Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-59703 |
|
Vulnerability in c (CVE-2026-59703)
vulnerability in c (CVE-2026-59703). Confidential information can be exposed externally.
|
| CVE-2026-13533 |
|
Vulnerability in CVE-2026-13533 (CVE-2026-13533)
vulnerability in CVE-2026-13533 (CVE-2026-13533). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-66389 |
|
Vulnerability in microsoft (CVE-2025-66389)
vulnerability in microsoft (CVE-2025-66389). Confidential information can be exposed externally.
|
| CVE-2026-40624 |
|
Vulnerability in cisa (CVE-2026-40624)
vulnerability in cisa (CVE-2026-40624). Successful exploitation can lead to full system takeover.
|
| CVE-2025-14771 |
|
Vulnerability in abb (CVE-2025-14771)
vulnerability in abb (CVE-2025-14771). Successful exploitation can lead to full system takeover.
|
| CVE-2026-45543 |
|
Vulnerability in nextcloud (CVE-2026-45543)
vulnerability in nextcloud (CVE-2026-45543). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40425 |
|
Vulnerability in macgregor (CVE-2026-40425)
vulnerability in macgregor (CVE-2026-40425). Confidential information can be exposed externally.
|
| CVE-2024-56462 |
|
Vulnerability in ibm (CVE-2024-56462)
vulnerability in ibm (CVE-2024-56462). Successful exploitation can lead to full system takeover.
|
| CVE-2024-11399 |
|
Vulnerability in synology (CVE-2024-11399)
vulnerability in synology (CVE-2024-11399). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-40564 |
|
Vulnerability in apache (CVE-2026-40564)
vulnerability in apache (CVE-2026-40564). Confidential information can be exposed externally.
|
| CVE-2026-45721 |
|
Vulnerability in github.com/xyproto/algernon (CVE-2026-45721)
vulnerability in github.com/xyproto/algernon (CVE-2026-45721). Successful exploitation can lead to full system takeover. Exploitable via ``DirPage``. Mitigation: upgrade to `1.17.7` or later.
|
| CVE-2026-8704 |
|
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified.
|
| CVE-2026-33380 |
|
Vulnerability in grafana (CVE-2026-33380)
vulnerability in grafana (CVE-2026-33380). Confidential information can be exposed externally. Mitigation: upgrade to `11.6.14, 12.2.8, 12.3.6, 12.4.3, 13.0.1` or later.
|
| CVE-2026-42063 |
|
Vulnerability in f5 (CVE-2026-42063)
vulnerability in f5 (CVE-2026-42063). Confidential information can be exposed externally.
|
| CVE-2026-40631 |
|
Vulnerability in privilege-escalation (CVE-2026-40631)
vulnerability in privilege-escalation (CVE-2026-40631). Confidential information can be exposed externally.
|
| CVE-2026-35440 |
|
Vulnerability in microsoft (CVE-2026-35440)
vulnerability in microsoft (CVE-2026-35440). Confidential information can be exposed externally.
|
| CVE-2026-32185 |
|
Vulnerability in microsoft (CVE-2026-32185)
vulnerability in microsoft (CVE-2026-32185). Confidential information can be exposed externally.
|
| CVE-2026-31215 |
|
Vulnerability in dos (CVE-2026-31215)
vulnerability in dos (CVE-2026-31215). Data can be tampered with by attackers. Exploitable via `DELETE /{index_name}/documents`.
|
| CVE-2026-31216 |
|
Vulnerability in dos (CVE-2026-31216)
vulnerability in dos (CVE-2026-31216). Data can be tampered with by attackers. Exploitable via `DELETE /storage/{object_name`.
|
| CVE-2026-45088 |
|
Vulnerability in github.com/hahwul/dalfox/v2 (CVE-2026-45088)
vulnerability in github.com/hahwul/dalfox/v2 (CVE-2026-45088). Confidential information can be exposed externally. Exploitable via ``model.Options``. Mitigation: upgrade to `2.13.0` or later.
|
| CVE-2026-39871 |
|
Vulnerability in apple (CVE-2026-39871)
vulnerability in apple (CVE-2026-39871). Confidential information can be exposed externally.
|
| CVE-2026-7817 |
|
Vulnerability in pgadmin4 (CVE-2026-7817)
vulnerability in pgadmin4 (CVE-2026-7817). Confidential information can be exposed externally. Mitigation: upgrade to `9.15` or later.
|
| CVE-2025-0509 |
|
Vulnerability in java (CVE-2025-0509)
vulnerability in java (CVE-2025-0509). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.8.0, 8.0.441` or later.
|
| CVE-2026-6418 |
|
Vulnerability in papercut (CVE-2026-6418)
vulnerability in papercut (CVE-2026-6418). Confidential information can be exposed externally.
|
| CVE-2021-47960 |
|
Vulnerability in synology (CVE-2021-47960)
vulnerability in synology (CVE-2021-47960). Confidential information can be exposed externally.
|
| CVE-2026-34785 |
|
Vulnerability in rack (CVE-2026-34785)
vulnerability in rack (CVE-2026-34785). Confidential information can be exposed externally. Mitigation: upgrade to `3.2.6` or later.
|
| CVE-2016-20025 |
|
Vulnerability in privilege-escalation (CVE-2016-20025)
vulnerability in privilege-escalation (CVE-2016-20025). Successful exploitation can lead to full system takeover.
|
| CVE-2025-66955 |
|
Vulnerability in asseco (CVE-2025-66955)
vulnerability in asseco (CVE-2025-66955). Confidential information can be exposed externally.
|
| CVE-2025-11959 |
|
Vulnerability in CVE-2025-11959 (CVE-2025-11959)
vulnerability in CVE-2025-11959 (CVE-2025-11959). Confidential information can be exposed externally.
|
| CVE-2025-11371 KEV |
|
[KEV] Vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371)
vulnerability in Gladinet centrestack-and-triofox (CVE-2025-11371). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-0620 |
|
Vulnerability in samba (CVE-2025-0620)
vulnerability in samba (CVE-2025-0620). Confidential information can be exposed externally.
|
| CVE-2025-25799 |
|
Vulnerability in seacms (CVE-2025-25799)
vulnerability in seacms (CVE-2025-25799). Confidential information can be exposed externally.
|
| CVE-2024-12917 |
|
Vulnerability in CVE-2024-12917 (CVE-2024-12917)
vulnerability in CVE-2024-12917 (CVE-2024-12917). Confidential information can be exposed externally.
|
| CVE-2024-44807 |
|
Vulnerability in CVE-2024-44807 (CVE-2024-44807)
vulnerability in CVE-2024-44807 (CVE-2024-44807). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-7107 |
|
Vulnerability in nationalkeep (CVE-2024-7107)
vulnerability in nationalkeep (CVE-2024-7107). Confidential information can be exposed externally.
|
| CVE-2024-6878 |
|
Vulnerability in CVE-2024-6878 (CVE-2024-6878)
vulnerability in CVE-2024-6878 (CVE-2024-6878). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-0949 |
|
Vulnerability in CVE-2024-0949 (CVE-2024-0949)
vulnerability in CVE-2024-0949 (CVE-2024-0949). Successful exploitation can lead to full system takeover.
|
| CVE-2020-17519 KEV |
|
[KEV] Vulnerability in Apache flink (CVE-2020-17519)
vulnerability in Apache flink (CVE-2020-17519). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-29225 |
|
Vulnerability in CVE-2024-29225 (CVE-2024-29225)
vulnerability in CVE-2024-29225 (CVE-2024-29225). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-43856 |
|
Vulnerability in iteachyou (CVE-2023-43856)
vulnerability in iteachyou (CVE-2023-43856). Confidential information can be exposed externally.
|
| CVE-2023-38952 |
|
Vulnerability in zkteco (CVE-2023-38952)
vulnerability in zkteco (CVE-2023-38952). Confidential information can be exposed externally.
|
| CVE-2023-29820 |
|
Vulnerability in webroot (CVE-2023-29820)
vulnerability in webroot (CVE-2023-29820). Confidential information can be exposed externally.
|
| CVE-2023-25260 |
|
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion.
|
| CVE-2023-1246 |
|
Vulnerability in saysis (CVE-2023-1246)
vulnerability in saysis (CVE-2023-1246). Confidential information can be exposed externally.
|
| CVE-2022-36552 |
|
Vulnerability in tendacn (CVE-2022-36552)
vulnerability in tendacn (CVE-2022-36552). Confidential information can be exposed externally.
|
| CVE-2022-24138 |
|
Vulnerability in iobit (CVE-2022-24138)
vulnerability in iobit (CVE-2022-24138). Successful exploitation can lead to full system takeover.
|
| CVE-2017-16651 KEV |
|
[KEV] Vulnerability in roundcube (CVE-2017-16651)
vulnerability in roundcube (CVE-2017-16651). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-22769 |
|
Privilege Escalation in schneider-electric (CVE-2021-22769)
vulnerability in schneider-electric (CVE-2021-22769). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15104 |
|
Vulnerability in heketi-project (CVE-2017-15104)
vulnerability in heketi-project (CVE-2017-15104). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12079 |
|
Vulnerability in synology (CVE-2017-12079)
vulnerability in synology (CVE-2017-12079). Confidential information can be exposed externally.
|