Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-53648 |
|
Vulnerability in CVE-2026-53648 (CVE-2026-53648)
vulnerability in CVE-2026-53648 (CVE-2026-53648). Risk of unauthorized operations or information disclosure. Exploitable via ``servicedownloadable.manage``.
|
| CVE-2026-14611 |
|
Information Disclosure in CVE-2026-14611 (CVE-2026-14611)
vulnerability in CVE-2026-14611 (CVE-2026-14611). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-57231 |
|
Information Disclosure in podman-project (CVE-2026-57231)
vulnerability in podman-project (CVE-2026-57231). Confidential information can be exposed externally. Mitigation: upgrade to `5.8.4` or later.
|
| CVE-2026-56077 |
|
Vulnerability in CVE-2026-56077 (CVE-2026-56077)
vulnerability in CVE-2026-56077 (CVE-2026-56077). Confidential information can be exposed externally.
|
| CVE-2026-50202 |
|
Vulnerability in Steeltoe.Security.Authentication.JwtBearer (CVE-2026-50202)
vulnerability in Steeltoe.Security.Authentication.JwtBearer (CVE-2026-50202). Confidential information can be exposed externally. Exploitable via ``TokenKeyResolver``. Mitigation: upgrade to `4.2.0` or later.
|
| CVE-2026-53826 |
|
Vulnerability in c (CVE-2026-53826)
vulnerability in c (CVE-2026-53826). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-48096 |
|
Vulnerability in github.com/openfga/openfga (CVE-2026-48096)
vulnerability in github.com/openfga/openfga (CVE-2026-48096). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.16.0` or later.
|
| CVE-2026-42535 |
|
Vulnerability in apache (CVE-2026-42535)
vulnerability in apache (CVE-2026-42535). Data can be tampered with by attackers. Mitigation: upgrade to `2.4.68` or later.
|
| CVE-2025-15653 |
|
Vulnerability in CVE-2025-15653 (CVE-2025-15653)
vulnerability in CVE-2025-15653 (CVE-2025-15653). Successful exploitation can lead to full system takeover.
|
| CVE-2026-47141 |
|
Vulnerability in vm2 (CVE-2026-47141)
vulnerability in vm2 (CVE-2026-47141). Risk of unauthorized operations or information disclosure. Exploitable via `Host header`. Mitigation: upgrade to `3.11.4` or later.
|
| CVE-2026-46430 |
|
Vulnerability in github.com/xyproto/algernon (CVE-2026-46430)
vulnerability in github.com/xyproto/algernon (CVE-2026-46430). Risk of unauthorized operations or information disclosure. Exploitable via ``http.Server.Addr``. Mitigation: upgrade to `1.17.7` or later.
|
| CVE-2026-8958 |
|
Vulnerability in mozilla (CVE-2026-8958)
vulnerability in mozilla (CVE-2026-8958). Confidential information can be exposed externally.
|
| CVE-2026-46723 |
|
Vulnerability in tpwd/ke_search (CVE-2026-46723)
vulnerability in tpwd/ke_search (CVE-2026-46723). Risk of unauthorized operations or information disclosure. Exploitable via ``ke_search``. Mitigation: upgrade to `4.6.7` or later.
|
| CVE-2026-45411 |
|
Vulnerability in vm2 (CVE-2026-45411)
vulnerability in vm2 (CVE-2026-45411). Successful exploitation can lead to full system takeover. Exploitable via ``return``. Mitigation: upgrade to `3.11.3` or later.
|
| CVE-2026-42875 |
|
Vulnerability in github.com/external-secrets/external-secrets (CVE-2026-42875)
vulnerability in github.com/external-secrets/external-secrets (CVE-2026-42875). Risk of unauthorized operations or information disclosure. Exploitable via ``ConfigMap``. Mitigation: upgrade to `2.4.0` or later.
|
| CVE-2026-34094 |
|
Vulnerability in mediawiki (CVE-2026-34094)
vulnerability in mediawiki (CVE-2026-34094). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-34095 |
|
Vulnerability in mediawiki (CVE-2026-34095)
vulnerability in mediawiki (CVE-2026-34095). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20160 |
|
Vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160)
vulnerability in Cisco smart-software-manager-on-prem (CVE-2026-20160). Successful exploitation can lead to full system takeover.
|
| CVE-2026-44552 |
|
Vulnerability in open-webui (CVE-2026-44552)
vulnerability in open-webui (CVE-2026-44552). Confidential information can be exposed externally. Exploitable via ``REDIS_KEY_PREFIX``. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2026-44009 |
|
Vulnerability in vm2 (CVE-2026-44009)
vulnerability in vm2 (CVE-2026-44009). Successful exploitation can lead to full system takeover. Exploitable via ``handleException``. Mitigation: upgrade to `3.11.2` or later.
|
| CVE-2026-44008 |
|
Vulnerability in vm2 (CVE-2026-44008)
vulnerability in vm2 (CVE-2026-44008). Successful exploitation can lead to full system takeover. Exploitable via ``neutralizeArraySpeciesBatch``. Mitigation: upgrade to `3.11.2` or later.
|
| CVE-2026-44338 |
|
Vulnerability in PraisonAI (CVE-2026-44338)
vulnerability in PraisonAI (CVE-2026-44338). Risk of unauthorized operations or information disclosure. Exploitable via `POST /chat`. Mitigation: upgrade to `4.6.34` or later.
|
| CVE-2025-54502 |
|
Vulnerability in privilege-escalation (CVE-2025-54502)
vulnerability in privilege-escalation (CVE-2025-54502). Successful exploitation can lead to full system takeover.
|
| CVE-2026-34780 |
|
Vulnerability in electronjs (CVE-2026-34780)
vulnerability in electronjs (CVE-2026-34780). Successful exploitation can lead to full system takeover.
|
| CVE-2026-28806 |
|
Vulnerability in nerves-hub (CVE-2026-28806)
vulnerability in nerves-hub (CVE-2026-28806). Successful exploitation can lead to full system takeover.
|
| CVE-2025-38670 |
|
Vulnerability in linux (CVE-2025-38670)
vulnerability in linux (CVE-2025-38670). Confidential information can be exposed externally.
|
| CVE-2025-22069 |
|
Vulnerability in c (CVE-2025-22069)
vulnerability in c (CVE-2025-22069). Successful exploitation can lead to full system takeover.
|
| CVE-2024-13484 |
|
Vulnerability in CVE-2024-13484 (CVE-2024-13484)
vulnerability in CVE-2024-13484 (CVE-2024-13484). Successful exploitation can lead to full system takeover.
|
| CVE-2024-21626 |
|
Vulnerability in linuxfoundation (CVE-2024-21626)
vulnerability in linuxfoundation (CVE-2024-21626). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39056 |
|
Vulnerability in coffee-jumbo-project (CVE-2023-39056)
vulnerability in coffee-jumbo-project (CVE-2023-39056). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39049 |
|
Vulnerability in youmart-tokunaga-project (CVE-2023-39049)
vulnerability in youmart-tokunaga-project (CVE-2023-39049). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39046 |
|
Vulnerability in tonton-tei-waiting-project (CVE-2023-39046)
vulnerability in tonton-tei-waiting-project (CVE-2023-39046). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39058 |
|
Vulnerability in the-b-members-card-project (CVE-2023-39058)
vulnerability in the-b-members-card-project (CVE-2023-39058). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39043 |
|
Vulnerability in ykc (CVE-2023-39043)
vulnerability in ykc (CVE-2023-39043). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39040 |
|
Vulnerability in cheese-cafe-line-project (CVE-2023-39040)
vulnerability in cheese-cafe-line-project (CVE-2023-39040). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-39039 |
|
Vulnerability in camp-style-project-line-project (CVE-2023-39039)
vulnerability in camp-style-project-line-project (CVE-2023-39039). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-36761 KEV |
|
[KEV] Vulnerability in Microsoft word (CVE-2023-36761)
vulnerability in Microsoft word (CVE-2023-36761). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2023-38955 |
|
Vulnerability in zkteco (CVE-2023-38955)
vulnerability in zkteco (CVE-2023-38955). Confidential information can be exposed externally.
|
| CVE-2023-31818 |
|
Vulnerability in marukyu (CVE-2023-31818)
vulnerability in marukyu (CVE-2023-31818). Confidential information can be exposed externally.
|
| CVE-2023-35696 |
|
Vulnerability in sick (CVE-2023-35696)
vulnerability in sick (CVE-2023-35696). Confidential information can be exposed externally.
|
| CVE-2023-2703 |
|
Vulnerability in finexmedia (CVE-2023-2703)
vulnerability in finexmedia (CVE-2023-2703). Confidential information can be exposed externally.
|
| CVE-2023-23448 |
|
Vulnerability in sick (CVE-2023-23448)
vulnerability in sick (CVE-2023-23448). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-29820 |
|
Vulnerability in webroot (CVE-2023-29820)
vulnerability in webroot (CVE-2023-29820). Confidential information can be exposed externally.
|
| CVE-2022-38599 |
|
Vulnerability in goteleport (CVE-2022-38599)
vulnerability in goteleport (CVE-2022-38599). Confidential information can be exposed externally.
|
| CVE-2022-24139 |
|
Vulnerability in iobit (CVE-2022-24139)
vulnerability in iobit (CVE-2022-24139). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45420 |
|
Information Disclosure in dos (CVE-2021-45420)
vulnerability in dos (CVE-2021-45420). Successful exploitation can lead to full system takeover.
|
| CVE-2021-46354 |
|
Vulnerability in cybelesoft (CVE-2021-46354)
vulnerability in cybelesoft (CVE-2021-46354). Confidential information can be exposed externally.
|
| CVE-2021-42641 |
|
Vulnerability in printerlogic (CVE-2021-42641)
vulnerability in printerlogic (CVE-2021-42641). Confidential information can be exposed externally.
|
| CVE-2021-42640 |
|
Vulnerability in printerlogic (CVE-2021-42640)
vulnerability in printerlogic (CVE-2021-42640). Confidential information can be exposed externally.
|
| CVE-2021-40639 |
|
Vulnerability in jflyfox (CVE-2021-40639)
vulnerability in jflyfox (CVE-2021-40639). Confidential information can be exposed externally.
|