Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Cross-site Scripting (XSS)
CVE-2026-49279
Affects
wwbn/avideo
| Versions
>=0.0.0
H
Unsafe Reflection
CVE-2026-49287
Affects
statamic/cms
| Versions
<5.73.23
>=6.0.0-alpha.1, <6.20.0
M
HTTP Response Splitting
CVE-2026-50188
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
H
Cross-site Scripting (XSS)
CVE-2026-54002
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
C
External Initialization of Trusted Variables or Data Stores
CVE-2026-54003
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
H
Cross-site Scripting (XSS)
CVE-2026-49276
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
M
Missing Authorization
CVE-2026-54004
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
H
Missing Authorization
CVE-2026-54005
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
M
Missing Authorization
CVE-2026-49274
Affects
getkirby/cms
| Versions
<4.9.4
>=5.0.0-alpha.1, <5.4.4
M
Cross-site Scripting (XSS)
CVE-2026-55409
Affects
filament/forms
| Versions
>=3.0.0, <3.3.53
M
Missing Authorization
CVE-2026-48500
Affects
filament/filament
| Versions
>=3.0.0, <3.3.52
>=4.0.0, <4.11.5
>=5.0.0, <5.6.5
M
Timing Attack
CVE-2026-48166
Affects
filament/filament
| Versions
>=4.0.0, <4.11.5
>=5.0.0, <5.6.5
M
Cross-site Scripting (XSS)
CVE-2026-47344
Affects
typo3/html-sanitizer
| Versions
<2.3.2
M
Cross-site Scripting (XSS)
CVE-2026-47345
Affects
typo3/html-sanitizer
| Versions
<2.3.2
C
Improper Enforcement of Behavioral Workflow
CVE-2026-48505
Affects
filament/filament
| Versions
>=4.0.0, <4.11.5
>=5.0.0, <5.6.5
H
Authorization Bypass Through User-Controlled Key
CVE-2026-48067
Affects
filament/tables
| Versions
>=3.0.0, <3.3.51
H
Authorization Bypass Through User-Controlled Key
CVE-2026-48067
Affects
filament/query-builder
| Versions
>=4.0.0, <4.11.4
>=5.0.0, <5.6.4
H
Authorization Bypass Through User-Controlled Key
CVE-2026-48067
Affects
filament/forms
| Versions
>=4.0.0, <4.11.4
>=5.0.0, <5.6.4
H
Authorization Bypass Through User-Controlled Key
CVE-2026-48067
Affects
filament/actions
| Versions
>=4.0.0, <4.11.4
>=5.0.0, <5.6.4
M
PHP Remote File Inclusion
CVE-2026-48820
Affects
cakephp/cakephp
| Versions
<4.5.11
>=4.6.0, <4.6.4
>=5.0.0, <5.1.7
>=5.2.0, <5.2.13
>=5.3.0, <5.3.6
M
Cross-site Scripting (XSS)
CVE-2026-48167
Affects
filament/infolists
| Versions
>=4.0.0, <4.11.5
>=5.0.0, <5.6.5
M
Cross-site Scripting (XSS)
CVE-2026-48167
Affects
filament/tables
| Versions
>=4.0.0, <4.11.5
>=5.0.0, <5.6.5
M
Cross-site Request Forgery (CSRF)
Affects
silverstripe/forum
| Versions
<0.6.2
>=0.7.0, <0.7.4
H
Allocation of Resources Without Limits or Throttling
Affects
web-token/jwt-library
| Versions
<3.4.10
>=4.0.0, <4.0.7
>=4.1.0, <4.1.7
C
Improper Verification of Cryptographic Signature
Affects
web-token/jwt-experimental
| Versions
<3.4.10
>=4.0.0, <4.0.7
>=4.1.0, <4.1.7
H
Improper Verification of Cryptographic Signature
Affects
web-token/jwt-library
| Versions
<3.4.10
>=4.0.0, <4.0.7
>=4.1.0, <4.1.7
H
Timing Attack
Affects
web-token/jwt-library
| Versions
<3.4.10
>=4.0.0, <4.0.7
>=4.1.0, <4.1.7
H
Timing Attack
Affects
web-token/jwt-framework
| Versions
<3.4.10
>=4.0.0, <4.0.7
>=4.1.0, <4.1.7
C
Deserialization of Untrusted Data
CVE-2026-49286
Affects
pontedilana/php-weasyprint
| Versions
<2.6.0
C
Deserialization of Untrusted Data
CVE-2026-45034
Affects
phpoffice/phpspreadsheet
| Versions
<1.30.5
>=2.0.0, <2.1.17
>=2.2.0, <2.4.6
>=3.3.0, <3.10.6
>=4.0.0, <5.8.0