Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Use of Cache Containing Sensitive Information
CVE-2026-49858
Affects
api-platform/core
| Versions
>=2.6.0-alpha.1, <4.1.29
>=4.2.0-alpha.1, <4.2.25
>=4.3.0-alpha.1, <4.3.8
H
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-54164
Affects
api-platform/core
| Versions
<4.1.30
>=4.2.0-alpha.1, <4.2.26
>=4.3.0-alpha.1, <4.3.12
M
SQL Injection
CVE-2026-14363
Affects
mediawiki/cargo
| Versions
<3.9.1
M
Cross-site Scripting (XSS)
CVE-2026-54720
Affects
silverstripe/framework
| Versions
<6.2.2
H
Directory Traversal
CVE-2026-58451
Affects
horde/imp
| Versions
<7.0.1
M
Weak Password Recovery Mechanism for Forgotten Password
Affects
kimai/kimai
| Versions
<2.58.0
H
Incorrect Authorization
CVE-2026-49981
Affects
twig/twig
| Versions
<3.27.0
M
Cross-site Request Forgery (CSRF)
CVE-2026-58518
Affects
samwilson/redirectmanager
| Versions
<1.3.3
M
Cross-site Scripting (XSS)
CVE-2026-58519
Affects
mediawiki/cargo
| Versions
<3.9.1
H
Improper Privilege Management
CVE-2026-57995
Affects
phpmyfaq/phpmyfaq
| Versions
<4.1.5
H
Improper Privilege Management
CVE-2026-57995
Affects
thorsten/phpmyfaq
| Versions
<4.1.5
M
Race Condition
CVE-2026-55219
Affects
paymenter/paymenter
| Versions
<1.5.5
H
Authorization Bypass Through User-Controlled Key
CVE-2026-47198
Affects
paymenter/paymenter
| Versions
<1.5.1
L
Authorization Bypass Through User-Controlled Key
CVE-2026-8347
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8340
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Scripting (XSS)
CVE-2026-8353
Affects
concrete5/concrete5
| Versions
>=9.0.0RC.1, <9.5.1
M
Cross-site Scripting (XSS)
CVE-2026-57958
Affects
inovector/mixpost
| Versions
>=0.0.0
H
Cross-site Scripting (XSS)
CVE-2026-54087
Affects
easycorp/easyadmin-bundle
| Versions
>=5.0.0, <5.0.13
M
Directory Traversal
Affects
easycorp/easyadmin-bundle
| Versions
>=4.0.0, <4.29.10
>=5.0.0, <5.0.10
H
Missing Authorization
CVE-2026-57518
Affects
pagekit/pagekit
| Versions
>=0.0.0
H
Race Condition
CVE-2026-47741
Affects
shopper/cart
| Versions
<2.8.0
H
Race Condition
CVE-2026-47741
Affects
shopper/framework
| Versions
<2.8.0
H
Arbitrary File Upload
CVE-2026-39292
Affects
hansschouten/phpagebuilder
| Versions
>=0.31.0
M
Cross-site Scripting (XSS)
CVE-2020-37256
Affects
getgrav/grav
| Versions
<1.6.30
H
Improper Handling of Unexpected Data Type
CVE-2026-47110
Affects
ueberdosis/tiptap-php
| Versions
<2.1.1
H
Open Redirect
CVE-2026-54588
Affects
poweradmin/poweradmin
| Versions
<4.2.4
>=4.3.0, <4.3.3
H
Server-side Request Forgery (SSRF)
CVE-2026-50888
Affects
koillection/koillection
| Versions
>=1.8.0
M
Authorization Bypass Through User-Controlled Key
CVE-2026-12204
Affects
shopxo/shopxo
| Versions
>=6.7.0
H
Cross-site Request Forgery (CSRF)
CVE-2026-55741
Affects
cotonti/cotonti
| Versions
>=1.0.0
M
Server-side Request Forgery (SSRF)
CVE-2026-50552
Affects
phanan/koel
| Versions
<9.7.1