Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Improper Handling of Insufficient Permissions or PrivilegesCVE-2025-67848
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2025-67850
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Insertion of Sensitive Information Into Sent DataCVE-2025-67857
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2026-25513
Affects facturascripts/facturascripts | Versions <2025.8
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2020-11023
Affects components/jquery | Versions <3.5.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Arbitrary File UploadCVE-2026-25510
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2026-25514
Affects facturascripts/facturascripts | Versions <2025.8>=2025.11, <2025.81
Has fix
ComposerPublished 4 Feb 2026
  • M
Information ExposureCVE-2026-25523
Affects openmage/magento-lts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • H
SQL InjectionCVE-2020-36947
Affects librenms/librenms | Versions <1.69
Has fix
ComposerPublished 3 Feb 2026
  • M
Information ExposureCVE-2026-25509
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 3 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2026-23997
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-23476
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2020-11022
Affects components/jquery | Versions <3.5.1
Has fix
ComposerPublished 2 Feb 2026
  • M
Uncontrolled Search Path ElementCVE-2026-25129
Affects psy/psysh | Versions <0.11.23>=0.12.0, <0.12.19
Has fix
ComposerPublished 1 Feb 2026
  • M
Arbitrary Argument InjectionCVE-2026-24739
Affects symfony/process | Versions <5.4.51>=6.4.0-BETA1, <6.4.33>=7.3.0-BETA1, <7.3.11>=7.4.0-BETA1, <7.4.5>=8.0.0-BETA1, <8.0.5
Has fix
ComposerPublished 29 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2020-36978
Affects froxlor/froxlor | Versions >=0.10.16, <0.10.17
Has fix
ComposerPublished 29 Jan 2026
  • H
SQL InjectionCVE-2026-22243
Affects egroupware/egroupware | Versions <23.1.20260113>=26.0.20251208, <26.0.20260113
Has fix
ComposerPublished 29 Jan 2026
  • H
Deserialization of Untrusted DataCVE-2026-24765
Affects phpunit/phpunit | Versions <8.5.52>=9.0.0, <9.6.33>=10.0.0, <10.5.62>=11.0.0, <11.5.50>=12.0.0, <12.5.8
Has fix
ComposerPublished 28 Jan 2026
  • M
Cross-site Scripting (XSS)
Affects solspace/craft-freeform | Versions <5.14.7
Has fix
ComposerPublished 25 Jan 2026
  • M
Information ExposureCVE-2026-24422
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • H
Improper AuthorizationCVE-2026-24421
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • H
Access Control BypassCVE-2026-24420
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2025-71177
Affects lavalite/cms | Versions >=0.0.0
Has fix
ComposerPublished 25 Jan 2026
  • H
Arbitrary Code InjectionCVE-2025-67847
Affects moodle/moodle | Versions <4.1.22>=4.2.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 25 Jan 2026
  • L
Insufficient Verification of Data AuthenticityCVE-2026-1195
Affects mineadmin/mineadmin | Versions >=0.0.0
Has fix
ComposerPublished 22 Jan 2026
  • C
Deserialization of Untrusted DataCVE-2026-23524
Affects laravel/reverb | Versions <1.7.0
Has fix
ComposerPublished 22 Jan 2026
  • M
SQL Injection: HibernateCVE-2026-23959
Affects coreshop/core-shop | Versions <4.1.9
Has fix
ComposerPublished 22 Jan 2026
  • M
Deserialization of Untrusted DataCVE-2026-0895
Affects cpsit/typo3-mailqueue | Versions <0.4.3>=0.5.0, <0.5.1
Has fix
ComposerPublished 20 Jan 2026
  • M
Improper Resource LockingCVE-2025-69198
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 20 Jan 2026
  • H
Improper Neutralization of Special Elements Used in a Template EngineCVE-2026-23626
Affects kimai/kimai | Versions >=0.8, <2.46.0
Has fix
ComposerPublished 19 Jan 2026