Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-58373 |
|
Vulnerability in CVE-2026-58373 (CVE-2026-58373)
vulnerability in CVE-2026-58373 (CVE-2026-58373). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58376 |
|
SQL Injection in sqli (CVE-2026-58376)
SQL injection in sqli (CVE-2026-58376). Confidential information can be exposed externally.
|
| CVE-2026-58375 |
|
Vulnerability in CVE-2026-58375 (CVE-2026-58375)
vulnerability in CVE-2026-58375 (CVE-2026-58375). Confidential information can be exposed externally. Exploitable via `POST /jmreport/auto/export`.
|
| CVE-2026-8864 |
|
Vulnerability in CVE-2026-8864 (CVE-2026-8864)
vulnerability in CVE-2026-8864 (CVE-2026-8864). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58371 |
|
Cross-Site Scripting (XSS) in CVE-2026-58371 (CVE-2026-58371)
cross-site scripting in CVE-2026-58371 (CVE-2026-58371). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58176 |
|
Vulnerability in vue (CVE-2026-58176)
vulnerability in vue (CVE-2026-58176). Data can be tampered with by attackers.
|
| CVE-2026-58172 |
|
Vulnerability in CVE-2026-58172 (CVE-2026-58172)
vulnerability in CVE-2026-58172 (CVE-2026-58172). Confidential information can be exposed externally.
|
| CVE-2026-58169 |
|
Vulnerability in CVE-2026-58169 (CVE-2026-58169)
vulnerability in CVE-2026-58169 (CVE-2026-58169). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
|
| CVE-2026-58168 |
|
Vulnerability in CVE-2026-58168 (CVE-2026-58168)
vulnerability in CVE-2026-58168 (CVE-2026-58168). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58166 |
|
Path Traversal in path-traversal (CVE-2026-58166)
path traversal in path-traversal (CVE-2026-58166). Data can be tampered with by attackers.
|
| CVE-2026-48315 |
|
Vulnerability in adobe (CVE-2026-48315)
vulnerability in adobe (CVE-2026-48315). Confidential information can be exposed externally.
|
| CVE-2026-58165 |
|
Vulnerability in privilege-escalation (CVE-2026-58165)
vulnerability in privilege-escalation (CVE-2026-58165). Successful exploitation can lead to full system takeover.
|
| CVE-2026-58167 |
|
Vulnerability in CVE-2026-58167 (CVE-2026-58167)
vulnerability in CVE-2026-58167 (CVE-2026-58167). Confidential information can be exposed externally. Exploitable via `POST /api/n9e/datasource/list.`.
|
| CVE-2026-58171 |
|
Path Traversal in CVE-2026-58171 (CVE-2026-58171)
path traversal in CVE-2026-58171 (CVE-2026-58171). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-58170 |
|
Path Traversal in path-traversal (CVE-2026-58170)
path traversal in path-traversal (CVE-2026-58170). Data can be tampered with by attackers.
|
| CVE-2026-48314 |
|
Path Traversal in path-traversal (CVE-2026-48314)
path traversal in path-traversal (CVE-2026-48314). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48283 |
|
Unrestricted File Upload in adobe (CVE-2026-48283)
vulnerability in adobe (CVE-2026-48283). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48313 |
|
Path Traversal in path-traversal (CVE-2026-48313)
path traversal in path-traversal (CVE-2026-48313). Confidential information can be exposed externally.
|
| CVE-2026-48282 KEV |
|
[KEV] Path Traversal in Adobe path-traversal (CVE-2026-48282)
path traversal in Adobe path-traversal (CVE-2026-48282). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-48285 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2026-48285)
SSRF in ssrf (CVE-2026-48285). Confidential information can be exposed externally.
|
| CVE-2026-48307 |
|
Cross-Site Scripting (XSS) in adobe (CVE-2026-48307)
cross-site scripting in adobe (CVE-2026-48307). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48286 |
|
Authorization Flaw in adobe (CVE-2026-48286)
vulnerability in adobe (CVE-2026-48286). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48276 |
|
Unrestricted File Upload in adobe (CVE-2026-48276)
vulnerability in adobe (CVE-2026-48276). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48281 |
|
Vulnerability in adobe (CVE-2026-48281)
vulnerability in adobe (CVE-2026-48281). Successful exploitation can lead to full system takeover.
|
| CVE-2026-48277 |
|
Vulnerability in adobe (CVE-2026-48277)
vulnerability in adobe (CVE-2026-48277). Successful exploitation can lead to full system takeover.
|
| CVE-2026-13455 |
|
Vulnerability in dalibo (CVE-2026-13455)
vulnerability in dalibo (CVE-2026-13455). Risk of unauthorized operations or information disclosure.
|
| GHSA-7m8x-qg2j-4m3v |
|
Information Disclosure in github.com/fission/fission (GHSA-7m8x-qg2j-4m3v)
vulnerability in github.com/fission/fission (GHSA-7m8x-qg2j-4m3v). Risk of unauthorized operations or information disclosure. Exploitable via ``getEnvVarlist``. Mitigation: upgrade to `1.24.0` or later.
|
| CVE-2026-48791 |
|
Vulnerability in dev.sigstore:sigstore-java (CVE-2026-48791)
vulnerability in dev.sigstore:sigstore-java (CVE-2026-48791). Risk of unauthorized operations or information disclosure. Exploitable via ``integratedTime``. Mitigation: upgrade to `2.1.0` or later.
|
| CVE-2026-49473 |
|
Vulnerability in @cedar-policy/authorization-for-expressjs (CVE-2026-49473)
vulnerability in @cedar-policy/authorization-for-expressjs (CVE-2026-49473). Risk of unauthorized operations or information disclosure. Exploitable via `GET /users`. Mitigation: upgrade to `0.3.0` or later.
|
| GHSA-55f6-4pr5-c7m5 |
|
Vulnerability in github.com/kahiteam/kahi (GHSA-55f6-4pr5-c7m5)
vulnerability in github.com/kahiteam/kahi (GHSA-55f6-4pr5-c7m5). Risk of unauthorized operations or information disclosure. Exploitable via ``docker``. Mitigation: upgrade to `0.1.0-alpha.9` or later.
|
| CVE-2026-9263 |
|
Out-of-Bounds Read in c (CVE-2026-9263)
vulnerability in c (CVE-2026-9263). Confidential information can be exposed externally.
|
| CVE-2026-10655 |
|
Use-After-Free in c (CVE-2026-10655)
vulnerability in c (CVE-2026-10655). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10654 |
|
Vulnerability in c (CVE-2026-10654)
vulnerability in c (CVE-2026-10654). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10653 |
|
Vulnerability in c (CVE-2026-10653)
vulnerability in c (CVE-2026-10653). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10652 |
|
Out-of-Bounds Read in c (CVE-2026-10652)
vulnerability in c (CVE-2026-10652). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47198 |
|
Vulnerability in paymenter/paymenter (CVE-2026-47198)
vulnerability in paymenter/paymenter (CVE-2026-47198). Risk of unauthorized operations or information disclosure. Exploitable via ``Checkout``. Mitigation: upgrade to `1.5.1` or later.
|
| CVE-2023-46118 |
|
Vulnerability in rabbit_common (CVE-2023-46118)
vulnerability in rabbit_common (CVE-2023-46118). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.11.24` or later.
|
| CVE-2026-44948 |
|
Vulnerability in path-traversal (CVE-2026-44948)
vulnerability in path-traversal (CVE-2026-44948). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-31008 |
|
Vulnerability in rabbit_common (CVE-2022-31008)
vulnerability in rabbit_common (CVE-2022-31008). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.8.32` or later.
|
| CVE-2026-49451 |
|
Vulnerability in Microsoft.OpenAPI (CVE-2026-49451)
vulnerability in Microsoft.OpenAPI (CVE-2026-49451). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.7.5` or later.
|
| CVE-2026-4360 |
|
Vulnerability in CVE-2026-4360 (CVE-2026-4360)
vulnerability in CVE-2026-4360 (CVE-2026-4360). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35097 |
|
Vulnerability in CVE-2026-35097 (CVE-2026-35097)
vulnerability in CVE-2026-35097 (CVE-2026-35097). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-53648 |
|
SQL Injection in apache (CVE-2025-53648)
SQL injection in apache (CVE-2025-53648). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48192 |
|
Code Injection in CVE-2026-48192 (CVE-2026-48192)
code injection in CVE-2026-48192 (CVE-2026-48192). Data can be tampered with by attackers.
|
| CVE-2026-35096 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-35096)
vulnerability in csrf (CVE-2026-35096). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35095 |
|
Vulnerability in CVE-2026-35095 (CVE-2026-35095)
vulnerability in CVE-2026-35095 (CVE-2026-35095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35098 |
|
Vulnerability in CVE-2026-35098 (CVE-2026-35098)
vulnerability in CVE-2026-35098 (CVE-2026-35098). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8452 |
|
Buffer Overflow in dos (CVE-2026-8452)
vulnerability in dos (CVE-2026-8452). Successful exploitation can lead to full system takeover.
|
| CVE-2026-14178 |
|
Use-After-Free in CVE-2026-14178 (CVE-2026-14178)
vulnerability in CVE-2026-14178 (CVE-2026-14178). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8655 |
|
Buffer Overflow in dos (CVE-2026-8655)
vulnerability in dos (CVE-2026-8655). Successful exploitation can lead to full system takeover.
|