Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: java Clear
ID Title
CVE-2026-44503 Open Redirect in com.microsoft.kiota:microsoft-kiota-abstractions (CVE-2026-44503)
vulnerability in com.microsoft.kiota:microsoft-kiota-abstractions (CVE-2026-44503). Risk of unauthorized operations or information disclosure. Exploitable via `Authorization header`. Mitigation: upgrade to `1.9.1` or later.
CVE-2026-44501 Unsafe Deserialization in react (CVE-2026-44501)
vulnerability in react (CVE-2026-44501). Risk of unauthorized operations or information disclosure. Exploitable via `GET /callback/oidc`. Mitigation: upgrade to `1.5.0.3` or later.
CVE-2026-46419 Vulnerability in CVE-2026-46419 (CVE-2026-46419)
vulnerability in CVE-2026-46419 (CVE-2026-46419). Successful exploitation can lead to full system takeover.
CVE-2025-27852 Cross-Site Scripting (XSS) in garmin (CVE-2025-27852)
cross-site scripting in garmin (CVE-2025-27852). Risk of unauthorized operations or information disclosure.
CVE-2026-37430 Unrestricted File Upload in CVE-2026-37430 (CVE-2026-37430)
vulnerability in CVE-2026-37430 (CVE-2026-37430). Risk of unauthorized operations or information disclosure.
CVE-2026-41901 Vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901)
vulnerability in org.thymeleaf:thymeleaf (CVE-2026-41901). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `3.1.5.RELEASE` or later.
CVE-2026-44241 Vulnerability in io.micronaut:micronaut-context (CVE-2026-44241)
vulnerability in io.micronaut:micronaut-context (CVE-2026-44241). Risk of unauthorized operations or information disclosure. Exploitable via ``TimeConverterRegistrar``. Mitigation: upgrade to `4.10.22` or later.
CVE-2026-44242 Vulnerability in io.micronaut:micronaut-inject (CVE-2026-44242)
vulnerability in io.micronaut:micronaut-inject (CVE-2026-44242). Risk of unauthorized operations or information disclosure. Exploitable via ``ResourceBundleMessageSource``. Mitigation: upgrade to `3.8.14` or later.
CVE-2026-45091 Information Disclosure in sealed-env (CVE-2026-45091)
vulnerability in sealed-env (CVE-2026-45091). Confidential information can be exposed externally. Mitigation: upgrade to `0.1.0-alpha.4` or later.
CVE-2026-42188 SSRF (Server-Side Request Forgery) in org.geysermc.geyser:core (CVE-2026-42188)
SSRF in org.geysermc.geyser:core (CVE-2026-42188). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.9.3` or later.
CVE-2026-8320 SSRF (Server-Side Request Forgery) in CVE-2026-8320 (CVE-2026-8320)
SSRF in CVE-2026-8320 (CVE-2026-8320). Risk of unauthorized operations or information disclosure.
CVE-2026-8216 Authentication Bypass in CVE-2026-8216 (CVE-2026-8216)
authentication bypass in CVE-2026-8216 (CVE-2026-8216). Risk of unauthorized operations or information disclosure.
CVE-2026-8211 Vulnerability in CVE-2026-8211 (CVE-2026-8211)
vulnerability in CVE-2026-8211 (CVE-2026-8211). Risk of unauthorized operations or information disclosure.
CVE-2026-8196 Vulnerability in CVE-2026-8196 (CVE-2026-8196)
vulnerability in CVE-2026-8196 (CVE-2026-8196). Risk of unauthorized operations or information disclosure.
CVE-2026-8195 Cross-Site Scripting (XSS) in CVE-2026-8195 (CVE-2026-8195)
cross-site scripting in CVE-2026-8195 (CVE-2026-8195). Risk of unauthorized operations or information disclosure.
CVE-2026-44900 Vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-44900)
vulnerability in com.oviva.telematik:epa4all-client (CVE-2026-44900). Confidential information can be exposed externally. Mitigation: upgrade to `1.2.1` or later.
CVE-2026-44714 Vulnerability in org.bitcoinj:bitcoinj-core (CVE-2026-44714)
vulnerability in org.bitcoinj:bitcoinj-core (CVE-2026-44714). Data can be tampered with by attackers. Exploitable via ``P2PKH``. Mitigation: upgrade to `0.17.1` or later.
CVE-2026-8127 Vulnerability in CVE-2026-8127 (CVE-2026-8127)
vulnerability in CVE-2026-8127 (CVE-2026-8127). Risk of unauthorized operations or information disclosure.
SUSE-SU-2026:1732-1 Vulnerability in dos (SUSE-SU-2026:1732-1)
vulnerability in dos (SUSE-SU-2026:1732-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
SUSE-SU-2026:1731-1 Vulnerability in dos (SUSE-SU-2026:1731-1)
vulnerability in dos (SUSE-SU-2026:1731-1). Risk of unauthorized operations or information disclosure. Exploitable via ``tt_var_load_item_variation_store``.
CVE-2026-34282 Vulnerability in java (CVE-2026-34282)
vulnerability in java (CVE-2026-34282). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-34268 Vulnerability in java (CVE-2026-34268)
vulnerability in java (CVE-2026-34268). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-23865 Vulnerability in java (CVE-2026-23865)
vulnerability in java (CVE-2026-23865). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22021 Vulnerability in java (CVE-2026-22021)
vulnerability in java (CVE-2026-22021). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22013 Vulnerability in java (CVE-2026-22013)
vulnerability in java (CVE-2026-22013). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22008 Vulnerability in java (CVE-2026-22008)
vulnerability in java (CVE-2026-22008). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `25.0.2` or later.
CVE-2026-22007 Vulnerability in java (CVE-2026-22007)
vulnerability in java (CVE-2026-22007). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491, 11.0.31, 17.0.19, 21.0.11, 25.0.3, 26.0.1` or later.
CVE-2026-22003 Vulnerability in java (CVE-2026-22003)
vulnerability in java (CVE-2026-22003). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-21947 Cross-Site Scripting (XSS) in java (CVE-2026-21947)
cross-site scripting in java (CVE-2026-21947). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2026-21945 Vulnerability in java (CVE-2026-21945)
vulnerability in java (CVE-2026-21945). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-21933 Vulnerability in java (CVE-2026-21933)
vulnerability in java (CVE-2026-21933). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-21932 Vulnerability in java (CVE-2026-21932)
vulnerability in java (CVE-2026-21932). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-21925 Vulnerability in java (CVE-2026-21925)
vulnerability in java (CVE-2026-21925). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481, 11.0.30, 17.0.18, 21.0.10, 25.0.2` or later.
CVE-2026-20676 Vulnerability in java (CVE-2026-20676)
vulnerability in java (CVE-2026-20676). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20652 Vulnerability in java (CVE-2026-20652)
vulnerability in java (CVE-2026-20652). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20644 Buffer Overflow in java (CVE-2026-20644)
vulnerability in java (CVE-2026-20644). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20636 Buffer Overflow in java (CVE-2026-20636)
vulnerability in java (CVE-2026-20636). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20635 Buffer Overflow in java (CVE-2026-20635)
vulnerability in java (CVE-2026-20635). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2026-20608 Vulnerability in java (CVE-2026-20608)
vulnerability in java (CVE-2026-20608). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2025-7425 Use-After-Free in java (CVE-2025-7425)
vulnerability in java (CVE-2025-7425). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-7424 Vulnerability in java (CVE-2025-7424)
vulnerability in java (CVE-2025-7424). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-61748 Vulnerability in java (CVE-2025-61748)
vulnerability in java (CVE-2025-61748). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `21.0.9, 25.0.1` or later.
CVE-2025-6052 Vulnerability in java (CVE-2025-6052)
vulnerability in java (CVE-2025-6052). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-53066 Information Disclosure in java (CVE-2025-53066)
vulnerability in java (CVE-2025-53066). Confidential information can be exposed externally. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
CVE-2025-53057 Vulnerability in java (CVE-2025-53057)
vulnerability in java (CVE-2025-53057). Data can be tampered with by attackers. Mitigation: upgrade to `1.8.0, 8.0.471, 11.0.29, 17.0.17, 21.0.9, 25.0.1` or later.
CVE-2025-50106 Vulnerability in java (CVE-2025-50106)
vulnerability in java (CVE-2025-50106). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.461, 11.0.28, 17.0.16, 21.0.8, 24.0.2` or later.
CVE-2025-50059 Vulnerability in java (CVE-2025-50059)
vulnerability in java (CVE-2025-50059). Confidential information can be exposed externally. Mitigation: upgrade to `11.0.28, 17.0.16, 21.0.8, 24.0.2` or later.
CVE-2025-47219 Out-of-Bounds Read in java (CVE-2025-47219)
vulnerability in java (CVE-2025-47219). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.481` or later.
CVE-2025-43457 Use-After-Free in java (CVE-2025-43457)
vulnerability in java (CVE-2025-43457). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.491` or later.
CVE-2025-32415 Vulnerability in java (CVE-2025-32415)
vulnerability in java (CVE-2025-32415). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.8.0, 8.0.461` or later.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →