Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
Authorization Bypass Through User-Controlled Key
CVE-2026-7881
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Incorrect Authorization
CVE-2026-8350
Affects
concrete5/concrete5
| Versions
<9.5.1
M
Authorization Bypass Through User-Controlled Key
CVE-2026-8204
Affects
concrete5/concrete5
| Versions
<9.5.1
M
Direct Request ('Forced Browsing')
CVE-2026-8205
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8427
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8416
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Sensitive Cookie with Improper SameSite Attribute
CVE-2026-8413
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
M
Improper Privilege Management
CVE-2026-8327
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8411
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8409
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Server-side Request Forgery (SSRF)
CVE-2026-7890
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8435
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
H
Cross-site Request Forgery (CSRF)
CVE-2026-8140
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Deserialization of Untrusted Data
CVE-2026-8135
Affects
concrete5/concrete5
| Versions
<9.5.1
M
Information Exposure
CVE-2026-6826
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Cross-site Request Forgery (CSRF)
CVE-2026-8417
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-7882
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Cross-site Scripting (XSS)
CVE-2026-8197
Affects
concrete5/concrete5
| Versions
<9.5.1
M
Missing Authorization
CVE-2026-7879
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Cross-site Request Forgery (CSRF)
CVE-2026-8428
Affects
concrete5/concrete5
| Versions
<9.5.1
H
Cross-site Request Forgery (CSRF)
CVE-2026-8421
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Authorization Bypass Through User-Controlled Key
CVE-2026-7886
Affects
concrete5/concrete5
| Versions
<9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8412
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8415
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
L
Cross-site Request Forgery (CSRF)
CVE-2026-8433
Affects
concrete5/concrete5
| Versions
>=9.0.0RC1, <9.5.1
M
Missing Authorization
CVE-2026-8238
Affects
concrete5/concrete5
| Versions
<9.5.1
C
Relative Path Traversal
CVE-2026-8134
Affects
concrete5/concrete5
| Versions
<9.5.1
M
Use of Weak Hash
CVE-2026-48488
Affects
thorsten/phpmyfaq
| Versions
<4.1.4
M
Use of Weak Hash
CVE-2026-48488
Affects
phpmyfaq/phpmyfaq
| Versions
<4.1.4
M
Improper Authentication
CVE-2026-44584
Affects
paymenter/paymenter
| Versions
<1.5.0