Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
Cross-site Scripting (XSS)
Affects
wwbn/avideo
| Versions
>=0.0.0
C
Command Injection
CVE-2026-55173
Affects
wwbn/avideo
| Versions
>=0.0.0
M
Cross-site Request Forgery (CSRF)
CVE-2026-55745
Affects
cotonti/cotonti
| Versions
>=0.0.0
H
Cross-site Request Forgery (CSRF)
CVE-2026-55744
Affects
cotonti/cotonti
| Versions
>=0.0.0
C
Cross-site Request Forgery (CSRF)
CVE-2026-55742
Affects
cotonti/cotonti
| Versions
>=0.0.0
M
Use of GET Request Method With Sensitive Query Strings
CVE-2026-55375
Affects
jleehr/canto-saas-api
| Versions
<3.0.0
H
Cross-site Scripting (XSS)
CVE-2026-55746
Affects
cotonti/cotonti
| Versions
>=0.0.0
M
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Affects
spomky-labs/otphp
| Versions
<11.4.3
H
Improper Validation of Specified Quantity in Input
Affects
spomky-labs/otphp
| Versions
<11.4.3
M
Insufficiently Protected Credentials
CVE-2026-55885
Affects
getgrav/grav
| Versions
<1.7.53
M
Cross-site Scripting (XSS)
CVE-2026-55890
Affects
getgrav/grav
| Versions
<2.0.0-rc.9
M
Open Redirect
CVE-2026-55590
Affects
cakephp/authentication
| Versions
<3.3.6
>=4.0.0, <4.1.1
L
Improper Encoding or Escaping of Output
Affects
laravel/framework
| Versions
<12.61.1
>=13.0.0, <13.12.0
M
Improper Encoding or Escaping of Output
Affects
grumpydictator/firefly-iii
| Versions
<6.6.3
C
Arbitrary File Upload
CVE-2026-48062
Affects
codeigniter4/framework
| Versions
<4.7.3
H
Command Injection
CVE-2026-48030
Affects
pheditor/pheditor
| Versions
>=2.0.1, <2.0.4
M
Interpretation Conflict
CVE-2026-47767
Affects
symfony/runtime
| Versions
>=5.4.46, <5.4.52
>=6.4.14, <6.4.40
>=7.1.7, <7.4.12
>=8.0.0, <8.0.12
M
Interpretation Conflict
CVE-2026-47767
Affects
symfony/symfony
| Versions
>=5.4.46, <5.4.52
>=6.4.14, <6.4.40
>=7.1.7, <7.4.12
>=8.0.0, <8.0.12
M
CSV Injection
CVE-2026-47693
Affects
poweradmin/poweradmin
| Versions
<4.2.4
>=4.3.0, <4.3.3
H
Improper Authorization
CVE-2026-47744
Affects
shopper/framework
| Versions
<2.8.0
H
Missing Authorization
CVE-2026-47742
Affects
shopper/framework
| Versions
<2.8.0
H
Authorization Bypass Through User-Controlled Key
CVE-2026-47743
Affects
shopper/framework
| Versions
<2.8.0
H
Missing Authorization
CVE-2026-47745
Affects
shopper/framework
| Versions
<2.8.0
H
SQL Injection
CVE-2026-31069
Affects
billabear/billabear
| Versions
>=0.0.0
H
Improper Privilege Management
CVE-2026-48010
Affects
shopware/platform
| Versions
<6.6.10.18
>=6.7.0.0, <6.7.10.1
H
Improper Privilege Management
CVE-2026-48010
Affects
shopware/core
| Versions
<6.6.10.18
>=6.7.0.0, <6.7.10.1
M
Server-side Request Forgery (SSRF)
CVE-2026-48013
Affects
shopware/core
| Versions
>=6.7.0.0, <6.7.10.1
M
Server-side Request Forgery (SSRF)
CVE-2026-48013
Affects
shopware/platform
| Versions
>=6.7.0.0, <6.7.10.1
H
Weak Password Recovery Mechanism for Forgotten Password
CVE-2026-48009
Affects
shopware/platform
| Versions
<6.6.10.18
>=6.7.0.0, <6.7.10.1
H
Weak Password Recovery Mechanism for Forgotten Password
CVE-2026-48009
Affects
shopware/core
| Versions
<6.6.10.18
>=6.7.0.0, <6.7.10.1