Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Cross-site Scripting (XSS)CVE-2026-23997
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-23476
Affects facturascripts/facturascripts | Versions >=0.0.0
Has fix
ComposerPublished 3 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2020-11022
Affects components/jquery | Versions <3.5.1
Has fix
ComposerPublished 2 Feb 2026
  • M
Uncontrolled Search Path ElementCVE-2026-25129
Affects psy/psysh | Versions <0.11.23>=0.12.0, <0.12.19
Has fix
ComposerPublished 1 Feb 2026
  • M
Arbitrary Argument InjectionCVE-2026-24739
Affects symfony/process | Versions <5.4.51>=6.4.0-BETA1, <6.4.33>=7.3.0-BETA1, <7.3.11>=7.4.0-BETA1, <7.4.5>=8.0.0-BETA1, <8.0.5
Has fix
ComposerPublished 29 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2020-36978
Affects froxlor/froxlor | Versions >=0.10.16, <0.10.17
Has fix
ComposerPublished 29 Jan 2026
  • H
SQL InjectionCVE-2026-22243
Affects egroupware/egroupware | Versions <23.1.20260113>=26.0.20251208, <26.0.20260113
Has fix
ComposerPublished 29 Jan 2026
  • H
Deserialization of Untrusted DataCVE-2026-24765
Affects phpunit/phpunit | Versions <8.5.52>=9.0.0, <9.6.33>=10.0.0, <10.5.62>=11.0.0, <11.5.50>=12.0.0, <12.5.8
Has fix
ComposerPublished 28 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2026-26188
Affects solspace/craft-freeform | Versions <5.14.7
Has fix
ComposerPublished 25 Jan 2026
  • M
Information ExposureCVE-2026-24422
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • H
Improper AuthorizationCVE-2026-24421
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • H
Access Control BypassCVE-2026-24420
Affects thorsten/phpmyfaq | Versions <4.1.0-alpha
Has fix
ComposerPublished 25 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2025-71177
Affects lavalite/cms | Versions >=0.0.0
Has fix
ComposerPublished 25 Jan 2026
  • H
Arbitrary Code InjectionCVE-2025-67847
Affects moodle/moodle | Versions <4.1.22>=4.2.0-beta, <4.4.12>=4.5.0-beta, <4.5.8>=5.0.0-beta, <5.0.4>=5.1.0-beta, <5.1.1
Has fix
ComposerPublished 25 Jan 2026
  • L
Insufficient Verification of Data AuthenticityCVE-2026-1195
Affects mineadmin/mineadmin | Versions >=0.0.0
Has fix
ComposerPublished 22 Jan 2026
  • C
Deserialization of Untrusted DataCVE-2026-23524
Affects laravel/reverb | Versions <1.7.0
Has fix
ComposerPublished 22 Jan 2026
  • M
SQL Injection: HibernateCVE-2026-23959
Affects coreshop/core-shop | Versions <4.1.9
Has fix
ComposerPublished 22 Jan 2026
  • M
Deserialization of Untrusted DataCVE-2026-0895
Affects cpsit/typo3-mailqueue | Versions <0.4.3>=0.5.0, <0.5.1
Has fix
ComposerPublished 20 Jan 2026
  • M
Improper Resource LockingCVE-2025-69198
Affects pterodactyl/panel | Versions <1.12.0
Has fix
ComposerPublished 20 Jan 2026
  • H
Improper Neutralization of Special Elements Used in a Template EngineCVE-2026-23626
Affects kimai/kimai | Versions >=0.8, <2.46.0
Has fix
ComposerPublished 19 Jan 2026
  • H
Arbitrary Code InjectionCVE-2025-14894
Affects livewire-filemanager/filemanager | Versions <1.0.5
Has fix
ComposerPublished 18 Jan 2026
  • H
SQL InjectionCVE-2021-47763
Affects aimeos/aimeos-laravel | Versions >=2021.10
Has fix
ComposerPublished 18 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2026-23643
Affects cakephp/cakephp | Versions >=5.2.10, <5.2.12>=5.3.0-RC1, <5.3.1
Has fix
ComposerPublished 18 Jan 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-23622
Affects alextselegidis/easyappointments | Versions >=1.1.0-beta.1
Has fix
ComposerPublished 16 Jan 2026
  • M
Insufficient Granularity of Access ControlCVE-2026-23495
Affects pimcore/admin-ui-classic-bundle | Versions <1.7.16>=2.0.0-RC1, <2.2.3
Has fix
ComposerPublished 16 Jan 2026
  • M
Insufficient Granularity of Access ControlCVE-2026-23496
Affects pimcore/web2print-tools-bundle | Versions <5.2.2>=6.0.0-RC1, <6.1.1
Has fix
ComposerPublished 16 Jan 2026
  • M
Insufficient Granularity of Access ControlCVE-2026-23494
Affects pimcore/pimcore | Versions <11.5.14>=12.0.0-RC1, <12.3.1
Has fix
ComposerPublished 16 Jan 2026
  • H
Insertion of Sensitive Information into Log FileCVE-2026-23493
Affects pimcore/pimcore | Versions <11.5.14>=12.0.0-RC1, <12.3.1
Has fix
ComposerPublished 16 Jan 2026
  • M
Cross-site Scripting (XSS)CVE-2025-63644
Affects ph7software/ph7builder | Versions >=12.9.8
Has fix
ComposerPublished 15 Jan 2026
  • M
SQL InjectionCVE-2026-23492
Affects pimcore/pimcore | Versions <11.5.14>=12.0.0-RC1, <12.3.1
Has fix
ComposerPublished 15 Jan 2026