Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Server-side Request Forgery (SSRF)CVE-2026-33347
Affects league/commonmark | Versions >=2.3.0, <2.8.2
Has fix
ComposerPublished 25 Mar 2026
  • C
Access Control BypassCVE-2026-33478
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 25 Mar 2026
  • C
Authentication Bypass by Primary WeaknessCVE-2026-30849
Affects mantisbt/mantisbt | Versions <2.28.1
Has fix
ComposerPublished 25 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-33486
Affects roadiz/documents | Versions <2.3.42>=2.4.0, <2.5.44>=2.6.0, <2.6.28>=2.7.0, <2.7.9
Has fix
ComposerPublished 25 Mar 2026
  • M
Missing AuthorizationCVE-2026-33160
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.8>=5.0.0-RC1, <5.9.14
Has fix
ComposerPublished 25 Mar 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-33158
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.8>=5.0.0-RC1, <5.9.14
Has fix
ComposerPublished 25 Mar 2026
  • M
Missing AuthorizationCVE-2026-33159
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.8>=5.0.0-RC1, <5.9.14
Has fix
ComposerPublished 25 Mar 2026
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')CVE-2026-33157
Affects craftcms/cms | Versions >=5.6.0, <5.9.13
Has fix
ComposerPublished 25 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-30932
Affects froxlor/froxlor | Versions <2.3.5
Has fix
ComposerPublished 25 Mar 2026
  • M
Missing AuthorizationCVE-2026-33161
Affects craftcms/cms | Versions >=4.0.0-RC1, <4.17.8>=5.0.0-RC1, <5.9.14
Has fix
ComposerPublished 25 Mar 2026
  • H
Missing AuthorizationCVE-2026-33162
Affects craftcms/cms | Versions >=5.3.0, <5.9.14
Has fix
ComposerPublished 25 Mar 2026
  • M
Missing AuthorizationCVE-2026-1217
Affects yoast/duplicate-post | Versions <4.6
Has fix
ComposerPublished 24 Mar 2026
  • H
Excessive IterationCVE-2026-33204
Affects kelvinmo/simplejwt | Versions <1.1.1
Has fix
ComposerPublished 24 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-32276
Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • M
Missing AuthorizationCVE-2026-32299
Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-32277
Affects opensource-workshop/connect-cms | Versions >=1.35.0, <1.41.1>=2.35.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • M
Authorization Bypass Through User-Controlled KeyCVE-2026-32300
Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • H
Arbitrary File UploadCVE-2026-32278
Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-32279
Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1
Has fix
ComposerPublished 24 Mar 2026
  • H
Active Debug CodeCVE-2026-27131
Affects putyourlightson/craft-sprig | Versions >=2.0.0-alpha.1, <2.15.2>=3.0.0-beta.1, <3.7.2
Has fix
ComposerPublished 24 Mar 2026
  • M
Improper Certificate ValidationCVE-2026-4587
Affects hybridauth/hybridauth | Versions <3.13.0
Has fix
ComposerPublished 24 Mar 2026
  • H
PHP Remote File InclusionCVE-2026-33513
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • H
Use of a Broken or Risky Cryptographic AlgorithmCVE-2026-33512
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-33507
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-33479
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • C
Server-side Request Forgery (SSRF)CVE-2026-33502
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • C
Server-side Request Forgery (SSRF)CVE-2026-33480
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • C
Inadequate Encryption StrengthCVE-2026-33488
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • C
Command InjectionCVE-2026-33482
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026
  • H
Directory TraversalCVE-2026-33493
Affects wwbn/avideo | Versions >=0.0.0
Has fix
ComposerPublished 23 Mar 2026