Disclosed Vulnerabilities | Snyk

Vulnerability disclosures and reports sent to us from members of the community
Vulnerabilities we've uncovered by monitoring security chatter and trends across open source ecosystems
Partnerships with organizations and academic institutions
Research done internally by the Snyk Security Team

Report a new vulnerability

Featured disclosed vulnerabilities

Cross-site Scripting (XSS)

Affects

jquery-validation

Discovered by Volkan Ceylan

Prototype Pollution

Affects

Discovered by Miguel Monteiro

Buffer Overflow

Affects

Discovered by Cris Staicu

Recently disclosed vulnerabilities by Snyk

- M
Cross-site Scripting (XSS) in jquery-validation (npm)
Discovered by Volkan Ceylan
14 Apr 2025
- M
Prototype Pollution in expand-object (npm)
Discovered by Miguel Monteiro
3 Apr 2025
- H
Buffer Overflow in bigint-buffer (npm)
Discovered by Cris Staicu
3 Apr 2025
- H
Server-side Request Forgery (SSRF) in spatie/browsershot (composer)
Discovered by Ngan Jun Ming
3 Apr 2025
- M
Cross-site Scripting (XSS) in react-draft-wysiwyg (npm)
Discovered by Thai Do Nhat
3 Apr 2025
- H
Server-Side Request Forgery (SSRF) in nossrf (npm)
Discovered by Liran Tal
23 Mar 2025
- H
Cross-site Scripting (XSS) in phpoffice/phpexcel (composer)
Discovered by Nikkolai Fernandez
7 Mar 2025
- C
Embedded Malicious Code in cdn-icon-fetcher-help (npm)
5 Mar 2025
- C
Embedded Malicious Code in cdn-icon-fetch (npm)
5 Mar 2025
- M
Insertion of Sensitive Information into Log File in ray (pip)
Discovered by Letao Jiang
5 Mar 2025

View all vulnerabilities disclosed by Snyk