Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Arbitrary Code InjectionCVE-2026-23498
Affects shopware/platform | Versions >=6.7.0.0, <6.7.6.1
Has fix
ComposerPublished 15 Jan 2026
  • H
Arbitrary Code InjectionCVE-2026-23498
Affects shopware/core | Versions >=6.7.0.0, <6.7.6.1
Has fix
ComposerPublished 15 Jan 2026
  • H
Arbitrary Code Injection
Affects algolia/algoliasearch-magento-2 | Versions <3.16.2>=3.17.0-beta.1, <3.17.2
Has fix
ComposerPublished 15 Jan 2026
  • H
Allocation of Resources Without Limits or Throttling
Affects google/protobuf | Versions <5.34.0RC1
Has fix
ComposerPublished 15 Jan 2026
  • M
Missing AuthorizationCVE-2025-59021
Affects typo3/cms-redirects | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 15 Jan 2026
  • H
Missing AuthorizationCVE-2025-59022
Affects typo3/cms-core | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 15 Jan 2026
  • H
Missing AuthorizationCVE-2025-59022
Affects typo3/cms-recycler | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 15 Jan 2026
  • M
Deserialization of Untrusted DataCVE-2026-0859
Affects typo3/cms-core | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 15 Jan 2026
  • H
Cross-site Scripting (XSS)CVE-2025-61676
Affects october/system | Versions <3.7.13>=4.0.0, <4.0.12
Has fix
ComposerPublished 14 Jan 2026
  • H
Cross-site Scripting (XSS)CVE-2025-61676
Affects october/backend | Versions >=0.0.0
Has fix
ComposerPublished 14 Jan 2026
  • H
Cross-site Scripting (XSS)CVE-2025-61674
Affects october/backend | Versions >=0.0.0
Has fix
ComposerPublished 14 Jan 2026
  • H
Cross-site Scripting (XSS)CVE-2025-61674
Affects october/october | Versions <3.7.13>=4.0.0, <4.0.12
Has fix
ComposerPublished 14 Jan 2026
  • M
Incorrect AuthorizationCVE-2025-59020
Affects typo3/cms-core | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 14 Jan 2026
  • M
Incorrect AuthorizationCVE-2025-59020
Affects typo3/cms-backend | Versions <12.4.41>=13.0.0, <13.4.23>=14.0.0, <14.0.2
Has fix
ComposerPublished 14 Jan 2026
  • M
PHP Remote File InclusionCVE-2022-50897
Affects mpdf/mpdf | Versions >=5.5.1
Has fix
ComposerPublished 14 Jan 2026
  • M
Directory TraversalCVE-2026-21857
Affects redaxo/source | Versions <5.20.2
Has fix
ComposerPublished 13 Jan 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2025-68456
Affects craftcms/cms | Versions >=3.0.0, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
  • H
Unsafe ReflectionCVE-2025-68455
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
  • M
Server-side Request Forgery (SSRF)CVE-2025-68437
Affects craftcms/cms | Versions >=3.5.0, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
  • H
Template InjectionCVE-2025-68454
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
  • M
Incorrect AuthorizationCVE-2025-68436
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.16.17>=5.0.0-RC1, <5.8.21
Has fix
ComposerPublished 13 Jan 2026
  • M
Insufficient Session ExpirationCVE-2025-68954
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 13 Jan 2026
  • M
Incorrect AuthorizationCVE-2026-21896
Affects getkirby/cms | Versions >=5.0.0, <5.2.2
Has fix
ComposerPublished 11 Jan 2026
  • M
SQL Injection: HibernateCVE-2026-22242
Affects coreshop/core-bundle | Versions <4.1.8
Has fix
ComposerPublished 8 Jan 2026
  • M
Insufficient Session ExpirationCVE-2025-69197
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 6 Jan 2026
  • H
Improper Validation of Specified Quantity in InputCVE-2023-7332
Affects pocketmine/pocketmine-mp | Versions <4.18.1
Has fix
ComposerPublished 1 Jan 2026
  • L
Improper Encoding or Escaping of OutputCVE-2025-67746
Affects composer/composer | Versions >=2.0.0, <2.2.26>=2.3.0, <2.9.3
Has fix
ComposerPublished 1 Jan 2026
  • M
Cross-site Scripting (XSS)
Affects yourls/yourls | Versions <1.10.3
Has fix
ComposerPublished 31 Dec 2025
  • M
Server-side Request Forgery (SSRF)CVE-2025-15264
Affects feehi/cms | Versions >=0.0.0
Has fix
ComposerPublished 31 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2025-69210
Affects facturascripts/facturascripts | Versions <2025.7
Has fix
ComposerPublished 31 Dec 2025