Confidential information can be exposed externally.
|
| CVE-2026-11218 |
|
Vulnerability in google (CVE-2026-11218)
vulnerability in google (CVE-2026-11218). Confidential information can be exposed externally.
|
| CVE-2026-11157 |
|
Code Injection in google (CVE-2026-11157)
code injection in google (CVE-2026-11157). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10928 |
|
Code Injection in google (CVE-2026-10928)
code injection in google (CVE-2026-10928). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10904 |
|
Vulnerability in google (CVE-2026-10904)
vulnerability in google (CVE-2026-10904). Successful exploitation can lead to full system takeover.
|