Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Insertion of Sensitive Information Into Sent DataCVE-2025-67476
Affects mediawiki/core | Versions <1.44.3>=1.45.0, <1.45.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61645
Affects mediawiki/core | Versions <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2025-67479
Affects mediawiki/core | Versions <1.39.14>=1.42.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-11261
Affects mediawiki/core | Versions <1.39.15>=1.42.0, <1.43.5>=1.44.0, <1.44.2
Has fix
ComposerPublished 4 Feb 2026
  • L
Cross-site Scripting (XSS)CVE-2025-67483
Affects mediawiki/core | Versions <1.43.6>=1.44.0, <1.44.3>=1.45.0, <1.45.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-67484
Affects mediawiki/core | Versions <1.39.16>=1.42.0, <1.43.6>=1.44.0, <1.44.3>=1.45.0, <1.45.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61642
Affects mediawiki/core | Versions <1.39.14>=1.40.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61637
Affects mediawiki/core | Versions <1.39.14>=1.42.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-67477
Affects mediawiki/core | Versions <1.44.3>=1.45.0, <1.45.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-67475
Affects mediawiki/core | Versions <1.39.16>=1.42.0, <1.43.6>=1.44.0, <1.44.3>=1.45.0, <1.45.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61640
Affects mediawiki/core | Versions <1.39.14>=1.40.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • L
Information ExposureCVE-2025-6593
Affects mediawiki/core | Versions <1.39.13>=1.42.0, <1.42.7>=1.43.0, <1.43.2
Has fix
ComposerPublished 4 Feb 2026
  • L
Information ExposureCVE-2025-6589
Affects mediawiki/core | Versions <1.39.13>=1.42.0, <1.42.7>=1.43.0, <1.43.2
Has fix
ComposerPublished 4 Feb 2026
  • L
Information ExposureCVE-2025-6927
Affects mediawiki/core | Versions <1.39.13>=1.42.0, <1.42.7>=1.43.0, <1.43.2
Has fix
ComposerPublished 4 Feb 2026
  • L
Improper AuthenticationCVE-2025-6597
Affects mediawiki/core | Versions <1.39.13>=1.42.0, <1.42.7>=1.43.0, <1.43.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25489
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-6594
Affects mediawiki/core | Versions >=1.27.0, <1.39.13>=1.42.7, <1.42.8>=1.43.2, <1.43.3>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61636
Affects mediawiki/core | Versions <1.39.14>=1.43.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25484
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25482
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25483
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-67855
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2025-67849
Affects moodle/moodle | Versions >=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25486
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2019-25260
Affects oxid-esales/oxideshop-ce | Versions >=6.0.0, <6.3.4
Has fix
ComposerPublished 4 Feb 2026
  • M
Incorrect AuthorizationCVE-2025-67856
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25487
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Open RedirectCVE-2025-67852
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Timing AttackCVE-2026-25597
Affects prestashop/prestashop | Versions <8.2.4>=9.0.0-alpha.1, <9.0.3
Has fix
ComposerPublished 4 Feb 2026
  • C
Arbitrary File Upload
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 4 Feb 2026