Search Vulnerabilities

pam_usb: XPath injection via PAM-supplied identifiers in pam_usb configuration queries

May 27, 2026

CVE-2026-40165

authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

May 20, 2026

CVE-2026-44664

fast-xml-builder: Comment Value bypass regex

CVE-2026-44665

fast-xml-builder: Attribute values with unwanted quotes can bypass malicious or unwanted attributes

CVE-2026-41650

fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

CVE-2026-41675

xmldom: XML node injection through unvalidated processing instruction serialization

CVE-2026-41674

xmldom: XML injection through unvalidated DocumentType serialization

CVE-2026-41672

xmldom: XML node injection through unvalidated comment serialization

CVE-2026-27693

traccar allows XML injection in KML and GPX exports

May 5, 2026

CVE-2026-32870

Kirby has XML injection in its XML creator toolkit

Apr 24, 2026

CVE-2026-34601

xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion

Apr 2, 2026

CVE-2026-28770

XML injection In /IDC_Logging/checkifdone.cgi Endpoint On IDC SFX Web Management Interface Version 101

Mar 4, 2026

CVE-2026-1554

Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007

Feb 4, 2026

CVE-2022-50902

Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path

Jan 13, 2026

CVE-2025-1545

WatchGuard Firebox XPath Injection Vulnerability in Web CGI

Dec 4, 2025

CVE-2025-66034

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

Nov 29, 2025

CVE-2025-12921

OpenClinica Community Edition CRF Data Import ImportCRFData xml injection

Nov 9, 2025

CVE-2025-7473

XML Injection

Oct 21, 2025

CVE-2025-54251

Adobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91)

CVE-2025-24404

Apache HertzBeat (incubating): RCE by parse http sitemap xml response

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-47273

pam_usb: XPath injection via PAM-supplied identifiers in pam_usb configuration queries

May 27, 2026

CVE-2026-40165

authentik: SAML NameID XML Comment Injection Enables Authentication Bypass via Identifier Truncation

May 20, 2026

CVE-2026-44664

fast-xml-builder: Comment Value bypass regex

CVE-2026-44665

fast-xml-builder: Attribute values with unwanted quotes can bypass malicious or unwanted attributes

CVE-2026-41650

fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters

CVE-2026-41675

xmldom: XML node injection through unvalidated processing instruction serialization

CVE-2026-41674

xmldom: XML injection through unvalidated DocumentType serialization

CVE-2026-41672

xmldom: XML node injection through unvalidated comment serialization

CVE-2026-27693

traccar allows XML injection in KML and GPX exports

May 5, 2026

CVE-2026-32870

Kirby has XML injection in its XML creator toolkit

Apr 24, 2026

CVE-2026-34601

xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion

Apr 2, 2026

CVE-2026-28770

XML injection In /IDC_Logging/checkifdone.cgi Endpoint On IDC SFX Web Management Interface Version 101

Mar 4, 2026

CVE-2026-1554

Central Authentication System (CAS) Server - Less critical - XML Element Injection - SA-CONTRIB-2026-007

Feb 4, 2026

CVE-2022-50902

Wondershare FamiSafe 1.0 - 'FSService' Unquoted Service Path

Jan 13, 2026

CVE-2025-1545

WatchGuard Firebox XPath Injection Vulnerability in Web CGI

Dec 4, 2025

CVE-2025-66034

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib

Nov 29, 2025

CVE-2025-12921

OpenClinica Community Edition CRF Data Import ImportCRFData xml injection

Nov 9, 2025

CVE-2025-7473

XML Injection

Oct 21, 2025

CVE-2025-54251

Adobe Experience Manager | XML Injection (aka Blind XPath Injection) (CWE-91)

CVE-2025-24404

Apache HertzBeat (incubating): RCE by parse http sitemap xml response