Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Insufficient Granularity of Access ControlCVE-2026-37981
Affects org.keycloak:keycloak-services | Versions [7.0.0,26.6.2)
Has fix
MavenPublished 24 May 2026
  • M
Authorization Bypass Through User-Controlled KeyCVE-2026-37978
Affects org.keycloak:keycloak-services | Versions [,26.6.2)
Has fix
MavenPublished 24 May 2026
  • M
Cross-site Scripting (XSS)CVE-2026-36766
Affects com.shopizer:shopizer | Versions [0,]
Has fix
MavenPublished 22 May 2026
  • C
Directory TraversalCVE-2026-36767
Affects com.shopizer:shopizer | Versions [0,]
Has fix
MavenPublished 22 May 2026
  • M
Incorrect Authorization
Affects org.opensearch.plugin:opensearch-security | Versions [2.11.0.0,2.19.0.0)
Has fix
MavenPublished 22 May 2026
  • M
Incorrect Authorization
Affects org.opensearch.plugin:opensearch-security | Versions [,2.19.4)[3.0.0.0,3.2.0.0)
Has fix
MavenPublished 22 May 2026
  • M
Missing Authentication for Critical FunctionCVE-2026-44308
Affects io.awspring.cloud:spring-cloud-aws-sns | Versions [,4.0.2)
Has fix
MavenPublished 22 May 2026
  • M
Missing Authentication for Critical FunctionCVE-2026-44308
Affects io.awspring.cloud:spring-cloud-aws-autoconfigure | Versions [3.0.0-M1,4.0.2)
Has fix
MavenPublished 22 May 2026
  • H
Arbitrary Code InjectionCVE-2026-35194
Affects org.apache.flink:flink-table-planner_2.12 | Versions [1.15.0,1.20.4)[2.0.0,2.0.2)[2.1.0,2.1.2)[2.2.0,2.2.1)
Has fix
MavenPublished 22 May 2026
  • H
Arbitrary Code InjectionCVE-2026-35194
Affects org.apache.flink:flink-table-api-java | Versions [1.15.0,1.20.4)[2.0.0,2.0.2)[2.1.0,2.1.2)[2.2.0,2.2.1)
Has fix
MavenPublished 22 May 2026
  • H
Arbitrary Code InjectionCVE-2026-35194
Affects org.apache.flink:flink-table-runtime | Versions [1.15.0,1.20.4)[2.0.0,2.0.2)[2.1.0,2.1.2)[2.2.0,2.2.1)
Has fix
MavenPublished 22 May 2026
  • L
Improper Certificate Validation
Affects org.opensearch.plugin:opensearch-security | Versions [2.18.0.0,2.19.4.0)[3.0.0.0,3.3.0.0)
Has fix
MavenPublished 22 May 2026
  • L
Incorrect Authorization
Affects org.opensearch.plugin:opensearch-security | Versions [,2.19.4.0)[3.0.0.0,3.2.0.0)
Has fix
MavenPublished 22 May 2026
  • H
Uncaught ExceptionCVE-2026-8161
Affects org.webjars.npm:multiparty | Versions [0,]
Has fix
MavenPublished 21 May 2026
  • H
Regular Expression Denial of Service (ReDoS)CVE-2026-8159
Affects org.webjars.npm:multiparty | Versions [0,]
Has fix
MavenPublished 21 May 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-9087
Affects org.keycloak:keycloak-services | Versions [26.3.0,26.6.3)
Has fix
MavenPublished 21 May 2026
  • H
Improper Handling of Exceptional ConditionsCVE-2026-8162
Affects org.webjars.npm:multiparty | Versions [0,]
Has fix
MavenPublished 21 May 2026
  • M
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')CVE-2026-2586
Affects org.glassfish.jsftemplating:jsftemplating | Versions [,4.2.0)
Has fix
MavenPublished 21 May 2026
  • M
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')CVE-2026-2587
Affects org.glassfish.jsftemplating:jsftemplating | Versions [,4.2.0)
Has fix
MavenPublished 21 May 2026
  • H
Deserialization of Untrusted DataCVE-2026-6009
Affects net.sf.jasperreports:jasperreports | Versions [0,]
Has fix
MavenPublished 21 May 2026
  • M
Improper Validation of Unsafe Equivalence in InputCVE-2026-47323
Affects org.apache.camel:camel-knative | Versions [3.18.0,4.14.6)[4.15.0,4.18.2)
Has fix
MavenPublished 21 May 2026
  • M
Improper Validation of Unsafe Equivalence in InputCVE-2026-47323
Affects org.apache.camel:camel-cxf-transport | Versions [3.18.0,4.14.6)[4.15.0,4.18.2)
Has fix
MavenPublished 21 May 2026
  • M
Improper Validation of Unsafe Equivalence in InputCVE-2026-47323
Affects org.apache.camel:camel-cxf-rest | Versions [3.18.0,4.14.6)[4.15.0,4.18.2)
Has fix
MavenPublished 21 May 2026
  • C
Relative Path TraversalCVE-2025-55748
Affects org.xwiki.platform:xwiki-platform-skin-skinx | Versions [4.2-milestone-2,16.10.7)[17.0.0-rc-1,17.4.0-rc-1)
Has fix
MavenPublished 21 May 2026
  • C
Relative Path TraversalCVE-2026-23734
Affects org.xwiki.commons:xwiki-commons-classloader-api | Versions [4.2-milestone-2,16.10.17)[17.0.0-rc-1,17.4.9)[17.5.0,17.10.3)[18.0.0-rc-1,18.1.0-rc-1)
Has fix
MavenPublished 21 May 2026
  • C
Missing AuthorizationCVE-2026-33137
Affects org.xwiki.platform:xwiki-platform-rest-server | Versions [15.10.16,16.10.17)[17.0.0-rc-1,17.4.9)[17.5.0,17.10.3)[18.0.0-rc-1,18.0.1)[18.1.0-rc-1,18.1.0)
Has fix
MavenPublished 21 May 2026
  • C
Improper AuthenticationCVE-2026-33117
Affects com.azure:azure-security-keyvault-keys | Versions [,4.10.6)
Has fix
MavenPublished 20 May 2026
  • H
Improper Validation of Array IndexCVE-2026-45799
Affects com.squareup.wire:wire-runtime-jvm | Versions [,6.3.0)[7.0.0-alpha01,7.0.0-alpha03)
Has fix
MavenPublished 20 May 2026
  • H
Improper Validation of Array IndexCVE-2026-45799
Affects com.squareup.wire:wire-runtime | Versions [,6.3.0)[7.0.0-alpha01,7.0.0-alpha03)
Has fix
MavenPublished 20 May 2026
  • H
Improper Verification of Cryptographic Signature
Affects com.getaxonflow:axonflow-sdk | Versions [,7.0.0)
Has fix
MavenPublished 19 May 2026