Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-8934 |
|
Vulnerability in CVE-2026-8934 (CVE-2026-8934)
vulnerability in CVE-2026-8934 (CVE-2026-8934). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56104 |
|
Vulnerability in CVE-2026-56104 (CVE-2026-56104)
vulnerability in CVE-2026-56104 (CVE-2026-56104). Confidential information can be exposed externally.
|
| CVE-2026-5139 |
|
Vulnerability in mattermost (CVE-2026-5139)
vulnerability in mattermost (CVE-2026-5139). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56424 |
|
Vulnerability in misp-project (CVE-2026-56424)
vulnerability in misp-project (CVE-2026-56424). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56423 |
|
Vulnerability in misp-project (CVE-2026-56423)
vulnerability in misp-project (CVE-2026-56423). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44914 |
|
Vulnerability in apache (CVE-2026-44914)
vulnerability in apache (CVE-2026-44914). Successful exploitation can lead to full system takeover.
|
| CVE-2026-7859 |
|
Vulnerability in wordpress (CVE-2026-7859)
vulnerability in wordpress (CVE-2026-7859). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56396 |
|
Vulnerability in CVE-2026-56396 (CVE-2026-56396)
vulnerability in CVE-2026-56396 (CVE-2026-56396). Successful exploitation can lead to full system takeover.
|
| CVE-2026-56384 |
|
Vulnerability in CVE-2026-56384 (CVE-2026-56384)
vulnerability in CVE-2026-56384 (CVE-2026-56384). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.17.8` or later.
|
| CVE-2026-56341 |
|
Vulnerability in csharp (CVE-2026-56341)
vulnerability in csharp (CVE-2026-56341). Confidential information can be exposed externally.
|
| CVE-2026-12119 |
|
Vulnerability in wordpress (CVE-2026-12119)
vulnerability in wordpress (CVE-2026-12119). Data can be tampered with by attackers.
|
| CVE-2026-11912 |
|
Vulnerability in wordpress (CVE-2026-11912)
vulnerability in wordpress (CVE-2026-11912). Data can be tampered with by attackers.
|
| CVE-2026-56213 |
|
Vulnerability in CVE-2026-56213 (CVE-2026-56213)
vulnerability in CVE-2026-56213 (CVE-2026-56213). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48582 |
|
Vulnerability in microsoft (CVE-2026-48582)
vulnerability in microsoft (CVE-2026-48582). Confidential information can be exposed externally.
|
| CVE-2026-12238 |
|
Vulnerability in wordpress (CVE-2026-12238)
vulnerability in wordpress (CVE-2026-12238). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49291 |
|
Vulnerability in mcp-memory-service (CVE-2026-49291)
vulnerability in mcp-memory-service (CVE-2026-49291). Data can be tampered with by attackers. Exploitable via `POST /api/memories`. Mitigation: upgrade to `10.65.3` or later.
|
| CVE-2026-49288 |
|
Information Disclosure in statamic/cms (CVE-2026-49288)
vulnerability in statamic/cms (CVE-2026-49288). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `5.73.23` or later.
|
| CVE-2026-49357 |
|
Vulnerability in line-desktop-mcp (CVE-2026-49357)
vulnerability in line-desktop-mcp (CVE-2026-49357). Risk of unauthorized operations or information disclosure. Exploitable via ``fbed0d2d3048e63f48a356a1267ed8ec5e78f3ae``. Mitigation: upgrade to `1.1.2` or later.
|
| CVE-2026-6798 |
|
Vulnerability in wordpress (CVE-2026-6798)
vulnerability in wordpress (CVE-2026-6798). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-3640 |
|
Vulnerability in wordpress (CVE-2026-3640)
vulnerability in wordpress (CVE-2026-3640). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9013 |
|
Vulnerability in wordpress (CVE-2026-9013)
vulnerability in wordpress (CVE-2026-9013). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10034 |
|
Vulnerability in wordpress (CVE-2026-10034)
vulnerability in wordpress (CVE-2026-10034). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10779 |
|
Vulnerability in wordpress (CVE-2026-10779)
vulnerability in wordpress (CVE-2026-10779). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-52866 |
|
Vulnerability in CVE-2026-52866 (CVE-2026-52866)
vulnerability in CVE-2026-52866 (CVE-2026-52866). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-49205 |
|
Vulnerability in thorsten/phpmyfaq (CVE-2026-49205)
vulnerability in thorsten/phpmyfaq (CVE-2026-49205). Confidential information can be exposed externally. Exploitable via `POST /api/v4.0/category`. Mitigation: upgrade to `4.1.4` or later.
|
| CVE-2026-11719 |
|
Vulnerability in github.com/googleapis/mcp-toolbox (CVE-2026-11719)
vulnerability in github.com/googleapis/mcp-toolbox (CVE-2026-11719). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.4.0` or later.
|
| CVE-2026-28573 |
|
Vulnerability in dos (CVE-2026-28573)
vulnerability in dos (CVE-2026-28573). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9199 |
|
Vulnerability in wordpress (CVE-2026-9199)
vulnerability in wordpress (CVE-2026-9199). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12093 |
|
Vulnerability in wordpress (CVE-2026-12093)
vulnerability in wordpress (CVE-2026-12093). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12407 |
|
Vulnerability in wordpress (CVE-2026-12407)
vulnerability in wordpress (CVE-2026-12407). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10029 |
|
Vulnerability in wordpress (CVE-2026-10029)
vulnerability in wordpress (CVE-2026-10029). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-12515 |
|
Vulnerability in katello (CVE-2026-12515)
vulnerability in katello (CVE-2026-12515). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.21.0.rc1` or later.
|
| CVE-2026-54415 |
|
Privilege Escalation in CVE-2026-54415 (CVE-2026-54415)
vulnerability in CVE-2026-54415 (CVE-2026-54415). Confidential information can be exposed externally.
|
| CVE-2026-54810 |
|
Vulnerability in CVE-2026-54810 (CVE-2026-54810)
vulnerability in CVE-2026-54810 (CVE-2026-54810). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-69189 |
|
Vulnerability in CVE-2025-69189 (CVE-2025-69189)
vulnerability in CVE-2025-69189 (CVE-2025-69189). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8383 |
|
Vulnerability in wordpress (CVE-2026-8383)
vulnerability in wordpress (CVE-2026-8383). Risk of unauthorized operations or information disclosure. Exploitable via ``edit``.
|
| CVE-2026-54802 |
|
Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions.
Unauthenticated Broken Authentication in SMS Alert Order Notifications <= 3.9.3 versions.
|
| CVE-2026-49081 |
|
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions.
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.12 versions.
|
| CVE-2026-49072 |
|
Unauthenticated Broken Access Control in WooCommerce Anti-Fraud <= 7.2.6 versions.
Unauthenticated Broken Access Control in WooCommerce Anti-Fraud <= 7.2.6 versions.
|
| CVE-2026-49057 |
|
Unauthenticated Broken Access Control in JobSearch <= 3.2.7 versions.
Unauthenticated Broken Access Control in JobSearch <= 3.2.7 versions.
|
| CVE-2026-45436 |
|
Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions.
Subscriber Broken Access Control in WPBakery Page Builder <= 8.7.2 versions.
|
| CVE-2026-40726 |
|
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
Unauthenticated Broken Access Control in User Registration Stripe <= 1.3.14 versions.
|
| CVE-2026-39595 |
|
Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
Author Broken Access Control in W3 Total Cache <= 2.9.1 versions.
|
| CVE-2026-40723 |
|
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
Subscriber Broken Access Control in Bricks Builder <= 2.1.4 versions.
|
| CVE-2026-40722 |
|
Vulnerability in CVE-2026-40722 (CVE-2026-40722)
vulnerability in CVE-2026-40722 (CVE-2026-40722). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-28587 |
|
Vulnerability in google (CVE-2026-28587)
vulnerability in google (CVE-2026-28587). Confidential information can be exposed externally.
|
| CVE-2026-28615 |
|
Vulnerability in google (CVE-2026-28615)
vulnerability in google (CVE-2026-28615). Successful exploitation can lead to full system takeover.
|
| CVE-2026-39433 |
|
Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
Subscriber Arbitrary Content Deletion in WPAMS < 49.5.3 versions.
|
| CVE-2026-24575 |
|
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
|
| CVE-2026-22343 |
|
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
|