Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Deserialization of Untrusted DataCVE-2026-1323
Affects cpsit/typo3-mailqueue | Versions <0.4.5>=0.5.0, <0.5.2
Has fix
ComposerPublished 18 Mar 2026
  • M
Prototype PollutionCVE-2026-31865
Affects elysia | Versions <1.4.27
Has fix
npmPublished 18 Mar 2026
  • L
Missing AuthorizationCVE-2026-4202
Affects ayacoo/redirect-tab | Versions <2.1.2>=3.0.0, <3.1.7>=4.0.0, <4.0.5
Has fix
ComposerPublished 18 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-4175
Affects aureuserp/aureuserp | Versions <1.3.0-BETA1
Has fix
ComposerPublished 18 Mar 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-4208
Affects ralffreit/mfa-email | Versions <2.0.1
Has fix
ComposerPublished 18 Mar 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-26004
Affects sentry | Versions [0,]
Has fix
pipPublished 18 Mar 2026
  • M
Missing AuthorizationCVE-2026-32265
Affects craftcms/aws-s3 | Versions >=2.0.2, <2.2.5
Has fix
ComposerPublished 18 Mar 2026
  • H
Improper Neutralization of Special Elements Used in a Template EngineCVE-2026-32261
Affects craftcms/webhooks | Versions >=3.0.0-beta.1, <3.2.0
Has fix
ComposerPublished 18 Mar 2026
  • M
Missing Authentication for Critical FunctionCVE-2026-32266
Affects craftcms/google-cloud | Versions >=2.0.0-beta.1, <2.2.1
Has fix
ComposerPublished 18 Mar 2026
  • H
Missing AuthorizationCVE-2026-32268
Affects craftcms/azure-blob | Versions >=2.0.0-beta.1, <2.1.1
Has fix
ComposerPublished 18 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-32757
Affects admidio/admidio | Versions <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • M
Cross-site Request Forgery (CSRF)CVE-2026-32755
Affects admidio/admidio | Versions <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • H
Command InjectionCVE-2026-22169
Affects openclaw | Versions <2026.2.22
Has fix
npmPublished 18 Mar 2026
  • H
Missing AuthorizationCVE-2026-32818
Affects admidio/admidio | Versions >=5.0-Beta.1, <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • H
Missing AuthorizationCVE-2026-32817
Affects admidio/admidio | Versions >=5.0-Beta.1, <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-32812
Affects admidio/admidio | Versions >=5.0-Beta.1, <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • H
Arbitrary File UploadCVE-2026-32756
Affects admidio/admidio | Versions <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • H
Improperly Controlled Sequential Memory AllocationCVE-2026-32886
Affects parse-server | Versions <8.6.47>=9.0.0-alpha.1 <9.6.0-alpha.24
Has fix
npmPublished 18 Mar 2026
  • H
SQL InjectionCVE-2026-32813
Affects admidio/admidio | Versions <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • M
Cross-site Request Forgery (CSRF)CVE-2026-32816
Affects admidio/admidio | Versions >=5.0-Beta.1, <5.0.7
Has fix
ComposerPublished 18 Mar 2026
  • M
Weak AuthenticationCVE-2026-33042
Affects parse-server | Versions <8.6.49>=9.0.0-alpha.1 <9.6.0-alpha.29
Has fix
npmPublished 18 Mar 2026
  • H
SQL InjectionCVE-2026-31891
Affects cockpit-hq/cockpit | Versions <2.13.5
Has fix
ComposerPublished 18 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-33035
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 18 Mar 2026
  • H
Permissive Cross-domain Policy with Untrusted DomainsCVE-2026-33043
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 18 Mar 2026
  • L
Time-of-check Time-of-use (TOCTOU) Race ConditionCVE-2026-32943
Affects parse-server | Versions <8.6.48>=9.0.0-alpha.1 <9.6.0-alpha.28
Has fix
npmPublished 18 Mar 2026
  • M
Prototype PollutionCVE-2026-32878
Affects parse-server | Versions <8.6.44>=9.0.0-alpha.1 <9.6.0-alpha.20
Has fix
npmPublished 18 Mar 2026
  • H
Improper Validation of Syntactic Correctness of InputCVE-2026-32770
Affects parse-server | Versions <8.6.43>=9.0.0-alpha.1 <9.6.0-alpha.19
Has fix
npmPublished 18 Mar 2026
  • M
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2026-32742
Affects parse-server | Versions <8.6.42>=9.0.0-alpha.1 <9.6.0-alpha.17
Has fix
npmPublished 18 Mar 2026
  • C
Missing Authentication for Critical FunctionCVE-2026-33038
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 18 Mar 2026
  • H
Uncontrolled RecursionCVE-2026-32944
Affects parse-server | Versions <8.6.45>=9.0.0-alpha.1 <9.6.0-alpha.21
Has fix
npmPublished 18 Mar 2026