Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53904 |
|
Vulnerability in dos (CVE-2026-53904)
vulnerability in dos (CVE-2026-53904). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-35098 |
|
Vulnerability in CVE-2026-35098 (CVE-2026-35098)
vulnerability in CVE-2026-35098 (CVE-2026-35098). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11779 |
|
Vulnerability in CVE-2026-11779 (CVE-2026-11779)
vulnerability in CVE-2026-11779 (CVE-2026-11779). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-50176 |
|
Vulnerability in CVE-2026-50176 (CVE-2026-50176)
vulnerability in CVE-2026-50176 (CVE-2026-50176). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-56234 |
|
Vulnerability in CVE-2026-56234 (CVE-2026-56234)
vulnerability in CVE-2026-56234 (CVE-2026-56234). Risk of unauthorized operations or information disclosure. Exploitable via `POST /functions/v1/private/validate_password_compliance`.
|
| CVE-2026-56450 |
|
Vulnerability in CVE-2026-56450 (CVE-2026-56450)
vulnerability in CVE-2026-56450 (CVE-2026-56450). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6853 |
|
Vulnerability in CVE-2026-6853 (CVE-2026-6853)
vulnerability in CVE-2026-6853 (CVE-2026-6853). Successful exploitation can lead to full system takeover.
|
| CVE-2026-3329 |
|
Vulnerability in CVE-2026-3329 (CVE-2026-3329)
vulnerability in CVE-2026-3329 (CVE-2026-3329). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-2414 |
|
Vulnerability in CVE-2025-2414 (CVE-2025-2414)
vulnerability in CVE-2025-2414 (CVE-2025-2414). Confidential information can be exposed externally.
|
| CVE-2025-2415 |
|
Vulnerability in CVE-2025-2415 (CVE-2025-2415)
vulnerability in CVE-2025-2415 (CVE-2025-2415). Confidential information can be exposed externally.
|
| CVE-2026-47380 |
|
Vulnerability in nocodb (CVE-2026-47380)
vulnerability in nocodb (CVE-2026-47380). Risk of unauthorized operations or information disclosure. Exploitable via ``auth.service.ts``. Mitigation: upgrade to `2026.04.1` or later.
|
| CVE-2026-43926 |
|
Vulnerability in nginx (CVE-2026-43926)
vulnerability in nginx (CVE-2026-43926). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36612 |
|
Vulnerability in CVE-2026-36612 (CVE-2026-36612)
vulnerability in CVE-2026-36612 (CVE-2026-36612). Confidential information can be exposed externally.
|
| CVE-2026-36607 |
|
Vulnerability in CVE-2026-36607 (CVE-2026-36607)
vulnerability in CVE-2026-36607 (CVE-2026-36607). Successful exploitation can lead to full system takeover.
|
| CVE-2026-10216 |
|
Vulnerability in CVE-2026-10216 (CVE-2026-10216)
vulnerability in CVE-2026-10216 (CVE-2026-10216). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-47203 |
|
Vulnerability in github.com/authelia/authelia/v4 (CVE-2026-47203)
vulnerability in github.com/authelia/authelia/v4 (CVE-2026-47203). Risk of unauthorized operations or information disclosure. Exploitable via ``Authorization``. Mitigation: upgrade to `4.39.20` or later.
|
| CVE-2026-49324 |
|
Vulnerability in CVE-2026-49324 (CVE-2026-49324)
vulnerability in CVE-2026-49324 (CVE-2026-49324). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-8760 |
|
Vulnerability in wordpress (CVE-2026-8760)
vulnerability in wordpress (CVE-2026-8760). Successful exploitation can lead to full system takeover.
|
| CVE-2026-1816 |
|
Vulnerability in CVE-2026-1816 (CVE-2026-1816)
vulnerability in CVE-2026-1816 (CVE-2026-1816). Confidential information can be exposed externally.
|
| CVE-2026-35675 |
|
Vulnerability in thorsten/phpmyfaq (CVE-2026-35675)
vulnerability in thorsten/phpmyfaq (CVE-2026-35675). Data can be tampered with by attackers. Mitigation: upgrade to `4.1.3` or later.
|
| CVE-2025-61081 |
|
Vulnerability in CVE-2025-61081 (CVE-2025-61081)
vulnerability in CVE-2025-61081 (CVE-2025-61081). Data can be tampered with by attackers.
|
| CVE-2020-37228 |
|
Vulnerability in CVE-2020-37228 (CVE-2020-37228)
vulnerability in CVE-2020-37228 (CVE-2020-37228). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45010 |
|
Vulnerability in thorsten/phpmyfaq (CVE-2026-45010)
vulnerability in thorsten/phpmyfaq (CVE-2026-45010). Confidential information can be exposed externally. Exploitable via `POST /admin/check`. Mitigation: upgrade to `4.1.2` or later.
|
| CVE-2026-45364 |
|
Vulnerability in better-auth (CVE-2026-45364)
vulnerability in better-auth (CVE-2026-45364). Risk of unauthorized operations or information disclosure. Exploitable via ``normalizeIP``. Mitigation: upgrade to `1.5.0-beta.9` or later.
|
| CVE-2025-62313 |
|
Vulnerability in CVE-2025-62313 (CVE-2025-62313)
vulnerability in CVE-2025-62313 (CVE-2025-62313). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-44195 |
|
Vulnerability in opnsense (CVE-2026-44195)
vulnerability in opnsense (CVE-2026-44195). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `26.1.7` or later.
|
| CVE-2025-64526 |
|
Vulnerability in @strapi/plugin-users-permissions (CVE-2025-64526)
vulnerability in @strapi/plugin-users-permissions (CVE-2025-64526). Risk of unauthorized operations or information disclosure. Exploitable via ``ctx.request.body.email``. Mitigation: upgrade to `5.45.0` or later.
|
| CVE-2026-7255 |
|
Vulnerability in zyxel (CVE-2026-7255)
vulnerability in zyxel (CVE-2026-7255). Confidential information can be exposed externally.
|
| CVE-2026-43914 |
|
Vulnerability in dani-garcia (CVE-2026-43914)
vulnerability in dani-garcia (CVE-2026-43914). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.4` or later.
|
| CVE-2026-7820 |
|
Vulnerability in pgadmin4 (CVE-2026-7820)
vulnerability in pgadmin4 (CVE-2026-7820). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `9.15` or later.
|
| CVE-2026-41893 |
|
Vulnerability in signalk-server (CVE-2026-41893)
vulnerability in signalk-server (CVE-2026-41893). Data can be tampered with by attackers. Exploitable via `POST /login`. Mitigation: upgrade to `2.25.0` or later.
|
| CVE-2025-2514 |
|
Vulnerability in hitachi (CVE-2025-2514)
vulnerability in hitachi (CVE-2025-2514). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-36959 |
|
Vulnerability in u-speed (CVE-2026-36959)
vulnerability in u-speed (CVE-2026-36959). Confidential information can be exposed externally.
|
| CVE-2026-6947 |
|
Vulnerability in CVE-2026-6947 (CVE-2026-6947)
vulnerability in CVE-2026-6947 (CVE-2026-6947). Data can be tampered with by attackers.
|
| CVE-2026-41213 |
|
Vulnerability in node-oauth (CVE-2026-41213)
vulnerability in node-oauth (CVE-2026-41213). Confidential information can be exposed externally.
|
| CVE-2025-46606 |
|
Vulnerability in dell (CVE-2025-46606)
vulnerability in dell (CVE-2025-46606). Confidential information can be exposed externally.
|
| CVE-2025-31991 |
|
Vulnerability in hcltech (CVE-2025-31991)
vulnerability in hcltech (CVE-2025-31991). Data can be tampered with by attackers. Mitigation: upgrade to `5.1.7` or later.
|
| CVE-2026-30789 |
|
Vulnerability in rustdesk (CVE-2026-30789)
vulnerability in rustdesk (CVE-2026-30789). Successful exploitation can lead to full system takeover.
|
| CVE-2025-7630 |
|
Authentication Bypass in CVE-2025-7630 (CVE-2025-7630)
authentication bypass in CVE-2025-7630 (CVE-2025-7630). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-4319 |
|
Vulnerability in CVE-2025-4319 (CVE-2025-4319)
vulnerability in CVE-2025-4319 (CVE-2025-4319). Confidential information can be exposed externally.
|
| CVE-2025-1928 |
|
Vulnerability in restajet (CVE-2025-1928)
vulnerability in restajet (CVE-2025-1928). Confidential information can be exposed externally.
|
| CVE-2025-65427 |
|
Vulnerability in dbitnet (CVE-2025-65427)
vulnerability in dbitnet (CVE-2025-65427). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10161 |
|
Vulnerability in CVE-2025-10161 (CVE-2025-10161)
vulnerability in CVE-2025-10161 (CVE-2025-10161). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56224 |
|
Vulnerability in ascertia (CVE-2025-56224)
vulnerability in ascertia (CVE-2025-56224). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2417 |
|
Vulnerability in CVE-2025-2417 (CVE-2025-2417)
vulnerability in CVE-2025-2417 (CVE-2025-2417). Confidential information can be exposed externally.
|
| CVE-2025-2411 |
|
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft TaskPano...
|
| CVE-2025-2416 |
|
Vulnerability in CVE-2025-2416 (CVE-2025-2416)
vulnerability in CVE-2025-2416 (CVE-2025-2416). Confidential information can be exposed externally.
|
| CVE-2025-1740 |
|
Vulnerability in CVE-2025-1740 (CVE-2025-1740)
vulnerability in CVE-2025-1740 (CVE-2025-1740). Successful exploitation can lead to full system takeover.
|
| CVE-2025-2413 |
|
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
Improper Restriction of Excessive Authentication Attempts vulnerability in Akinsoft ProKuafor...
|
| CVE-2025-2412 |
|
Vulnerability in CVE-2025-2412 (CVE-2025-2412)
vulnerability in CVE-2025-2412 (CVE-2025-2412). Confidential information can be exposed externally.
|