Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Missing Authorization
CVE-2026-47343
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Open Redirect
CVE-2026-47347
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Directory Traversal
CVE-2026-49738
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Directory Traversal
CVE-2026-49742
Affects
typo3/cms-filelist
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-49741
Affects
typo3/cms-form
| Versions
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-install
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-frontend
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-extbase
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-scheduler
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Cross-site Scripting (XSS)
CVE-2026-47348
Affects
typo3/cms-indexed-search
| Versions
>=13.0.0, <13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47350
Affects
typo3/cms-core
| Versions
>=13.0.0, <13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-47346
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-47346
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47352
Affects
typo3/cms-backend
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47351
Affects
typo3/cms-backend
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Arbitrary Code Injection
CVE-2026-54133
Affects
mtdowling/jmespath.php
| Versions
<2.9.1
M
Server-side Request Forgery (SSRF)
CVE-2026-48998
Affects
guzzlehttp/psr7
| Versions
<2.10.2
M
HTTP Response Splitting
CVE-2026-49214
Affects
guzzlehttp/psr7
| Versions
<2.10.2
M
Timing Attack
CVE-2026-48011
Affects
shopware/core
| Versions
<6.6.10.18
>=6.7.0.0, <6.7.10.1
M
Missing Authorization
CVE-2026-53634
Affects
code16/sharp
| Versions
>=9.0.0, <9.22.3
M
Cross-site Scripting (XSS)
CVE-2026-6365
Affects
drupal/core
| Versions
>=8.0.0, <10.5.9
>=10.6.0, <10.6.7
>=11.0.0, <11.2.11
>=11.3.0, <11.3.7
M
Cross-site Scripting (XSS)
CVE-2026-6367
Affects
drupal/core
| Versions
>=11.3.0-alpha1, <11.3.7
M
Cross-site Scripting (XSS)
CVE-2026-49216
Affects
symfony/ux-autocomplete
| Versions
>=2.2.0, <2.36.0
>=3.0.0, <3.1.0
H
Improper Neutralization of Special Elements in Data Query Logic
CVE-2026-49211
Affects
symfony/ux-autocomplete
| Versions
>=2.2.0, <2.36.0
>=3.0.0, <3.1.0
M
CRLF Injection
CVE-2026-48019
Affects
laravel/framework
| Versions
<12.60.0
>=13.0.0, <13.10.0
H
Directory Traversal
CVE-2026-9559
Affects
mautic/core-lib
| Versions
>=7.0.0-alpha, <7.1.2
M
Cross-site Scripting (XSS)
CVE-2026-9811
Affects
mautic/core-lib
| Versions
>=7.0.0-alpha, <7.1.2
M
Incorrect Authorization
CVE-2026-9808
Affects
mautic/core-lib
| Versions
>=7.0.0-alpha, <7.1.2