Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Improper Check or Handling of Exceptional ConditionsCVE-2026-28407
Affects github.com/chainguard-dev/malcontent/pkg/archive | Versions <1.21.0
Has fix
GoPublished 2 Mar 2026
  • H
SQL InjectionCVE-2026-26186
Affects github.com/fleetdm/fleet/v4/server/datastore/mysql | Versions >=4.15.0 <4.81.0
Has fix
GoPublished 2 Mar 2026
  • H
Improper Privilege ManagementCVE-2026-27899
Affects github.com/h44z/wg-portal/internal/domain | Versions <2.1.3
Has fix
GoPublished 2 Mar 2026
  • H
Improper Privilege ManagementCVE-2026-27899
Affects github.com/h44z/wg-portal/internal/app/users | Versions <2.1.3
Has fix
GoPublished 2 Mar 2026
  • H
Improper Privilege ManagementCVE-2026-27899
Affects github.com/h44z/wg-portal/internal/app/api/v0/backend | Versions <2.1.3
Has fix
GoPublished 2 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-27808
Affects github.com/axllent/mailpit/server/handlers | Versions <1.29.2
Has fix
GoPublished 2 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-27808
Affects github.com/axllent/mailpit/internal/linkcheck | Versions <1.29.2
Has fix
GoPublished 2 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-27808
Affects github.com/axllent/mailpit/config | Versions <1.29.2
Has fix
GoPublished 2 Mar 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-27808
Affects github.com/axllent/mailpit/cmd | Versions <1.29.2
Has fix
GoPublished 2 Mar 2026
  • L
Time-of-check Time-of-use (TOCTOU) Race ConditionCVE-2026-21725
Affects github.com/grafana/grafana/pkg/api | Versions <12.4.0
Has fix
GoPublished 2 Mar 2026
  • C
Weak Password Recovery Mechanism for Forgotten PasswordCVE-2026-28268
Affects code.vikunja.io/api/pkg/user | Versions <2.1.0
Has fix
GoPublished 2 Mar 2026
  • C
Weak Password Recovery Mechanism for Forgotten PasswordCVE-2026-28268
Affects github.com/go-vikunja/vikunja/pkg/user | Versions <2.1.0
Has fix
GoPublished 2 Mar 2026
  • H
Uncaught ExceptionCVE-2026-27819
Affects code.vikunja.io/api/pkg/modules/dump | Versions <2.0.0
Has fix
GoPublished 2 Mar 2026
  • H
Uncaught ExceptionCVE-2026-27819
Affects github.com/go-vikunja/vikunja/pkg/modules/dump | Versions <2.0.0
Has fix
GoPublished 2 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-27730
Affects github.com/esm-dev/esm.sh/server | Versions <136_1
Has fix
GoPublished 1 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-27730
Affects github.com/esm-dev/esm.sh/internal/fetch | Versions <136_1
Has fix
GoPublished 1 Mar 2026
  • M
Expected Behavior ViolationCVE-2025-69232
Affects github.com/free5gc/smf/internal/util | Versions <1.4.1
Has fix
GoPublished 1 Mar 2026
  • M
Expected Behavior ViolationCVE-2025-69232
Affects github.com/free5gc/smf/internal/context | Versions <1.4.1
Has fix
GoPublished 1 Mar 2026
  • C
Insufficient Session ExpirationCVE-2026-27575
Affects code.vikunja.io/api/pkg/user | Versions <2.0.0
Has fix
GoPublished 1 Mar 2026
  • C
Insufficient Session ExpirationCVE-2026-27575
Affects code.vikunja.io/api/pkg/routes/api/v1 | Versions <2.0.0
Has fix
GoPublished 1 Mar 2026
  • H
Improper Handling of Highly Compressed Data (Data Amplification)
Affects github.com/bishopfox/sliver/server/c2 | Versions <1.7.2
Has fix
GoPublished 1 Mar 2026
  • H
Improper Handling of Highly Compressed Data (Data Amplification)
Affects github.com/bishopfox/sliver/util/encoders | Versions <1.7.2
Has fix
GoPublished 1 Mar 2026
  • H
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-27611
Affects github.com/gtsteffaniak/filebrowser/backend/http | Versions <1.1.3-stable>=1.2.0-beta <1.2.6-beta
Has fix
GoPublished 1 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2025-50180
Affects github.com/esm-dev/esm.sh/server | Versions <136_1
Has fix
GoPublished 1 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2025-50180
Affects github.com/esm-dev/esm.sh/internal/fetch | Versions <136_1
Has fix
GoPublished 1 Mar 2026
  • C
Incorrect Behavior Order: Validate Before CanonicalizeCVE-2026-27590
Affects github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi | Versions <2.11.0
Has fix
GoPublished 28 Feb 2026
  • C
Incorrect Behavior Order: Validate Before CanonicalizeCVE-2026-27590
Affects github.com/caddyserver/caddy/modules/caddyhttp/reverseproxy/fastcgi | Versions <2.11.0
Has fix
GoPublished 28 Feb 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-27589
Affects github.com/caddyserver/caddy/caddyconfig | Versions <2.11.0-beta.1
Has fix
GoPublished 28 Feb 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-27589
Affects github.com/caddyserver/caddy/v2/caddyconfig | Versions <2.11.0-beta.1
Has fix
GoPublished 28 Feb 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-27589
Affects github.com/caddyserver/caddy/cmd | Versions <2.11.0-beta.1
Has fix
GoPublished 28 Feb 2026