Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Cross-site Scripting (XSS)CVE-2026-42615

Affects cyberchef | Versions >=10.6.0 <11.0.0

Has fix

npmPublished 4 May 2026

M

Directory TraversalCVE-2026-41885

Affects i18next-locize-backend | Versions <9.0.2

Has fix

npmPublished 4 May 2026

H

External Control of File Name or PathCVE-2026-41693

Affects i18next-fs-backend | Versions <2.6.4

Has fix

npmPublished 4 May 2026

H

Server-side Request Forgery (SSRF)CVE-2026-42353

Affects i18next-http-middleware | Versions <3.9.3

Has fix

npmPublished 4 May 2026

H

HTTP Response SplittingCVE-2026-41683

Affects i18next-http-middleware | Versions <3.9.3

Has fix

npmPublished 4 May 2026

H

Prototype PollutionCVE-2026-41690

Affects i18next-http-middleware | Versions <3.9.3

Has fix

npmPublished 4 May 2026

L

Cross-site Scripting (XSS)CVE-2026-41692

Affects i18nextify | Versions <4.0.8

Has fix

npmPublished 4 May 2026

M

Server-side Request Forgery (SSRF)CVE-2026-39383

Affects github.com/gotenberg/gotenberg/v8/pkg/gotenberg | Versions >=8.29.1 <8.31.0

Has fix

GoPublished 4 May 2026

M

Open RedirectCVE-2026-42525

Affects org.jenkins-ci.plugins:azure-ad | Versions [,667.v4c5827a_e74a_0)

Has fix

MavenPublished 4 May 2026

H

Improper Validation of Array IndexCVE-2026-41643

Affects github.com/osrg/gobgp/v4/internal/pkg/table | Versions <4.3.0

Has fix

GoPublished 4 May 2026

H

Improper Validation of Array IndexCVE-2026-41643

Affects github.com/osrg/gobgp/internal/pkg/table | Versions >=0.0.0

Has fix

GoPublished 4 May 2026

H

Improper Validation of Array IndexCVE-2026-41643

Affects github.com/osrg/gobgp/v3/internal/pkg/table | Versions >=0.0.0

Has fix

GoPublished 4 May 2026

H

Allocation of Resources Without Limits or ThrottlingCVE-2026-24661

Affects github.com/mattermost/mattermost-plugin-msteams/server | Versions <2.3.2

Has fix

GoPublished 4 May 2026

M

Allocation of Resources Without Limits or ThrottlingCVE-2026-21388

Affects github.com/mattermost/mattermost-plugin-msteams/server | Versions <2.3.2

Has fix

GoPublished 4 May 2026

M

Buffer Underwrite (Buffer Underflow)CVE-2026-26204

Affects wazuh/wazuh | Versions [1.0.0,4.14.4)

Has fix

Unmanaged (C/C++)Published 4 May 2026

M

Brute ForceCVE-2026-26206

Affects wazuh/wazuh | Versions [4.0.0,4.14.4)

Has fix

Unmanaged (C/C++)Published 4 May 2026

M

Stack-based Buffer OverflowCVE-2026-28221

Affects wazuh/wazuh | Versions [4.8.0,4.14.4)

Has fix

Unmanaged (C/C++)Published 4 May 2026

H

Directory TraversalCVE-2026-30893

Affects wazuh/wazuh | Versions [4.4.0,4.14.4)

Has fix

Unmanaged (C/C++)Published 4 May 2026

H

Buffer Underwrite (Buffer Underflow)CVE-2026-41499

Affects wazuh/wazuh | Versions [4.0.0,4.14.4)

Has fix

Unmanaged (C/C++)Published 4 May 2026

C

User ImpersonationCVE-2026-42354

Affects sentry | Versions [21.12.0,]

Has fix

pipPublished 4 May 2026

H

Missing AuthorizationCVE-2026-33489

Affects github.com/coredns/coredns/plugin/transfer | Versions <1.14.3

Has fix

GoPublished 4 May 2026

H

Allocation of Resources Without Limits or ThrottlingCVE-2026-32934

Affects github.com/coredns/coredns/core/dnsserver | Versions <1.14.3

Has fix

GoPublished 4 May 2026

H

Allocation of Resources Without Limits or ThrottlingCVE-2026-32936

Affects github.com/coredns/coredns/plugin/pkg/doh | Versions <1.14.3

Has fix

GoPublished 4 May 2026

C

UNIX Symbolic Link (Symlink) FollowingCVE-2026-42275

Affects github.com/openziti/zrok/drives/davserver | Versions <2.0.2

Has fix

GoPublished 4 May 2026

C

UNIX Symbolic Link (Symlink) FollowingCVE-2026-42275

Affects github.com/openziti/zrok/v2/drives/davserver | Versions <2.0.2

Has fix

GoPublished 4 May 2026

M

Improper AuthorizationCVE-2026-41572

Affects github.com/enchant97/note-mark/backend/services | Versions <0.19.3

Has fix

GoPublished 4 May 2026

C

Improper AuthenticationCVE-2026-41571

Affects github.com/enchant97/note-mark/backend/db | Versions <0.19.3

Has fix

GoPublished 4 May 2026

H

Interpretation ConflictCVE-2026-42273

Affects github.com/dadrus/heimdall/internal/handler/envoyextauth/grpcv3 | Versions <0.17.14

Has fix

GoPublished 4 May 2026

H

Interpretation ConflictCVE-2026-42273

Affects github.com/dadrus/heimdall/internal/rules | Versions <0.17.14

Has fix

GoPublished 4 May 2026

H

Interpretation ConflictCVE-2026-42273

Affects github.com/dadrus/heimdall/internal/handler/requestcontext | Versions <0.17.14

Has fix

GoPublished 4 May 2026

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.