Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-50179 |
|
Vulnerability in @actual-app/web (CVE-2026-50179)
vulnerability in @actual-app/web (CVE-2026-50179). Risk of unauthorized operations or information disclosure. Exploitable via ``exportToCSV``. Mitigation: upgrade to `26.6.0` or later.
|
| CVE-2026-46672 |
|
Vulnerability in @actual-app/cli (CVE-2026-46672)
vulnerability in @actual-app/cli (CVE-2026-46672). Risk of unauthorized operations or information disclosure. Exploitable via ``escapeCsv``. Mitigation: upgrade to `26.6.0` or later.
|
| CVE-2026-5242 |
|
Vulnerability in CVE-2026-5242 (CVE-2026-5242)
vulnerability in CVE-2026-5242 (CVE-2026-5242). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47693 |
|
Vulnerability in poweradmin/poweradmin (CVE-2026-47693)
vulnerability in poweradmin/poweradmin (CVE-2026-47693). Confidential information can be exposed externally. Exploitable via ``user``. Mitigation: upgrade to `4.3.3` or later.
|
| CVE-2025-52612 |
|
Vulnerability in hcltech (CVE-2025-52612)
vulnerability in hcltech (CVE-2025-52612). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10248 |
|
Vulnerability in CVE-2026-10248 (CVE-2026-10248)
vulnerability in CVE-2026-10248 (CVE-2026-10248). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-9673 |
|
Vulnerability in json-2-csv (CVE-2026-9673)
vulnerability in json-2-csv (CVE-2026-9673). Confidential information can be exposed externally. Mitigation: upgrade to `5.5.11` or later.
|
| CVE-2026-41073 |
|
Vulnerability in CVE-2026-41073 (CVE-2026-41073)
vulnerability in CVE-2026-41073 (CVE-2026-41073). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35157 |
|
Vulnerability in dell (CVE-2026-35157)
vulnerability in dell (CVE-2026-35157). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-42267 |
|
Vulnerability in kimai/kimai (CVE-2026-42267)
vulnerability in kimai/kimai (CVE-2026-42267). Data can be tampered with by attackers. Exploitable via `POST /api/tags`. Mitigation: upgrade to `2.54.0` or later.
|
| CVE-2026-27644 |
|
Vulnerability in traccar (CVE-2026-27644)
vulnerability in traccar (CVE-2026-27644). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-54348 |
|
Vulnerability in c (CVE-2023-54348)
vulnerability in c (CVE-2023-54348). Successful exploitation can lead to full system takeover.
|
| CVE-2025-50572 |
|
Vulnerability in CVE-2025-50572 (CVE-2025-50572)
vulnerability in CVE-2025-50572 (CVE-2025-50572). Successful exploitation can lead to full system takeover.
|
| CVE-2023-31867 |
|
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection.
|
| CVE-2020-28861 |
|
Vulnerability in openasset (CVE-2020-28861)
vulnerability in openasset (CVE-2020-28861). Risk of unauthorized operations or information disclosure.
|