Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-2053 |
|
SSRF (Server-Side Request Forgery) in wso2 (CVE-2026-2053)
SSRF in wso2 (CVE-2026-2053). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10470 |
|
Vulnerability in wso2 (CVE-2025-10470)
vulnerability in wso2 (CVE-2025-10470). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9973 |
|
Vulnerability in privilege-escalation (CVE-2025-9973)
vulnerability in privilege-escalation (CVE-2025-9973). Confidential information can be exposed externally.
|
| CVE-2025-8325 |
|
Vulnerability in wso2 (CVE-2025-8325)
vulnerability in wso2 (CVE-2025-8325). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10908 |
|
Authorization Flaw in c (CVE-2025-10908)
vulnerability in c (CVE-2025-10908). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-8154 |
|
Vulnerability in wso2 (CVE-2025-8154)
vulnerability in wso2 (CVE-2025-8154). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-0391 |
|
Vulnerability in wso2 (CVE-2024-0391)
vulnerability in wso2 (CVE-2024-0391). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-13590 |
|
Unrestricted File Upload in wso2 (CVE-2025-13590)
vulnerability in wso2 (CVE-2025-13590). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29464 KEV |
|
[KEV] Path Traversal in Wso2 multiple-products (CVE-2022-29464)
path traversal in Wso2 multiple-products (CVE-2022-29464). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-14995 |
|
Cross-Site Scripting (XSS) in wso2 (CVE-2017-14995)
cross-site scripting in wso2 (CVE-2017-14995). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-14651 |
|
Cross-Site Scripting (XSS) in wso2 (CVE-2017-14651)
cross-site scripting in wso2 (CVE-2017-14651). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4314 |
|
Path Traversal in path-traversal (CVE-2016-4314)
path traversal in path-traversal (CVE-2016-4314). Confidential information can be exposed externally.
|
| CVE-2016-4315 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-4315)
vulnerability in csrf (CVE-2016-4315). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4316 |
|
Cross-Site Scripting (XSS) in wso2 (CVE-2016-4316)
cross-site scripting in wso2 (CVE-2016-4316). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4327 |
|
Cross-Site Scripting (XSS) in wso2 (CVE-2016-4327)
cross-site scripting in wso2 (CVE-2016-4327). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4311 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-4311)
vulnerability in csrf (CVE-2016-4311). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4312 |
|
XXE (XML External Entity) in ssrf (CVE-2016-4312)
vulnerability in ssrf (CVE-2016-4312). Successful exploitation can lead to full system takeover.
|