Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
User Impersonation
Affects
silverstripe/framework
| Versions
>=3.1.0, <3.1.17-rc2
>=3.2.0, <3.2.2-rc2
>=3.3.0-beta1, <3.3.0-rc3
M
Access Control Bypass
CVE-2026-50886
Affects
grumpydictator/firefly-iii
| Versions
>=0.0.0
M
Cross-site Scripting (XSS)
Affects
spatie/schema-org
| Versions
>=3.23.1, <3.23.2
>=4.0.0, <4.0.2
H
Allocation of Resources Without Limits or Throttling
CVE-2026-49209
Affects
symfony/ux-live-component
| Versions
>=2.5.0, <2.36.0
>=3.0.0, <3.1.0
M
Cross-site Scripting (XSS)
CVE-2026-49210
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
C
Improper Verification of Cryptographic Signature
CVE-2026-49212
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
L
Cross-site Request Forgery (CSRF)
CVE-2026-49215
Affects
symfony/ux-live-component
| Versions
>=2.22.0, <2.36.0
>=3.0.0, <3.1.0
L
Improper Validation of Unsafe Equivalence in Input
CVE-2026-49208
Affects
symfony/ux-live-component
| Versions
>=2.8.0, <2.36.0
>=3.0.0, <3.1.0
M
Missing Authorization
CVE-2026-47349
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-11607
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-47343
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Open Redirect
CVE-2026-47347
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Directory Traversal
CVE-2026-49738
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Directory Traversal
CVE-2026-49742
Affects
typo3/cms-filelist
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-49741
Affects
typo3/cms-form
| Versions
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-install
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-frontend
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-extbase
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Deserialization of Untrusted Data
CVE-2026-49740
Affects
typo3/cms-scheduler
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Cross-site Scripting (XSS)
CVE-2026-47348
Affects
typo3/cms-indexed-search
| Versions
>=13.0.0, <13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47350
Affects
typo3/cms-core
| Versions
>=13.0.0, <13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-47346
Affects
typo3/cms-core
| Versions
<13.4.31
>=14.0.0, <14.3.3
H
Missing Authorization
CVE-2026-47346
Affects
typo3/cms-form
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47352
Affects
typo3/cms-backend
| Versions
<13.4.31
>=14.0.0, <14.3.3
M
Missing Authorization
CVE-2026-47351
Affects
typo3/cms-backend
| Versions
<13.4.31
>=14.0.0, <14.3.3
C
Arbitrary Code Injection
CVE-2026-54133
Affects
mtdowling/jmespath.php
| Versions
<2.9.1
M
Server-side Request Forgery (SSRF)
CVE-2026-48998
Affects
guzzlehttp/psr7
| Versions
<2.10.2
M
HTTP Response Splitting
CVE-2026-49214
Affects
guzzlehttp/psr7
| Versions
<2.10.2