Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects craftcms/cms | Versions >=3.4.22, <4.17.5>=5.0.0-alpha.1, <5.9.11
Has fix
ComposerPublished 17 Mar 2026
Affects craftcms/cms | Versions >=5.6.0, <5.9.11
Has fix
ComposerPublished 17 Mar 2026
- C
Incorrect AuthorizationCVE-2026-32267
Affects craftcms/cms | Versions >=3.6.0-RC3, <4.17.6>=5.0.0-alpha.1, <5.9.12
Has fix
ComposerPublished 17 Mar 2026
- M
Directory TraversalCVE-2026-32262
Affects craftcms/cms | Versions >=3.0.0-beta.1, <4.17.5>=5.0.0-alpha.1, <5.9.11
Has fix
ComposerPublished 17 Mar 2026
- C
Deserialization of Untrusted DataCVE-2025-56422
Affects limesurvey/limesurvey | Versions <6.15.0
Has fix
ComposerPublished 16 Mar 2026
- L
Open RedirectCVE-2026-21295
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Incorrect AuthorizationCVE-2026-21296
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- L
Incorrect AuthorizationCVE-2026-21359
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Incorrect AuthorizationCVE-2026-21309
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Improper Input ValidationCVE-2026-21310
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Cross-site Scripting (XSS)CVE-2026-21361
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Directory TraversalCVE-2026-21360
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Server-side Request Forgery (SSRF)CVE-2026-21294
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Cross-site Scripting (XSS)CVE-2026-21311
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-21291
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Improper Input ValidationCVE-2026-21282
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Server-side Request Forgery (SSRF)CVE-2026-21293
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-21292
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Incorrect AuthorizationCVE-2026-21289
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Incorrect AuthorizationCVE-2026-21285
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Cross-site Scripting (XSS)CVE-2026-21290
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- H
Cross-site Scripting (XSS)CVE-2026-21284
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Incorrect AuthorizationCVE-2026-21286
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 16 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-32612
Affects statamic/cms | Versions >=6.0.0-alpha.1, <6.6.2
Has fix
ComposerPublished 16 Mar 2026
- M
Missing AuthorizationCVE-2026-3906
Affects johnpbloch/wordpress-core | Versions >=6.9.0, <6.9.2
Has fix
ComposerPublished 15 Mar 2026
- M
Incorrect AuthorizationCVE-2026-21297
Affects magento/community-edition | Versions <2.4.6-p14>=2.4.7-beta1, <2.4.7-p9>=2.4.8-beta1, <2.4.8-p4>=2.4.9-alpha1, <2.4.9-beta1
Has fix
ComposerPublished 15 Mar 2026
- H
Improper Validation of Integrity Check ValueCVE-2026-32600
Affects simplesamlphp/xml-security | Versions <2.3.1
Has fix
ComposerPublished 15 Mar 2026
- M
Improper Validation of Integrity Check ValueCVE-2026-32313
Affects robrichards/xmlseclibs | Versions <3.1.5
Has fix
ComposerPublished 15 Mar 2026
- H
SQL InjectionCVE-2025-56421
Affects limesurvey/limesurvey | Versions <6.15.4
Has fix
ComposerPublished 13 Mar 2026
- M
Authorization Bypass Through User-Controlled KeyCVE-2026-27591
Affects winter/wn-backend-module | Versions <1.2.12
Has fix
ComposerPublished 13 Mar 2026