Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Incorrect AuthorizationCVE-2026-40574
Affects github.com/oauth2-proxy/oauth2-proxy/v7 | Versions <7.15.2
Has fix
GoPublished 22 Apr 2026
- H
Incorrect AuthorizationCVE-2026-40574
Affects github.com/oauth2-proxy/oauth2-proxy | Versions <7.15.2
Has fix
GoPublished 22 Apr 2026
- M
Information ExposureCVE-2026-22746
Affects org.springframework.security:spring-security-core | Versions [,6.5.10)[7.0.0-M1,7.0.5)
Has fix
MavenPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-29179
Affects october/october | Versions >=0.0.0
Has fix
ComposerPublished 22 Apr 2026
- H
User ImpersonationCVE-2026-22747
Affects org.springframework.security:spring-security-web | Versions [7.0.0-M1,7.0.5)
Has fix
MavenPublished 22 Apr 2026
- M
Incorrect AuthorizationCVE-2026-26067
Affects october/october | Versions >=0.0.0
Has fix
ComposerPublished 22 Apr 2026
- H
Incomplete List of Disallowed InputsCVE-2026-26274
Affects october/october | Versions >=0.0.0
Has fix
ComposerPublished 22 Apr 2026
- L
Cross-site Scripting (XSS)CVE-2026-27937
Affects october/october | Versions >=0.0.0
Has fix
ComposerPublished 22 Apr 2026
- H
Access Control BypassCVE-2026-22754
Affects org.springframework.security:spring-security-config | Versions [7.0.0-M1,7.0.5)
Has fix
MavenPublished 22 Apr 2026
- H
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-41059
Affects github.com/oauth2-proxy/oauth2-proxy/pkg/requests/util | Versions <7.15.2
Has fix
GoPublished 22 Apr 2026
- H
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-41059
Affects github.com/oauth2-proxy/oauth2-proxy/v7/pkg/requests/util | Versions <7.15.2
Has fix
GoPublished 22 Apr 2026
- H
Missing AuthorizationCVE-2026-41266
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
- M
Time-of-check Time-of-use (TOCTOU) Race ConditionCVE-2026-22751
Affects org.springframework.security:spring-security-core | Versions [6.4.0,6.5.10)[7.0.0-M1,7.0.5)
Has fix
MavenPublished 22 Apr 2026
- H
Improper Verification of Cryptographic SignatureCVE-2026-40372
Affects microsoft.aspnetcore.dataprotection | Versions [10.0.0,10.0.7)
Has fix
NuGetPublished 22 Apr 2026
Affects kube-health-tools | Versions *
No fix available
npmPublished 22 Apr 2026
Affects xinference | Versions [2.6.0][2.6.1][2.6.2]
Has fix
pipPublished 22 Apr 2026
- H
Arbitrary File UploadCVE-2026-41269
Affects flowise-components | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
- H
Arbitrary File UploadCVE-2026-41269
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
- H
Missing Authentication for Critical FunctionCVE-2026-41273
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-41131
Affects github.com/openfga/openfga/pkg/storage | Versions <1.14.1
Has fix
GoPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-41131
Affects github.com/openfga/openfga/pkg/server/commands | Versions <1.14.1
Has fix
GoPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-41131
Affects github.com/openfga/openfga/pkg/server | Versions <1.14.1
Has fix
GoPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-41131
Affects github.com/openfga/openfga/internal/validation | Versions <1.14.1
Has fix
GoPublished 22 Apr 2026
- L
Incorrect AuthorizationCVE-2026-41131
Affects github.com/openfga/openfga/internal/utils | Versions <1.14.1
Has fix
GoPublished 22 Apr 2026
- M
Deserialization of Untrusted DataCVE-2026-25917
Affects apache-airflow-core | Versions [,3.2.0)
Has fix
pipPublished 22 Apr 2026
- H
Missing AuthorizationCVE-2026-40870
Affects decidim-comments | Versions <0.30.5>=0.30.0.rc1, <0.31.1
Has fix
RubyGemsPublished 22 Apr 2026
- H
Missing AuthorizationCVE-2026-40870
Affects decidim-api | Versions <0.30.5>=0.30.0.rc1, <0.31.1
Has fix
RubyGemsPublished 22 Apr 2026