Filter and search through 200,118 vulnerabilities
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2026-30869 | ### Summary A path traversal vulnerability in the `/export` endpoint allows an attacker to read arbitrary files from the server filesystem. By exploit... | 0.0 | 0 | Neutral | No |
| No |
| CVE-2026-30863 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 and 9.5.0-alpha.11, t... | 0.0 | 0 | Neutral | Yes | No |
| CVE-2026-3086 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30854 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. From version 9.3.1-alpha.3 to before version 9... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30852 | ### Summary The `vars_regexp` matcher in `vars.go:337` double-expands user-controlled input through the Caddy replacer. When `vars_regexp` matches ag... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30850 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.9 and 9.5.0-alpha.9, the... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3085 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30848 | Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.8 and 9.5.0-alpha.8, the... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30847 | Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the notificationUsers publication in Wekan publishes user docu... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30846 | Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the globalwebhooks publication exposes all global webhook inte... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30845 | Wekan is an open source kanban tool built with Meteor. In versions 8.31.0 through 8.33, the board composite publication in Wekan publishes all integra... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30844 | Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 are vulnerable to Server-Side Request Forgery (SSRF) via attachment URL ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30843 | Wekan is an open source kanban tool built with Meteor. Versions 8.32 and 8.33 have a critical Insecure Direct Object Reference (IDOR) issue which coul... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30841 | Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $_GET["token"] and $_GET["ema... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30840 | Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-3084 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30839 | Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, testwebhooknotifications.php does not validate the targ... | 0.0 | 0 | Neutral | No | No |
| CVE-2026-30838 | ### Impact The `DisallowedRawHtml` extension can be bypassed by inserting a newline, tab, or other ASCII whitespace character between a disallowed HT... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30835 | ### Impact A malformed $regex query parameter (e.g. `[abc)` causes the database to return a structured error object that is passed unsanitized throug... | 0.0 | 0 | Neutral | No | Yes |
| CVE-2026-30833 | Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.10.8, 7.11.5, 7.12.5, 7.13.4, 8.0.2, 8.1.1, and... | 0.0 | 0 | Neutral | No | No |