Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Deserialization of Untrusted DataCVE-2025-54920
Affects org.apache.spark:spark-core_2.13 | Versions [,3.5.7-rc1)[4.0.0-preview1-rc1,4.0.1-rc1)
Has fix
MavenPublished 15 Mar 2026
  • H
Deserialization of Untrusted DataCVE-2025-54920
Affects org.apache.spark:spark-core_2.12 | Versions [,3.5.7-rc1)[4.0.0-preview1-rc1,4.0.1-rc1)
Has fix
MavenPublished 15 Mar 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-32630
Affects org.webjars.npm:file-type | Versions [21.0.0,]
Has fix
MavenPublished 15 Mar 2026
  • C
Directory TraversalCVE-2025-66249
Affects org.apache.livy:livy-server | Versions [,0.9.0-incubating)
Has fix
MavenPublished 13 Mar 2026
  • M
Cross-site Scripting (XSS)
Affects org.webjars.npm:trix | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • M
HTTP Request SmugglingCVE-2026-1525
Affects org.webjars.npm:undici | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • H
Uncaught ExceptionCVE-2026-1528
Affects org.webjars.npm:undici | Versions [6.23.0,]
Has fix
MavenPublished 13 Mar 2026
  • H
Improper Handling of Highly Compressed Data (Data Amplification)CVE-2026-1526
Affects org.webjars.npm:undici | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • H
Uncaught ExceptionCVE-2026-2229
Affects org.webjars.npm:undici | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • M
CRLF InjectionCVE-2026-1527
Affects org.webjars.npm:undici | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • M
Integer Overflow or WraparoundCVE-2026-3707
Affects dev.matrixlab.webp4j:webp4j-core | Versions [,2.1.1)
Has fix
MavenPublished 13 Mar 2026
  • C
Binding to an Unrestricted IP AddressCVE-2026-24015
Affects org.apache.iotdb:node-commons | Versions [1.0.0,1.3.7)[2.0.0,2.0.7)
Has fix
MavenPublished 13 Mar 2026
  • C
Binding to an Unrestricted IP AddressCVE-2026-24015
Affects org.apache.iotdb:iotdb-server | Versions [1.0.0,1.3.7)[2.0.0,2.0.7)
Has fix
MavenPublished 13 Mar 2026
  • M
Comparison Using Wrong FactorsCVE-2026-22723
Affects org.cloudfoundry.identity:cloudfoundry-identity-server | Versions [77.30.0,78.8.0)
Has fix
MavenPublished 13 Mar 2026
  • L
Directory TraversalCVE-2026-2741
Affects com.vaadin:flow-build-tools | Versions [25.0.0-rc1,25.0.3)
Has fix
MavenPublished 13 Mar 2026
  • L
Directory TraversalCVE-2026-2741
Affects com.vaadin:flow-server | Versions [2.0.0,2.13.1)[3.0.0,23.6.8)[24.0.0,24.9.10)
Has fix
MavenPublished 13 Mar 2026
  • H
Uncontrolled RecursionCVE-2026-32141
Affects org.webjars.npm:flatted | Versions [0,]
Has fix
MavenPublished 13 Mar 2026
  • C
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')CVE-2026-24713
Affects org.apache.iotdb:iotdb-core | Versions [,1.3.7)[2.0.1-beta,2.0.7)
Has fix
MavenPublished 12 Mar 2026
  • M
Exposure of Private Personal Information to an Unauthorized ActorCVE-2026-3911
Affects org.keycloak:keycloak-services | Versions [0,]
Has fix
MavenPublished 12 Mar 2026
  • H
Directory TraversalCVE-2026-24457
Affects org.glassfish.mq:mqbroker-comm | Versions [0,]
Has fix
MavenPublished 12 Mar 2026
  • M
Origin Validation ErrorCVE-2025-68467
Affects org.webjars.npm:darkreader | Versions [0,]
Has fix
MavenPublished 12 Mar 2026
  • C
Improper Handling of Case SensitivityCVE-2026-28292
Affects org.webjars.npm:simple-git | Versions [3.15.0,]
Has fix
MavenPublished 11 Mar 2026
  • M
Infinite loopCVE-2026-31808
Affects org.webjars.npm:file-type | Versions [16.5.4,]
Has fix
MavenPublished 11 Mar 2026
  • H
Improper Validation of Certificate with Host MismatchCVE-2026-24281
Affects org.apache.zookeeper:zookeeper | Versions [3.8.0,3.8.6)[3.9.0,3.9.5)
Has fix
MavenPublished 11 Mar 2026
  • H
Symlink AttackCVE-2026-31802
Affects org.webjars.npm:tar | Versions [0,]
Has fix
MavenPublished 11 Mar 2026
  • M
Access Control BypassCVE-2026-2742
Affects com.vaadin:flow-server | Versions [23.0.0,23.6.7)[24.0.0,24.9.8)[25.0.0-beta1,25.0.2)
Has fix
MavenPublished 10 Mar 2026
  • C
Use of Default CredentialsCVE-2026-22886
Affects org.glassfish.mq:mqbroker-core | Versions [0,]
Has fix
MavenPublished 10 Mar 2026
  • H
Improper Validation of Certificate with Host MismatchCVE-2025-59060
Affects org.apache.ranger:ranger-nifi-registry-plugin | Versions [,2.8.0)
Has fix
MavenPublished 10 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2025-5092
Affects org.webjars.npm:lightgallery | Versions [0,]
Has fix
MavenPublished 10 Mar 2026
  • H
Insertion of Sensitive Information into Log FileCVE-2026-24308
Affects org.apache.zookeeper:zookeeper | Versions [3.5.2-alpha,3.8.6)[3.9.0,3.9.5)
Has fix
MavenPublished 10 Mar 2026