Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Scripting (XSS)CVE-2025-6594
Affects mediawiki/core | Versions >=1.27.0, <1.39.13>=1.42.7, <1.42.8>=1.43.2, <1.43.3>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-61636
Affects mediawiki/core | Versions <1.39.14>=1.43.0, <1.43.4>=1.44.0, <1.44.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25484
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25482
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25483
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2025-67855
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2025-67849
Affects moodle/moodle | Versions >=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25486
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2019-25260
Affects oxid-esales/oxideshop-ce | Versions >=6.0.0, <6.3.4
Has fix
ComposerPublished 4 Feb 2026
  • M
Incorrect AuthorizationCVE-2025-67856
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25487
Affects craftcms/commerce | Versions >=4.0.0-beta.1, <4.10.1>=5.0.0-beta.1, <5.5.2
Has fix
ComposerPublished 4 Feb 2026
  • M
Open RedirectCVE-2025-67852
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Timing AttackCVE-2026-25597
Affects prestashop/prestashop | Versions <8.2.4>=9.0.0-alpha.1, <9.0.3
Has fix
ComposerPublished 4 Feb 2026
  • C
Arbitrary File Upload
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 4 Feb 2026
  • M
CSV InjectionCVE-2025-67851
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Brute ForceCVE-2025-67853
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Improper Handling of Insufficient Permissions or PrivilegesCVE-2025-67848
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2025-67850
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • M
Insertion of Sensitive Information Into Sent DataCVE-2025-67857
Affects moodle/moodle | Versions <4.1.22>=4.4.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2026-25513
Affects facturascripts/facturascripts | Versions <2025.8
Has fix
ComposerPublished 4 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2020-11023
Affects components/jquery | Versions <3.5.1
Has fix
ComposerPublished 4 Feb 2026
  • H
Arbitrary File UploadCVE-2026-25510
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 4 Feb 2026
  • H
SQL InjectionCVE-2026-25514
Affects facturascripts/facturascripts | Versions <2025.8>=2025.11, <2025.81
Has fix
ComposerPublished 4 Feb 2026
  • M
Information ExposureCVE-2026-25523
Affects openmage/magento-lts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • H
SQL InjectionCVE-2020-36947
Affects librenms/librenms | Versions <1.69
Has fix
ComposerPublished 3 Feb 2026
  • M
Information ExposureCVE-2026-25509
Affects ci4-cms-erp/ci4ms | Versions <0.28.5.0
Has fix
ComposerPublished 3 Feb 2026
  • H
Cross-site Scripting (XSS)CVE-2026-23997
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-23476
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2020-11022
Affects components/jquery | Versions <3.5.1
Has fix
ComposerPublished 2 Feb 2026
  • M
Uncontrolled Search Path ElementCVE-2026-25129
Affects psy/psysh | Versions <0.11.23>=0.12.0, <0.12.19
Has fix
ComposerPublished 1 Feb 2026