Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-409 Clear
ID Title
CVE-2026-55078 Vulnerability in github.com/coder/coder/v2 (CVE-2026-55078)
vulnerability in github.com/coder/coder/v2 (CVE-2026-55078). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/v2/files`. Mitigation: upgrade to `2.29.17` or later.
CVE-2026-24264 Vulnerability in dos (CVE-2026-24264)
vulnerability in dos (CVE-2026-24264). Risk of unauthorized operations or information disclosure.
CVE-2026-13523 Vulnerability in c (CVE-2026-13523)
vulnerability in c (CVE-2026-13523). Risk of unauthorized operations or information disclosure.
CVE-2026-48044 Vulnerability in dos (CVE-2026-48044)
vulnerability in dos (CVE-2026-48044). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.35.11` or later.
CVE-2026-48510 Vulnerability in MessagePack (CVE-2026-48510)
vulnerability in MessagePack (CVE-2026-48510). Risk of unauthorized operations or information disclosure. Exploitable via ``Lz4Block``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-48502 Out-of-Bounds Read in MessagePack (CVE-2026-48502)
vulnerability in MessagePack (CVE-2026-48502). Risk of unauthorized operations or information disclosure. Exploitable via ``tokenSize``. Mitigation: upgrade to `3.1.7` or later.
CVE-2026-47774 Vulnerability in dos (CVE-2026-47774)
vulnerability in dos (CVE-2026-47774). Risk of unauthorized operations or information disclosure. Exploitable via `Cookie header`.
CVE-2026-54233 Vulnerability in vllm (CVE-2026-54233)
vulnerability in vllm (CVE-2026-54233). Risk of unauthorized operations or information disclosure. Exploitable via ``SpeechToTextProcessor``.
CVE-2026-54314 Vulnerability in n8n (CVE-2026-54314)
vulnerability in n8n (CVE-2026-54314). Risk of unauthorized operations or information disclosure. Exploitable via ``N8N_COMPRESSION_NODE_MAX_ZIP_ENTRIES``. Mitigation: upgrade to `2.24.0` or later.
CVE-2026-53430 Vulnerability in dos (CVE-2026-53430)
vulnerability in dos (CVE-2026-53430). Risk of unauthorized operations or information disclosure.
CVE-2026-54278 Vulnerability in aiohttp (CVE-2026-54278)
vulnerability in aiohttp (CVE-2026-54278). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `3.14.1` or later.
CVE-2026-49975 Vulnerability in apache (CVE-2026-49975)
vulnerability in apache (CVE-2026-49975). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.4.68` or later.
CVE-2026-49755 Vulnerability in req (CVE-2026-49755)
vulnerability in req (CVE-2026-49755). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `0.6.1` or later.
CVE-2026-10725 Vulnerability in crux (CVE-2026-10725)
vulnerability in crux (CVE-2026-10725). Risk of unauthorized operations or information disclosure.
CVE-2026-44018 Vulnerability in docling (CVE-2026-44018)
vulnerability in docling (CVE-2026-44018). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.91.0` or later.
CVE-2026-48594 Vulnerability in tesla (CVE-2026-48594)
vulnerability in tesla (CVE-2026-48594). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.18.3` or later.
CVE-2026-8814 Vulnerability in exifreader (CVE-2026-8814)
vulnerability in exifreader (CVE-2026-8814). Risk of unauthorized operations or information disclosure. Exploitable via ``zTXt``. Mitigation: upgrade to `4.39.0` or later.
CVE-2026-43970 Vulnerability in cowlib (CVE-2026-43970)
vulnerability in cowlib (CVE-2026-43970). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.16.1` or later.
CVE-2026-44697 Vulnerability in github.com/klever-io/klever-go (CVE-2026-44697)
vulnerability in github.com/klever-io/klever-go (CVE-2026-44697). Risk of unauthorized operations or information disclosure. Exploitable via ``Batch.Decompress``.
CVE-2026-42886 Vulnerability in CVE-2026-42886 (CVE-2026-42886)
vulnerability in CVE-2026-42886 (CVE-2026-42886). Risk of unauthorized operations or information disclosure. Exploitable via `POST /api/backups/upload`. Mitigation: upgrade to `2.32.2` or later.
CVE-2026-44432 Vulnerability in urllib3 (CVE-2026-44432)
vulnerability in urllib3 (CVE-2026-44432). Risk of unauthorized operations or information disclosure. Exploitable via ``gzip``. Mitigation: upgrade to `2.7.0` or later.
CVE-2026-40192 Vulnerability in pillow (CVE-2026-40192)
vulnerability in pillow (CVE-2026-40192). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `12.2.0` or later.
CVE-2026-29785 Vulnerability in linuxfoundation (CVE-2026-29785)
vulnerability in linuxfoundation (CVE-2026-29785). Risk of unauthorized operations or information disclosure.
CVE-2026-2575 Vulnerability in dos (CVE-2026-2575)
vulnerability in dos (CVE-2026-2575). Risk of unauthorized operations or information disclosure.
CVE-2026-23943 Vulnerability in dos (CVE-2026-23943)
vulnerability in dos (CVE-2026-23943). Risk of unauthorized operations or information disclosure.
CVE-2026-1526 Vulnerability in nodejs (CVE-2026-1526)
vulnerability in nodejs (CVE-2026-1526). Risk of unauthorized operations or information disclosure.
CVE-2026-21441 Vulnerability in urllib3 (CVE-2026-21441)
vulnerability in urllib3 (CVE-2026-21441). Risk of unauthorized operations or information disclosure. Exploitable via ``gzip``.
CVE-2025-69223 Vulnerability in dos (CVE-2025-69223)
vulnerability in dos (CVE-2025-69223). Risk of unauthorized operations or information disclosure.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →