Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-306 Clear
ID Title
CVE-2026-59705 Vulnerability in CVE-2026-59705 (CVE-2026-59705)
vulnerability in CVE-2026-59705 (CVE-2026-59705). Successful exploitation can lead to full system takeover.
CVE-2026-59706 Vulnerability in ssrf (CVE-2026-59706)
vulnerability in ssrf (CVE-2026-59706). Confidential information can be exposed externally. Exploitable via `GET /api/v1/config/`.
CVE-2026-58473 Vulnerability in CVE-2026-58473 (CVE-2026-58473)
vulnerability in CVE-2026-58473 (CVE-2026-58473). Confidential information can be exposed externally.
CVE-2026-49471 Vulnerability in flask (CVE-2026-49471)
vulnerability in flask (CVE-2026-49471). Successful exploitation can lead to full system takeover. Exploitable via `Host header`.
CVE-2026-53647 Information Disclosure in CVE-2026-53647 (CVE-2026-53647)
vulnerability in CVE-2026-53647 (CVE-2026-53647). Risk of unauthorized operations or information disclosure.
CVE-2026-41899 Vulnerability in CVE-2026-41899 (CVE-2026-41899)
vulnerability in CVE-2026-41899 (CVE-2026-41899). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/feedback`.
CVE-2026-42331 Vulnerability in CVE-2026-42331 (CVE-2026-42331)
vulnerability in CVE-2026-42331 (CVE-2026-42331). Risk of unauthorized operations or information disclosure. Exploitable via ``gateway_id``.
CVE-2026-42341 Vulnerability in CVE-2026-42341 (CVE-2026-42341)
vulnerability in CVE-2026-42341 (CVE-2026-42341). Risk of unauthorized operations or information disclosure.
CVE-2026-53913 Authentication Bypass in apache (CVE-2026-53913)
authentication bypass in apache (CVE-2026-53913). Successful exploitation can lead to full system takeover.
CVE-2026-14714 Authentication Bypass in CVE-2026-14714 (CVE-2026-14714)
authentication bypass in CVE-2026-14714 (CVE-2026-14714). Risk of unauthorized operations or information disclosure.
CVE-2026-14622 Authentication Bypass in CVE-2026-14622 (CVE-2026-14622)
authentication bypass in CVE-2026-14622 (CVE-2026-14622). Risk of unauthorized operations or information disclosure.
CVE-2026-10054 Vulnerability in CVE-2026-10054 (CVE-2026-10054)
vulnerability in CVE-2026-10054 (CVE-2026-10054). Successful exploitation can lead to full system takeover.
CVE-2026-4767 Vulnerability in CVE-2026-4767 (CVE-2026-4767)
vulnerability in CVE-2026-4767 (CVE-2026-4767). Successful exploitation can lead to full system takeover.
CVE-2026-13125 GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
GeoWebPlayer (also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud)...
CVE-2026-58126 Vulnerability in csharp (CVE-2026-58126)
vulnerability in csharp (CVE-2026-58126). Successful exploitation can lead to full system takeover.
CVE-2026-58127 Vulnerability in csharp (CVE-2026-58127)
vulnerability in csharp (CVE-2026-58127). Successful exploitation can lead to full system takeover.
CVE-2026-56286 Vulnerability in csrf (CVE-2026-56286)
vulnerability in csrf (CVE-2026-56286). Data can be tampered with by attackers.
CVE-2026-58446 Vulnerability in nginx (CVE-2026-58446)
vulnerability in nginx (CVE-2026-58446). Risk of unauthorized operations or information disclosure.
CVE-2026-58375 Vulnerability in CVE-2026-58375 (CVE-2026-58375)
vulnerability in CVE-2026-58375 (CVE-2026-58375). Confidential information can be exposed externally. Exploitable via `POST /jmreport/auto/export`.
CVE-2026-44949 Vulnerability in CVE-2026-44949 (CVE-2026-44949)
vulnerability in CVE-2026-44949 (CVE-2026-44949). Risk of unauthorized operations or information disclosure.
CVE-2026-14162 Vulnerability in CVE-2026-14162 (CVE-2026-14162)
vulnerability in CVE-2026-14162 (CVE-2026-14162). Successful exploitation can lead to full system takeover.
CVE-2026-12819 Vulnerability in cisa (CVE-2026-12819)
vulnerability in cisa (CVE-2026-12819). Risk of unauthorized operations or information disclosure.
CVE-2026-56782 Vulnerability in CVE-2026-56782 (CVE-2026-56782)
vulnerability in CVE-2026-56782 (CVE-2026-56782). Successful exploitation can lead to full system takeover.
CVE-2026-13546 Authentication Bypass in CVE-2026-13546 (CVE-2026-13546)
authentication bypass in CVE-2026-13546 (CVE-2026-13546). Risk of unauthorized operations or information disclosure.
CVE-2026-13325 Vulnerability in kubevirt (CVE-2026-13325)
vulnerability in kubevirt (CVE-2026-13325). Successful exploitation can lead to full system takeover.
CVE-2026-40702 Vulnerability in cisa (CVE-2026-40702)
vulnerability in cisa (CVE-2026-40702). Confidential information can be exposed externally.
CVE-2025-71327 Vulnerability in flowiseai (CVE-2025-71327)
vulnerability in flowiseai (CVE-2025-71327). Confidential information can be exposed externally.
CVE-2026-43920 Vulnerability in csrf (CVE-2026-43920)
vulnerability in csrf (CVE-2026-43920). Risk of unauthorized operations or information disclosure.
CVE-2026-54088 OS Command Injection in CVE-2026-54088 (CVE-2026-54088)
OS command injection in CVE-2026-54088 (CVE-2026-54088). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.63.6` or later.
CVE-2026-4522 Vulnerability in CVE-2026-4522 (CVE-2026-4522)
vulnerability in CVE-2026-4522 (CVE-2026-4522). Risk of unauthorized operations or information disclosure.
CVE-2026-54040 Vulnerability in librechat (CVE-2026-54040)
vulnerability in librechat (CVE-2026-54040). Data can be tampered with by attackers. Exploitable via `POST /api/auth/2fa/backup/regenerate`. Mitigation: upgrade to `0.8.4-rc1` or later.
CVE-2026-54036 Vulnerability in librechat (CVE-2026-54036)
vulnerability in librechat (CVE-2026-54036). Data can be tampered with by attackers. Exploitable via `GET /api/auth/2fa/enable`. Mitigation: upgrade to `0.8.4-rc1` or later.
CVE-2026-12490 Vulnerability in nlnetlabs (CVE-2026-12490)
vulnerability in nlnetlabs (CVE-2026-12490). Confidential information can be exposed externally.
CVE-2026-54068 Vulnerability in CVE-2026-54068 (CVE-2026-54068)
vulnerability in CVE-2026-54068 (CVE-2026-54068). Confidential information can be exposed externally. Mitigation: upgrade to `3.7.0` or later.
CVE-2026-33543 Vulnerability in CVE-2026-33543 (CVE-2026-33543)
vulnerability in CVE-2026-33543 (CVE-2026-33543). Risk of unauthorized operations or information disclosure.
CVE-2026-13164 Vulnerability in CVE-2026-13164 (CVE-2026-13164)
vulnerability in CVE-2026-13164 (CVE-2026-13164). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/auth/register/`.
CVE-2026-56262 Vulnerability in kidocode (CVE-2026-56262)
vulnerability in kidocode (CVE-2026-56262). Risk of unauthorized operations or information disclosure.
CVE-2026-13007 Vulnerability in CVE-2026-13007 (CVE-2026-13007)
vulnerability in CVE-2026-13007 (CVE-2026-13007). Confidential information can be exposed externally.
CVE-2026-1840 Vulnerability in cisa (CVE-2026-1840)
vulnerability in cisa (CVE-2026-1840). Risk of unauthorized operations or information disclosure.
CVE-2026-27604 Information Disclosure in csrf (CVE-2026-27604)
vulnerability in csrf (CVE-2026-27604). Risk of unauthorized operations or information disclosure. Exploitable via ``system``.
CVE-2026-10711 Vulnerability in CVE-2026-10711 (CVE-2026-10711)
vulnerability in CVE-2026-10711 (CVE-2026-10711). Successful exploitation can lead to full system takeover.
CVE-2026-50136 Vulnerability in @budibase/server (CVE-2026-50136)
vulnerability in @budibase/server (CVE-2026-50136). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/attachments/`. Mitigation: upgrade to `3.39.2` or later.
CVE-2026-56321 Vulnerability in CVE-2026-56321 (CVE-2026-56321)
vulnerability in CVE-2026-56321 (CVE-2026-56321). Risk of unauthorized operations or information disclosure. Exploitable via `GET /private/role_bindings/`.
CVE-2026-41047 Vulnerability in presire (CVE-2026-41047)
vulnerability in presire (CVE-2026-41047). Confidential information can be exposed externally.
CVE-2026-6673 Vulnerability in mattermost (CVE-2026-6673)
vulnerability in mattermost (CVE-2026-6673). Data can be tampered with by attackers.
CVE-2026-56299 Vulnerability in dos (CVE-2026-56299)
vulnerability in dos (CVE-2026-56299). Risk of unauthorized operations or information disclosure.
CVE-2026-12795 Authentication Bypass in litellm (CVE-2026-12795)
authentication bypass in litellm (CVE-2026-12795). Risk of unauthorized operations or information disclosure.
CVE-2026-56346 Vulnerability in CVE-2026-56346 (CVE-2026-56346)
vulnerability in CVE-2026-56346 (CVE-2026-56346). Risk of unauthorized operations or information disclosure.
CVE-2026-54317 Information Disclosure in homeassistant (CVE-2026-54317)
vulnerability in homeassistant (CVE-2026-54317). Confidential information can be exposed externally. Exploitable via `Authorization header`. Mitigation: upgrade to `2026.6.0` or later.
CVE-2026-9142 Vulnerability in ni (CVE-2026-9142)
vulnerability in ni (CVE-2026-9142). Confidential information can be exposed externally.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →