Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • C
Improper AuthorizationCVE-2023-53895
Affects potsky/pimp-my-log | Versions >=0.0.0
Has fix
ComposerPublished 17 Dec 2025
  • M
Improper Verification of Cryptographic SignatureCVE-2025-68113
Affects altcha-org/altcha | Versions <1.3.1
Has fix
ComposerPublished 17 Dec 2025
  • M
Arbitrary File UploadCVE-2023-53871
Affects soosyze/soosyze | Versions >=1.0.0-alpha1
Has fix
ComposerPublished 16 Dec 2025
  • M
Server-side Request Forgery (SSRF)CVE-2025-66844
Affects getgrav/grav | Versions >=0.8.0
Has fix
ComposerPublished 16 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2025-66843
Affects getgrav/grav | Versions >=0.8.0
Has fix
ComposerPublished 16 Dec 2025
  • H
Arbitrary File UploadCVE-2024-58295
Affects elkarte/elkarte | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025
  • C
Incorrect Permission Assignment for Critical ResourceCVE-2025-65854
Affects xmo/mine-core | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025
  • M
PHP Remote File InclusionCVE-2024-58302
Affects fof/pretty-mail | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025
  • H
Improper Neutralization of Special Elements Used in a Template EngineCVE-2024-58303
Affects fof/pretty-mail | Versions >=0.0.0
Has fix
ComposerPublished 14 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2025-58674
Affects johnpbloch/wordpress-core | Versions <4.7.31>=4.8.0, <4.8.27>=4.9.0, <4.9.28>=5.0.0, <5.0.24>=5.1.0, <5.1.21>=5.2.0, <5.2.23>=5.3.0, <5.3.20>=5.4.0, <5.4.18>=5.5.0, <5.5.17>=5.6.0, <5.6.16>=5.7.0, <5.7.14>=5.8.0, <5.8.12>=5.9.0, <5.9.12>=6.0.0, <6.0.11>=6.1.0, <6.1.9>=6.2.0, <6.2.8>=6.3.0, <6.3.7>=6.4.0, <6.4.7>=6.5.0, <6.5.7>=6.6.0, <6.6.4>=6.7.0, <6.7.4>=6.8.0, <6.8.3
Has fix
ComposerPublished 12 Dec 2025
  • M
Missing AuthorizationCVE-2025-67737
Affects azuracast/azuracast | Versions <0.23.2
Has fix
ComposerPublished 12 Dec 2025
  • M
Insertion of Sensitive Information Into Sent DataCVE-2025-58246
Affects johnpbloch/wordpress-core | Versions >=4.7.0, <4.7.31>=4.8.0, <4.8.27>=4.9.0, <4.9.28>=5.0.0, <5.0.24>=5.1.0, <5.1.21>=5.2.0, <5.2.23>=5.3.0, <5.3.20>=5.4.0, <5.4.18>=5.5.0, <5.5.17>=5.6.0, <5.6.16>=5.7.0, <5.7.14>=5.8.0, <5.8.12>=5.9.0, <5.9.12>=6.0.0, <6.0.11>=6.1.0, <6.1.9>=6.2.0, <6.2.8>=6.3.0, <6.3.7>=6.4.0, <6.4.7>=6.5.0, <6.5.7>=6.6.0, <6.6.4>=6.7.0, <6.7.4>=6.8.0, <6.8.3
Has fix
ComposerPublished 12 Dec 2025
  • H
Arbitrary File UploadCVE-2024-58281
Affects dotclear/dotclear | Versions <2.31
Has fix
ComposerPublished 12 Dec 2025
  • H
Uncaught ExceptionCVE-2025-66578
Affects robrichards/xmlseclibs | Versions <3.1.4
Has fix
ComposerPublished 12 Dec 2025
  • H
Arbitrary File UploadCVE-2024-58279
Affects apprain/apprain | Versions >=0.0.0
Has fix
ComposerPublished 11 Dec 2025
  • C
Unverified Password ChangeCVE-2025-67719
Affects ibexa/user | Versions >=5.0.0-beta1, <5.0.4
Has fix
ComposerPublished 11 Dec 2025
  • C
Authentication Bypass Using an Alternate Path or ChannelCVE-2025-67507
Affects filament/filament | Versions >=4.0.0, <4.3.1
Has fix
ComposerPublished 10 Dec 2025
  • H
Cross-site Scripting (XSS)CVE-2025-67648
Affects shopware/storefront | Versions >=6.4.6.0, <6.6.10.10>=6.7.0.0, <6.7.5.1
Has fix
ComposerPublished 10 Dec 2025
  • H
Arbitrary Code InjectionCVE-2025-67509
Affects neuron-core/neuron-ai | Versions >=2.8.11, <2.8.12
Has fix
ComposerPublished 10 Dec 2025
  • H
Execution with Unnecessary PrivilegesCVE-2025-67510
Affects neuron-core/neuron-ai | Versions >=2.8.11, <2.8.12
Has fix
ComposerPublished 10 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2025-65186
Affects getgrav/grav | Versions >=0.0.0
Has fix
ComposerPublished 5 Dec 2025
  • H
Directory TraversalCVE-2025-65346
Affects alexusmai/laravel-file-manager | Versions <3.3.2
Has fix
ComposerPublished 5 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2025-65621
Affects snipe/snipe-it | Versions <8.3.4
Has fix
ComposerPublished 4 Dec 2025
  • H
Directory TraversalCVE-2025-65345
Affects alexusmai/laravel-file-manager | Versions >=2.0.0, <3.3.2
Has fix
ComposerPublished 4 Dec 2025
  • H
Arbitrary Command InjectionCVE-2025-65657
Affects feehi/cms | Versions >=0.0.1
Has fix
ComposerPublished 3 Dec 2025
  • H
Arbitrary File UploadCVE-2025-13827
Affects mautic/core-lib | Versions >=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7
Has fix
ComposerPublished 3 Dec 2025
  • H
Arbitrary File UploadCVE-2025-13827
Affects mautic/core | Versions >=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7
Has fix
ComposerPublished 3 Dec 2025
  • C
Access Control BypassCVE-2025-13828
Affects mautic/core-lib | Versions >=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7
Has fix
ComposerPublished 3 Dec 2025
  • C
Access Control BypassCVE-2025-13828
Affects mautic/core | Versions >=4.0.0-alpha1, <4.4.18>=5.0.0-alpha, <5.2.9>=6.0.0-alpha, <6.0.7
Has fix
ComposerPublished 3 Dec 2025
  • H
Unsafe Dependency ResolutionCVE-2025-65656
Affects dcat/laravel-admin | Versions >=0.1.0
Has fix
ComposerPublished 3 Dec 2025