Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Missing AuthorizationCVE-2026-28685
Affects kimai/kimai | Versions <2.51.0
Has fix
ComposerPublished 10 Mar 2026
- H
Authorization Bypass Through User-Controlled KeyCVE-2026-29069
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.2>=5.0.0-RC1, <5.9.0-beta.2
Has fix
ComposerPublished 10 Mar 2026
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.2
Has fix
ComposerPublished 10 Mar 2026
- H
Authorization Bypass Through User-Controlled KeyCVE-2026-28782
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- H
Template InjectionCVE-2026-28783
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- H
Template InjectionCVE-2026-28784
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- H
Template InjectionCVE-2026-28695
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.8.7, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- M
Template InjectionCVE-2026-28697
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- M
Missing AuthorizationCVE-2026-28696
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.0-beta.1>=5.0.0-RC1, <5.9.0-beta.1
Has fix
ComposerPublished 10 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-24415
Affects devcode-it/openstamanager | Versions <2.10.1
Has fix
ComposerPublished 9 Mar 2026
- C
Missing Authentication for Critical FunctionCVE-2026-27012
Affects devcode-it/openstamanager | Versions <2.10.1
Has fix
ComposerPublished 9 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-30838
Affects league/commonmark | Versions <2.8.1
Has fix
ComposerPublished 9 Mar 2026
- H
Deserialization of Untrusted DataCVE-2026-3452
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-3242
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- M
Cross-site Request Forgery (CSRF)CVE-2026-2994
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-3244
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-3241
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-3240
Affects concrete5/core | Versions <9.4.8
Has fix
ComposerPublished 6 Mar 2026
- H
Comparing instead of AssigningCVE-2026-26279
Affects froxlor/froxlor | Versions <2.3.4
Has fix
ComposerPublished 3 Mar 2026
- C
SQL InjectionCVE-2026-28501
Affects wwbn/avideo | Versions <24.0
Has fix
ComposerPublished 3 Mar 2026
- H
Arbitrary File UploadCVE-2026-28502
Affects wwbn/avideo | Versions <24.0
Has fix
ComposerPublished 3 Mar 2026
- H
Command InjectionCVE-2026-28507
Affects idno/known | Versions <1.6.4
Has fix
ComposerPublished 3 Mar 2026
- C
Server-side Request Forgery (SSRF)CVE-2026-28508
Affects idno/known | Versions >=0.0.0, <1.6.4
Has fix
ComposerPublished 3 Mar 2026
- H
Missing AuthorizationCVE-2026-27836
Affects thorsten/phpmyfaq | Versions >=0.0.0, <4.0.18>=4.1.0-alpha, <4.1.0-RC.7
Has fix
ComposerPublished 3 Mar 2026
- H
SQL InjectionCVE-2019-25450
Affects dolibarr/dolibarr | Versions <13.0.0
Has fix
ComposerPublished 2 Mar 2026
- M
Missing AuthorizationCVE-2026-28424
Affects statamic/cms | Versions <5.73.11>=6.0.0-alpha.1, <6.4.0
Has fix
ComposerPublished 2 Mar 2026
- H
Incorrect User ManagementCVE-2026-27939
Affects statamic/cms | Versions <5.73.11>=6.0.0-alpha.1, <6.4.0
Has fix
ComposerPublished 2 Mar 2026
- H
SQL InjectionCVE-2019-25452
Affects dolibarr/dolibarr | Versions <10.0.2
Has fix
ComposerPublished 2 Mar 2026
- H
Cross-site Scripting (XSS)CVE-2026-28426
Affects statamic/cms | Versions <5.73.11>=6.0.0-alpha.1, <6.4.0
Has fix
ComposerPublished 2 Mar 2026