Filter and search through 199,308 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-22034 | Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deploymen... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-21896 | ### TL;DR This vulnerability affects all Kirby sites where user permissions are configured to prevent specific role(s) from performing write actions,... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21895 | When creating a RSA private key from its components, the construction panics, instead of returning an error, when one of the primes is `1`. Discover... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21883 | This vulnerability allows for **Cross-Site WebSocket Hijacking (CSWSH)** of a deployed Bokeh server instance. ### Scope This vulnerability is only ... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21867 | Rejected reason: Reason: This candidate was issued in error. | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21860 | Werkzeug's `safe_join` function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are spe... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21852 | A vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirm... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21750 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21749 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21748 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21747 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21746 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21745 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21744 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21697 | axios4go is a Go HTTP client library. Prior to version 0.6.4, a race condition vulnerability exists in the shared HTTP client configuration. The globa... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21696 | ### Summary Wings does not consider SQLite max parameter limit when processing activity log entries allowing for low privileged user to trigger a con... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-21664 | HackerOne community member Huynh Pham Thanh Luc (nigh7c0r3) has reported a reflected XSS vulnerability in the afr.php delivery script of Revive Adserv... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21663 | HackerOne community member Patrick Lang (7yr) has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21652 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |
| CVE-2026-21651 | Rejected reason: Not used | 0.0 | 0 | Neutral | No | No |