| Bug | Description | Note |
|---|
| CVE-2016-1584 | In all versions of Unity8 a running but not active application on a la ... | check proper tracking update |
| CVE-2018-25246 | Wikipedia 12.0 contains a denial of service vulnerability that allows ... | check |
| CVE-2018-25305 | librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that all ... | check |
| CVE-2018-25306 | PDFunite 0.41.0 contains a buffer overflow vulnerability that allows l ... | check |
| CVE-2019-25485 | R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the ... | check |
| CVE-2019-25683 | FileZilla 3.40.0 contains a denial of service vulnerability in the loc ... | check |
| CVE-2022-23538 | github.com/sylabs/scs-library-client is the Go client for the Singular ... | check details, might as well affect golang-github-apptainer-container-library-client |
| CVE-2022-50942 | Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerab ... | check status upstream |
| CVE-2023-26044 | react/http is an event-driven, streaming HTTP client and server implem ... | check, is embedded inicinga-php-thirdparty, icingaweb2-module-reactbundle possibly affected |
| CVE-2023-47268 | In libslic3r/GCode/PostProcessor.cpp in Prusa PrusaSlicer through 2.6. ... | check |
| CVE-2023-49316 | In Math/BinaryField.php in phpseclib 3 before 3.0.34, excessively larg ... | check if affecting ldap-account-manager or unused path |
| CVE-2023-50251 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50252 | php-svg-lib is an SVG file parsing / rendering library. Prior to versi ... | check, other packages are embedding the library: civicrm, icinga-php-thirdparty and icingaweb2 to be checked |
| CVE-2023-50262 | Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ... | check sources embedding php-dompdf if affected |
| CVE-2024-22420 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-22421 | JupyterLab is an extensible environment for interactive and reproducib ... | check completeness, src:jupyter-notebook? |
| CVE-2024-47091 | Privilege escalation in the mk_mysql agent plugin on Windows in Checkm ... | check |
| CVE-2024-54192 | An issue inTcpreplay v4.5.1 allows a local attacker to cause a denial ... | check |
| CVE-2025-3110 | OpenVPN Access Server 2.7.2 through 3.1.0 accepts bare line-feed seque ... | check |
| CVE-2025-4382 | A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ... | double check if vulnerability only considered present after grub_is_cli_disabled is introduced |
| CVE-2025-6499 | A vulnerability classified as problematic was found in vstakhov libucl ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-8671 | A mismatch caused by client-triggered server-sent stream resets betwee ... | check, some projects will assign own CVEs and should then be covered under that specific CVE instead |
| CVE-2025-8941 | A flaw was found in linux-pam. The pam_namespace module may improperly ... | check likely RedHat specific incomplete fix for CVE-2025-6020, but asked to pinpoint incomplete fixes |
| CVE-2025-11010 | A vulnerability has been found in vstakhov libucl up to 0.9.2. Affecte ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2025-11147 | Reflected cross-site scripting (XSS) in Apt-Cacher-NG v3.2.1. The vuln ... | clarifying with reporter and Eduard Bloch on the issue. |
| CVE-2025-14575 | An Uncontrolled Search Path Element vulnerability in the OpenSSL TLS b ... | check |
| CVE-2025-15569 | A flaw has been found in Artifex MuPDF up to 1.26.1 on Windows. The im ... | check |
| CVE-2025-15667 | A vulnerability was determined in GPAC up to 2.5-DEV. This vulnerabili ... | check |
| CVE-2025-15668 | A vulnerability was identified in GPAC up to b40ce70f5. This issue aff ... | check |
| CVE-2025-33221 | NVIDIA Display Driver for Windows and Linux contains a vulnerability i ... | check |
| CVE-2025-56814 | A code injection vulnerability in the wxExecute() function of OpenCPN ... | check |
| CVE-2025-58064 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ... | check |
| CVE-2025-60796 | phpPgAdmin 7.13.0 and earlier contains multiple cross-site scripting ( ... | check, possibly not reported upstream |
| CVE-2025-60797 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | check, possibly not reported upstream |
| CVE-2025-60798 | phpPgAdmin 7.13.0 and earlier contains a SQL injection vulnerability i ... | check, possibly not reported upstream |
| CVE-2025-60799 | phpPgAdmin 7.13.0 and earlier contains an incorrect access control vul ... | check, possibly not reported upstream |
| CVE-2025-61261 | A reflected cross-site scripting (XSS) vulnerability in CKeditor v46.1 ... | check |
| CVE-2025-61982 | An arbitrary code execution vulnerability exists in the Code Stream di ... | check upstream status |
| CVE-2025-66578 | xmlseclibs is a library written in PHP for working with XML Encryption ... | check |
| CVE-2025-67108 | eProsima Fast-DDS v3.3 was discovered to contain improper validation f ... | check https://gist.github.com/lkloliver/81b5d5a8328d712dbfd497bf11dbe913, unclear if reported upstream |
| CVE-2025-69534 | Python-Markdown version 3.8 contain a vulnerability where malformed HT ... | Asking whether it really needs a backport: https://bugs.debian.org/1131896 |
| CVE-2025-69720 | The infocmp command-line tool in ncurses before 6.5-20251213 has a sta ... | check upstream status |
| CVE-2025-69969 | A lack of authentication and authorization mechanisms in the Bluetooth ... | check |
| CVE-2025-70887 | An issue in ralphje Signify before v.0.9.2 allows a remote attacker to ... | check |
| CVE-2026-0708 | A flaw was found in libucl. A remote attacker could exploit this by pr ... | check if impacts security wise rspamd, which embeds libucl and uses it a compile time |
| CVE-2026-1703 | When pip is installing and extracting a maliciously crafted wheel arch ... | check as well pipenv |
| CVE-2026-4833 | A weakness has been identified in Orc discount up to 3.0.1.2. This iss ... | check libtext-markdown-discount-perl, ruby-rdiscount, cantor, embedding discount; check if security impact present |
| CVE-2026-7701 | A security vulnerability has been detected in Telegram Desktop up to 6 ... | check |
| CVE-2026-7790 | Uncontrolled Resource Consumption vulnerability in ninenines cowlib (c ... | check if embedded copy in rabbitmq-server is problematic |
| CVE-2026-8484 | A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl()" ... | double-check source packages, as there is not much details from cert.pl post |
| CVE-2026-8851 | SOGo versions 5.12.7 and prior contains a SQL injection vulnerability ... | check correctness |
| CVE-2026-8863 | Multiple Microsoft-sigend UEFI SHIM bootloaders are vulnerable to Secu ... | check |
| CVE-2026-10097 | wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compar ... | check |
| CVE-2026-10098 | OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_s ... | check |
| CVE-2026-10512 | The X25519 x86_64 assembly implementation fails to clear the most sign ... | check |
| CVE-2026-10592 | Certificates with wildcard DNS SANs (e.g. *.example.com) bypassed CA n ... | check |
| CVE-2026-10706 | In Adalo\u2019s no-code app builder, (Versions 1 and 2) the attackers ... | check |
| CVE-2026-10708 | This vulnerability enables large\u2011scale data harvesting without re ... | check |
| CVE-2026-11310 | X.509 trust-chain bypass in the OpenSSL compatibility certificate veri ... | check |
| CVE-2026-11703 | Missing SNI/ALPN binding on stateful (session-ID) resumption, which pr ... | check |
| CVE-2026-11999 | X.509 trust-chain bypass (path-depth exhaustion) in the OpenSSL compat ... | check |
| CVE-2026-12340 | Out-of-bounds heap read during SM2/SM3 certificate signature verificat ... | check |
| CVE-2026-12616 | The /v1/upload/sbom endpoint extracts the iss claim from the attacker- ... | check |
| CVE-2026-12681 | Improper Validation of Specified Index, Position, or Offset in Input v ... | check |
| CVE-2026-13500 | A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected ... | check upstream reporting and status |
| CVE-2026-13501 | A security vulnerability has been detected in antlr ANTLR4 up to 4.13. ... | check upstream reporting and status |
| CVE-2026-13502 | A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the f ... | check upstream reporting and status |
| CVE-2026-13503 | A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by ... | check upstream reporting and status |
| CVE-2026-13696 | Improper neutralization of special elements used in an LDAP query ('LD ... | check |
| CVE-2026-14178 | openGauss \u5728\u5904\u7406\u5e26 NLS \u53c2\u6570\u7684 to_timestamp ... | check |
| CVE-2026-14191 | An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) ... | check |
| CVE-2026-14362 | HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of ... | check |
| CVE-2026-14468 | HashiCorp Terraform Enterprise contained an issue in its version contr ... | check |
| CVE-2026-14801 | A security vulnerability has been detected in GPAC 26.03-DEV-rev342-g8 ... | check |
| CVE-2026-14867 | Credentials of built-in users are insecurely stored in the User direct ... | check |
| CVE-2026-14868 | The encryption algorithm used to protect the configuration of user acc ... | check |
| CVE-2026-14966 | BBOT's unarchive module rejects archives containing symlink entries be ... | check |
| CVE-2026-14967 | BBOT's `github_workflows` module could be induced to write a downloade ... | check |
| CVE-2026-15033 | A flaw has been found in christopherthielen check-peer-dependencies up ... | check |
| CVE-2026-15034 | A vulnerability has been found in flask-dashboard Flask-MonitoringDash ... | check |
| CVE-2026-15035 | A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the ... | check |
| CVE-2026-15036 | A vulnerability was determined in Harness up to 2.28.2. This vulnerabi ... | check |
| CVE-2026-15041 | A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password v ... | check |
| CVE-2026-15044 | A flaw was found in the TrustyAI Service Operator. When deploying serv ... | check |
| CVE-2026-15062 | SQL injection vulnerabilities in the Snowflake Snowpark Python SDK (sn ... | check |
| CVE-2026-15063 | A flaw was found in the gorch service template, which is part of the t ... | check |
| CVE-2026-15067 | Snowflake Terraform Provider versions prior to 2.18.0 contain several ... | check |
| CVE-2026-22739 | Vulnerability in Spring Cloud when substituting the profile parameter ... | check |
| CVE-2026-22927 | Omnissa Workspace ONE\xae Tunnel for Windows addresses a Local Privi ... | check |
| CVE-2026-23479 | Redis is an in-memory data structure store. In redis-server from 7.2.0 ... | check redict and valkey |
| CVE-2026-23631 | Redis is an in-memory data structure store. In all versions of redis-s ... | check redict and valkey |
| CVE-2026-24182 | NVIDIA Display Driver for Windows and Linux contains a vulnerability w ... | check |
| CVE-2026-24187 | NVIDIA Display Driver for Linux contains a vulnerability where an atta ... | check |
| CVE-2026-24190 | NVIDIA Display Driver for Windows and Linux contains a vulnerability i ... | check |
| CVE-2026-24191 | NVIDIA Display Driver for Windows contains a vulnerability where an at ... | check |
| CVE-2026-24192 | NVIDIA Display Driver for Linux contains a vulnerability where an atta ... | check |
| CVE-2026-24193 | NVIDIA Display Driver for Windows and Linux contains a vulnerability w ... | check |
| CVE-2026-24194 | NVIDIA Display Driver for Linux contains a vulnerability in a kernel m ... | check |
| CVE-2026-24195 | NVIDIA Display Driver for Linux contains a vulnerability in UVM, where ... | check |
| CVE-2026-24196 | NVIDIA Display Driver for Linux contains a vulnerability where a user ... | check |
| CVE-2026-24197 | NVIDIA Display Driver for Linux contains a vulnerability in the Multi- ... | check |
| CVE-2026-24198 | NVIDIA GPU Display Driver for Linux contains a vulnerability where an ... | check |
| CVE-2026-24199 | NVIDIA Display Driver for Linux contains a vulnerability in a kernel m ... | check |
| CVE-2026-24697 | An OS command injection vulnerability exists in the start_bonjour() fu ... | check |
| CVE-2026-24698 | An OS command injection vulnerability exists in the save_syslog_to_fil ... | check |
| CVE-2026-24699 | An OS command injection vulnerability exists in the sub_34984() functi ... | check |
| CVE-2026-24700 | An OS command injection vulnerability exists in the start_lltd() funct ... | check |
| CVE-2026-25243 | Redis is an in-memory data structure store. In versions of redis-serve ... | check redict and valkey |
| CVE-2026-25701 | An Insecure Temporary File vulnerability in openSUSE sdbootutil allows ... | check |
| CVE-2026-25702 | A Improper Access Control vulnerability in the kernel of SUSE SUSE Lin ... | check |
| CVE-2026-27586 | Caddy is an extensible server platform that uses TLS by default. Prior ... | check, introducing version |
| CVE-2026-27704 | The Dart and Flutter SDKs provide software development kits for the Da ... | check |
| CVE-2026-27738 | The Angular SSR is a server-rise rendering tool for Angular applicatio ... | check |
| CVE-2026-27739 | The Angular SSR is a server-rise rendering tool for Angular applicatio ... | check |
| CVE-2026-27970 | Angular is a development platform for building mobile and desktop web ... | check status for older versions |
| CVE-2026-28343 | CKEditor 5 is a modern JavaScript rich-text editor with an MVC archite ... | check |
| CVE-2026-28378 | The public dashboard deletion endpoint does not enforce organization i ... | check |
| CVE-2026-28687 | ImageMagick is free and open-source software used for editing and mani ... | For imagemagick6 superseded by fix inside jumbo patch for CVE-2026-28686, first patch was incomplete |
| CVE-2026-28687 | ImageMagick is free and open-source software used for editing and mani ... | Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/6a602fb36f181a0089848344a3b0d79fc6155a2b (6.9.13-41) |
| CVE-2026-28688 | ImageMagick is free and open-source software used for editing and mani ... | For imagemagick6 by fix inside jumbo patch for CVE-2026-28686, first patch was incomplete |
| CVE-2026-28688 | ImageMagick is free and open-source software used for editing and mani ... | Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/6a602fb36f181a0089848344a3b0d79fc6155a2b (6.9.13-41) |
| CVE-2026-29007 | U-Boot through 2026.04-rc3 contains an out-of-bounds read vulnerabilit ... | check |
| CVE-2026-29008 | U-Boot through 2026.04-rc3 contains an integer underflow vulnerability ... | check |
| CVE-2026-29009 | U-Boot through 2026.04-rc3 contains a buffer overflow vulnerability in ... | check |
| CVE-2026-29022 | dr_libs dr_wav.h version 0.14.4 and earlier (fixed in commit 8a7258c) ... | qtads, dosbox-x, roc-toolkit, octave-ltfat, faudio bundle a copy, check security impact |
| CVE-2026-30478 | A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer ... | check |
| CVE-2026-30479 | A Dynamic-link Library Injection vulnerability in OSGeo Project MapSer ... | check |
| CVE-2026-31053 | A double free vulnerability exists in librz/bin/format/le/le.c in the ... | check |
| CVE-2026-32148 | Insufficient Verification of Data Authenticity vulnerability in hexpm ... | check |
| CVE-2026-32313 | xmlseclibs is a library written in PHP for working with XML Encryption ... | check |
| CVE-2026-32600 | xml-security is a library that implements XML signatures and encryptio ... | check |
| CVE-2026-32635 | Angular is a development platform for building mobile and desktop web ... | check status for older versions |
| CVE-2026-33397 | The Angular SSR is a server-rise rendering tool for Angular applicatio ... | check |
| CVE-2026-34240 | JOSE is a Javascript Object Signing and Encryption (JOSE) library. Pri ... | check |
| CVE-2026-36162 | An authenticated stored cross-site scripting (XSS) vulnerability in th ... | check |
| CVE-2026-36163 | An HTML injection vulnerability in the file view endpoint of LiquidFil ... | check |
| CVE-2026-36189 | Buffer Overflow vulnerability in Uncrustify Project Affected v.Uncrust ... | check |
| CVE-2026-36499 | A missing upper-bound check in the udpif_set_threads() function of Ope ... | check, unclear status/validity |
| CVE-2026-39860 | Nix is a package manager for Linux and other Unix systems. A bug in th ... | check, potentially affecting guix if same issue in backporting fix for CVE-2024-2729 |
| CVE-2026-40033 | FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in ... | unclear fixing commit references, incorrect reference in CVE entry? |
| CVE-2026-40968 | When an authenticated user is denied access to a gRPC method, their au ... | check |
| CVE-2026-40969 | The raw message of every server-side AuthenticationException is return ... | check |
| CVE-2026-41889 | pgx is a PostgreSQL driver and toolkit for Go. Prior to version 5.9.2, ... | check the other golang-github-jackc-pgx* sources |
| CVE-2026-42199 | Grid is a data structure grid for rust. From version 0.17.0 to before ... | check |
| CVE-2026-42308 | Pillow is a Python imaging library. Prior to version 12.2.0, if a font ... | research fixing commit(s), maybe https://github.com/python-pillow/Pillow/pull/9518/changes |
| CVE-2026-42503 | gopls by default communicates via pipe. However, -port and -listen fla ... | check impact on golang-golang-x-tools |
| CVE-2026-44437 | The Angular SSR is a server-rise rendering tool for Angular applicatio ... | check |
| CVE-2026-44840 | Dgraph is an open source distributed GraphQL database. Prior to versio ... | check |
| CVE-2026-44933 | `PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot ... | check |
| CVE-2026-45388 | In OCaml-TLS before 2.1.0, the client implementation does insufficient ... | check |
| CVE-2026-45389 | In OCaml-TLS before 2.1.0, the server implementation does insufficient ... | check |
| CVE-2026-45390 | In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in ... | check |
| CVE-2026-46727 | An issue was discovered in Ruby 4 before 4.0.5. A race condition leadi ... | check |
| CVE-2026-49033 | The application contains a stack-based buffer overflow vulnerability t ... | check |
| CVE-2026-49145 | App::Ack versions through 3.10.0 for Perl read arbitrary files via --f ... | check |
| CVE-2026-49146 | App::Ack versions before 3.10.0 for Perl allow memory exhaustion via a ... | check |
| CVE-2026-49147 | App::Ack versions through 3.10.0 for Perl print unsanitised terminal e ... | check |
| CVE-2026-49294 | Valhalla is an open source routing engine and accompanying libraries f ... | check |
| CVE-2026-50810 | A NULL pointer dereference in smooth_parse_stream_index() in src/media ... | check |
| CVE-2026-50812 | A NULL pointer dereference in the SQLite Session Extension in SQLite 3 ... | check |
| CVE-2026-50813 | An issue in SQLite before Fossil check-in 869a51ae84df allows a local ... | check |
| CVE-2026-53951 | Copier is a library and CLI app for rendering project templates. In ve ... | check |
| CVE-2026-54061 | Dgraph is an open source distributed GraphQL database. Prior to versio ... | check |
| CVE-2026-54344 | ToolJet is an open-source low-code platform for building internal tool ... | check |
| CVE-2026-54652 | Frigate is an open source network video recorder. In version 0.17.1, t ... | check |
| CVE-2026-55223 | c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0 ... | check if that is an issue with the packaged version |
| CVE-2026-55654 | A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds ... | check details, AI generated report |
| CVE-2026-55655 | A flaw was found in OpenSSH. A local unprivileged attacker on a Linux ... | check details, AI generated report |
| CVE-2026-55668 | File Browser provides a web file managing interface. Prior to 2.63.16, ... | check |
| CVE-2026-55761 | Portainer Community Edition is a lightweight service delivery platform ... | check |
| CVE-2026-55873 | SeaweedFS is a distributed storage system. In versions 4.08 through 4. ... | check |
| CVE-2026-55874 | SeaweedFS is a distributed storage system. Prior to 4.34, the S3 API g ... | check |
| CVE-2026-56004 | A shellcode injection in the mercurial handler of the obs tar_scm sour ... | check |
| CVE-2026-56217 | Capgo before 12.128.2 contains a policy bypass vulnerability in app_ve ... | check |
| CVE-2026-56220 | Capgo before 12.128.2 contains an authorization bypass vulnerability i ... | check |
| CVE-2026-56226 | Capgo (Cap-go/capgo) before 12.128.2 exposes the Supabase PostgREST RP ... | check |
| CVE-2026-56246 | Capgo before 12.128.2 contains a broken access control vulnerability i ... | check |
| CVE-2026-56250 | Capgo before 12.128.2 allows upload-scoped API keys to modify the muta ... | check |
| CVE-2026-56283 | Capgo before 12.128.2 contains an html injection vulnerability in the ... | check |
| CVE-2026-56284 | Capgo (Cap-go/capgo) before 12.128.2 contains an information disclosur ... | check |
| CVE-2026-56293 | Capgo before 12.128.2 contains an authorization flaw in transfer_app() ... | check |
| CVE-2026-56297 | FreeRDP before 3.22.0 contains a use-after-free vulnerability in dvcma ... | check |
| CVE-2026-56298 | Capgo before 12.128.2 fails to strip EXIF metadata from images uploade ... | check |
| CVE-2026-56359 | n8n before 2.8.0 contains a cross-site scripting vulnerability in the ... | check |
| CVE-2026-56360 | n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 sig ... | check |
| CVE-2026-56362 | ImageMagick before 7.1.2-15 contains a heap-buffer-overflow read vulne ... | check |
| CVE-2026-56374 | ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerabil ... | check |
| CVE-2026-56401 | Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer derefe ... | check |
| CVE-2026-56775 | n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vuln ... | check |
| CVE-2026-56776 | n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypa ... | check |
| CVE-2026-56778 | n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization b ... | check |
| CVE-2026-57439 | CyberChef is a web app for encryption, encoding, compression, and data ... | check |
| CVE-2026-58050 | libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute c ... | check with upstream, only affecting libssh2 on Winddows? |
| CVE-2026-58051 | libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but ... | check with upstream, only affecting libssh2 on Winddows? |
| CVE-2026-58052 | 7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web ... | check |
| CVE-2026-58465 | Eclipse Wakaama before snapshot/2026-05-26 contains an unbounded memor ... | check |
| CVE-2026-58480 | Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an u ... | check |
| CVE-2026-58654 | The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrest ... | check |
| CVE-2026-58656 | Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= ... | check |
| CVE-2026-58657 | Grav before 2.0.0 (affected through 2.0.0-rc.9 and the 2.0 branch) con ... | check |
| CVE-2026-59253 | n8n before 2.28.0 contains an improper authorization vulnerability all ... | check |
| CVE-2026-59257 | n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 conta ... | check |
| CVE-2026-59262 | AFFiNE's histories GraphQL field fails to validate Doc.Read permission ... | check |
| CVE-2026-59702 | repomix contains a server-side request forgery vulnerability in the PO ... | check |
| CVE-2026-59703 | repomix contains a local file inclusion vulnerability in the git clone ... | check |
| CVE-2026-59724 | Socket.IO enables bidirectional and low-latency communication for ever ... | check |
| CVE-2026-59725 | Socket.IO enables bidirectional and low-latency communication for ever ... | check |
| CVE-2026-59731 | Astro is a web framework for content-driven websites. Version 6.4.7 pe ... | check |
| CVE-2026-59868 | js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2. ... | check |
| CVE-2026-59869 | js-yaml is a JavaScript YAML parser and dumper. From 3.0.0 before 3.15 ... | check |
| CVE-2026-59870 | js-yaml is a JavaScript YAML parser and dumper. From 5.0.0 before 5.2. ... | check |
| CVE-2026-59871 | node-tar is a tar archive manipulation library for Node.js. Prior to 7 ... | check |
| CVE-2026-59873 | node-tar is a tar archive manipulation library for Node.js. Prior to 7 ... | check |
| CVE-2026-59874 | node-tar is a tar archive manipulation library for Node.js. Prior to 7 ... | check |
| CVE-2026-59875 | node-tar is a tar archive manipulation library for Node.js. Prior to 7 ... | check |
| CVE-2026-59876 | protobufjs compiles protobuf definitions into JavaScript (JS) function ... | check |
| CVE-2026-59877 | protobufjs compiles protobuf definitions into JavaScript (JS) function ... | check |
| CVE-2026-59879 | Immutable.js provides many Persistent Immutable data structures. Prior ... | check |
| CVE-2026-59880 | Immutable.js provides many Persistent Immutable data structures. Prior ... | check |
| CVE-2026-59887 | linkify-it is a links recognition library with full Unicode support. P ... | check |