Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-1236 Clear
ID Title
CVE-2026-50179 Vulnerability in @actual-app/web (CVE-2026-50179)
vulnerability in @actual-app/web (CVE-2026-50179). Risk of unauthorized operations or information disclosure. Exploitable via ``exportToCSV``. Mitigation: upgrade to `26.6.0` or later.
CVE-2026-46672 Vulnerability in @actual-app/cli (CVE-2026-46672)
vulnerability in @actual-app/cli (CVE-2026-46672). Risk of unauthorized operations or information disclosure. Exploitable via ``escapeCsv``. Mitigation: upgrade to `26.6.0` or later.
CVE-2026-5242 Vulnerability in CVE-2026-5242 (CVE-2026-5242)
vulnerability in CVE-2026-5242 (CVE-2026-5242). Successful exploitation can lead to full system takeover.
CVE-2026-47693 Vulnerability in poweradmin/poweradmin (CVE-2026-47693)
vulnerability in poweradmin/poweradmin (CVE-2026-47693). Confidential information can be exposed externally. Exploitable via ``user``. Mitigation: upgrade to `4.3.3` or later.
CVE-2025-52612 Vulnerability in hcltech (CVE-2025-52612)
vulnerability in hcltech (CVE-2025-52612). Successful exploitation can lead to full system takeover.
CVE-2026-10248 Vulnerability in CVE-2026-10248 (CVE-2026-10248)
vulnerability in CVE-2026-10248 (CVE-2026-10248). Risk of unauthorized operations or information disclosure.
CVE-2026-9673 Vulnerability in json-2-csv (CVE-2026-9673)
vulnerability in json-2-csv (CVE-2026-9673). Confidential information can be exposed externally. Mitigation: upgrade to `5.5.11` or later.
CVE-2026-41073 Vulnerability in CVE-2026-41073 (CVE-2026-41073)
vulnerability in CVE-2026-41073 (CVE-2026-41073). Risk of unauthorized operations or information disclosure.
CVE-2026-35157 Vulnerability in dell (CVE-2026-35157)
vulnerability in dell (CVE-2026-35157). Risk of unauthorized operations or information disclosure.
CVE-2026-42267 Vulnerability in kimai/kimai (CVE-2026-42267)
vulnerability in kimai/kimai (CVE-2026-42267). Data can be tampered with by attackers. Exploitable via `POST /api/tags`. Mitigation: upgrade to `2.54.0` or later.
CVE-2026-27644 Vulnerability in traccar (CVE-2026-27644)
vulnerability in traccar (CVE-2026-27644). Risk of unauthorized operations or information disclosure.
CVE-2023-54348 Vulnerability in c (CVE-2023-54348)
vulnerability in c (CVE-2023-54348). Successful exploitation can lead to full system takeover.
CVE-2025-50572 Vulnerability in CVE-2025-50572 (CVE-2025-50572)
vulnerability in CVE-2025-50572 (CVE-2025-50572). Successful exploitation can lead to full system takeover.
CVE-2023-31867 Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
CVE-2020-28861 Vulnerability in openasset (CVE-2020-28861)
vulnerability in openasset (CVE-2020-28861). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →