Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
HTTP Request SmugglingCVE-2026-24880
Affects org.apache.tomcat:tomcat-coyote | Versions [7.0.0,9.0.116)[10.1.0-M1,10.1.53)[11.0.0-M1,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • H
Use of a Broken or Risky Cryptographic AlgorithmCVE-2026-29129
Affects org.apache.tomcat:tomcat-coyote | Versions [9.0.114,9.0.116)[10.1.51,10.1.53)[11.0.16,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • H
Use of a Broken or Risky Cryptographic AlgorithmCVE-2026-29129
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [9.0.114,9.0.116)[10.1.51,10.1.53)[11.0.16,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • M
Insertion of Sensitive Information into Log FileCVE-2026-34487
Affects org.apache.tomcat:tomcat-tribes | Versions [9.0.13,9.0.117)[10.1.0-M1,10.1.54)[11.0.0-M1,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • H
Missing Encryption of Sensitive DataCVE-2026-34486
Affects org.apache.tomcat:tomcat-tribes | Versions [9.0.116,9.0.117)[10.1.53,10.1.54)[11.0.20,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • H
Use of a Broken or Risky Cryptographic AlgorithmCVE-2026-29146
Affects org.apache.tomcat:tomcat-tribes | Versions [9.0.13,9.0.116)[10.1.50,10.1.53)[11.0.0-M1,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-34500
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.117)[10.1.0-M7,10.1.54)[11.0.0-M1,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-34500
Affects org.apache.tomcat:tomcat-coyote-ffm | Versions [9.0.93,9.0.117)[10.1.26,10.1.54)[11.0.0-M24,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-34500
Affects org.apache.tomcat:tomcat-coyote | Versions [10.1.22,10.1.26)[11.0.0-M14,11.0.0-M24)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-29145
Affects org.apache.tomcat:tomcat-coyote | Versions [10.1.0-M7,10.1.26)[11.0.0-M1,11.0.0-M24)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-29145
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.116)[10.1.0-M7,10.1.53)[11.0.0-M1,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • H
Improper AuthenticationCVE-2026-29145
Affects org.apache.tomcat:tomcat-coyote-ffm | Versions [9.0.93,9.0.116)[10.1.26,10.1.53)[11.0.0-M24,11.0.20)
Has fix
MavenPublished 12 Apr 2026
  • M
Improper Encoding or Escaping of OutputCVE-2026-34483
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.117)[10.1.0-M1,10.1.54)[11.0.0-M1,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • M
Improper Encoding or Escaping of OutputCVE-2026-34483
Affects org.apache.tomcat:tomcat-catalina | Versions [,9.0.117)[10.1.0-M1,10.1.54)[11.0.0-M1,11.0.21)
Has fix
MavenPublished 12 Apr 2026
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Affects org.webjars.npm:mathjs | Versions [0,]
Has fix
MavenPublished 12 Apr 2026
  • H
HTTP Response SplittingCVE-2026-40175
Affects org.webjars.npm:axios | Versions [,1.15.0)
Has fix
MavenPublished 10 Apr 2026
  • H
HTTP Request SmugglingCVE-2026-28369
Affects io.undertow:undertow-core | Versions [0,]
Has fix
MavenPublished 10 Apr 2026
  • H
HTTP Request SmugglingCVE-2026-28367
Affects io.undertow:undertow-core | Versions [0,]
Has fix
MavenPublished 10 Apr 2026
  • H
Always-Incorrect Control Flow ImplementationCVE-2026-22750
Affects org.springframework.cloud:spring-cloud-gateway-server | Versions [4.2.0,4.2.1)
Has fix
MavenPublished 10 Apr 2026
  • H
Improper Encoding or Escaping of OutputCVE-2026-34479
Affects org.apache.logging.log4j:log4j-core | Versions [2.7, 2.25.4)[3.0.0-alpha1,]
Has fix
MavenPublished 10 Apr 2026
  • H
Improper Encoding or Escaping of OutputCVE-2026-34480
Affects org.apache.logging.log4j:log4j-core | Versions [2.0-alpha1, 2.25.4)[3.0.0-alpha1,]
Has fix
MavenPublished 10 Apr 2026
  • H
Improper Encoding or Escaping of OutputCVE-2026-34481
Affects org.apache.logging.log4j:log4j-layout-template-json | Versions [2.14.0, 2.25.4)[3.0.0-alpha1,]
Has fix
MavenPublished 10 Apr 2026
  • H
Improper Output Neutralization for LogsCVE-2026-34478
Affects org.apache.logging.log4j:log4j-core | Versions [2.21.0, 2.25.4)[3.0.0-beta1,]
Has fix
MavenPublished 10 Apr 2026
  • M
Improper Validation of Certificate with Host MismatchCVE-2026-34477
Affects org.apache.logging.log4j:log4j-core | Versions [2.12.0, 2.25.4)[3.0.0-alpha1,]
Has fix
MavenPublished 10 Apr 2026
  • M
Incomplete List of Disallowed InputsCVE-2026-39315
Affects org.webjars.npm:unhead | Versions [0,]
Has fix
MavenPublished 10 Apr 2026
  • M
Unintended Proxy or Intermediary ('Confused Deputy')CVE-2025-62718
Affects org.webjars.npm:axios | Versions [,1.15.0)
Has fix
MavenPublished 10 Apr 2026
  • H
Privilege Defined With Unsafe ActionsCVE-2026-27314
Affects org.apache.cassandra:cassandra-all | Versions [5.0-alpha1,5.0.7)
Has fix
MavenPublished 9 Apr 2026
  • L
Improper Control of Interaction FrequencyCVE-2026-32588
Affects org.apache.cassandra:cassandra-all | Versions [4.0-alpha1,4.0.20)[4.1-alpha1,4.1.11)[5.0-alpha1,5.0.7)
Has fix
MavenPublished 9 Apr 2026
  • C
Sensitive Information in Resource Not Removed Before ReuseCVE-2026-5795
Affects org.eclipse.jetty.ee9:jetty-ee9-jaspi | Versions [,12.0.34)[12.1.0.alpha0,12.1.8)
Has fix
MavenPublished 9 Apr 2026
  • C
Sensitive Information in Resource Not Removed Before ReuseCVE-2026-5795
Affects org.eclipse.jetty.ee11:jetty-ee11-jaspi | Versions [,12.1.8)
Has fix
MavenPublished 9 Apr 2026