Disclosed Vulnerabilities | Snyk

All disclosed vulnerabilities by Snyk

- H
Improper Verification of Cryptographic Signature in sjcl (npm)
Discovered by Kr0emer
16 Mar 2026
- H
Authorization Bypass Through User-Controlled Key in flowise (npm)
Discovered by Berk Dedekargınoğlu
16 Mar 2026
- H
Directory Traversal in @google/clasp (npm)
Discovered by Gouri Sankar A
15 Mar 2026
- C
Improper Handling of Case Sensitivity in @whyour/qinglong (npm)
Discovered by Stephen Thoemmes
12 Mar 2026
- C
Remote Code Execution (RCE) in @whyour/qinglong (npm)
Discovered by Edward W
12 Mar 2026
- M
Cross-site Scripting (XSS) in spin.js (npm)
Discovered by Eric Cornelissen, Samuel Kajava
10 Mar 2026
- C
Arbitrary Code Injection in es-toolkit (npm)
Discovered by Makoto Maeda
9 Mar 2026
- M
Cross-site Scripting (XSS) in mailparser (npm)
Discovered by Ravishanker Kusuma
2 Mar 2026
- M
Incorrect Control Flow Scoping in @tootallnate/once (npm)
Discovered by Nanak Singh Khurana
2 Mar 2026
- C
Arbitrary Code Injection in unisharp/laravel-filemanager (composer)
Discovered by Nam Vo Thanh, James Nicoll
25 Feb 2026