Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Cross-site Request Forgery (CSRF)CVE-2025-67639

Affects org.jenkins-ci.main:jenkins-core | Versions [,2.528.3)[2.529,2.541)

Has fix

MavenPublished 12 Dec 2025

H

Deserialization of Untrusted DataCVE-2025-26866

Affects org.apache.hugegraph:hg-pd-core | Versions [,1.7.0)

Has fix

MavenPublished 12 Dec 2025

M

Improper Export of Android Application ComponentsCVE-2025-14517

Affects com.yalantis:ucrop | Versions [0,]

Has fix

MavenPublished 12 Dec 2025

M

Server-side Request Forgery (SSRF)CVE-2025-14516

Affects com.yalantis:ucrop | Versions [0,]

Has fix

MavenPublished 12 Dec 2025

M

Access Control BypassCVE-2025-14083

Affects org.keycloak:keycloak-services | Versions [0,26.5.0)

Has fix

MavenPublished 12 Dec 2025

M

Server-side Request Forgery (SSRF)CVE-2025-14518

Affects tech.powerjob:powerjob-common | Versions [0,]

Has fix

MavenPublished 12 Dec 2025

H

Race ConditionCVE-2025-67505

Affects com.okta.sdk:okta-sdk-api | Versions [11.0.0,20.0.1)

Has fix

MavenPublished 11 Dec 2025

M

Missing Release of Memory after Effective LifetimeCVE-2025-66033

Affects com.okta.sdk:okta-sdk-api | Versions [21.0.0,24.0.1)

Has fix

MavenPublished 11 Dec 2025

H

Improper Handling of Case SensitivityCVE-2025-67718

Affects org.webjars.npm:formio | Versions [,3.5.7-rc.1)[4.0.0-rc.1,4.4.3-rc.1)

Has fix

MavenPublished 11 Dec 2025

M

Access Control BypassCVE-2025-14082

Affects org.keycloak:keycloak-server-spi-private | Versions [0,26.5.0)

Has fix

MavenPublished 11 Dec 2025

M

Access Control BypassCVE-2025-14082

Affects org.keycloak:keycloak-model-infinispan | Versions [0,26.5.0)

Has fix

MavenPublished 11 Dec 2025

M

Access Control BypassCVE-2025-14082

Affects org.keycloak:keycloak-authz-policy-common | Versions [0,26.5.0)

Has fix

MavenPublished 11 Dec 2025

M

Inadequate Encryption StrengthCVE-2025-65849

Affects org.webjars.npm:altcha | Versions [0.8.0,]

Has fix

MavenPublished 10 Dec 2025

H

Insecure Temporary FileCVE-2025-14307

Affects net.sf.robocode:robocode.battle | Versions [,1.9.5.6)

Has fix

MavenPublished 10 Dec 2025

H

Directory TraversalCVE-2025-14306

Affects net.sf.robocode:robocode.core | Versions [,1.9.5.6)

Has fix

MavenPublished 10 Dec 2025

H

Integer Overflow or WraparoundCVE-2025-14308

Affects net.sf.robocode:robocode.host | Versions [,1.9.5.6)

Has fix

MavenPublished 10 Dec 2025

M

Server-side Request Forgery (SSRF)

Affects net.dv8tion:jda | Versions [6.0.0,6.1.3)

Has fix

MavenPublished 10 Dec 2025

H

Incorrect AuthorizationCVE-2025-66623

Affects io.strimzi:strimzi | Versions [0.47.0-RC1,0.49.1-RC1)

Has fix

MavenPublished 8 Dec 2025

M

Cross-site Scripting (XSS)CVE-2025-54057

Affects org.apache.skywalking:apm-webapp | Versions [0,]

Has fix

MavenPublished 8 Dec 2025

M

Cross-site Scripting (XSS)CVE-2025-13488

Affects org.sonatype.nexus.plugins:nexus-blobstore-s3 | Versions [3.83.0-08,3.87.0-03)

Has fix

MavenPublished 7 Dec 2025

H

Insertion of Sensitive Information Into Sent DataCVE-2025-66566

Affects at.yawk.lz4:lz4-java | Versions [,1.10.1)

Has fix

MavenPublished 7 Dec 2025

H

Insertion of Sensitive Information Into Sent DataCVE-2025-66566

Affects org.lz4:lz4-java | Versions [0,]

Has fix

MavenPublished 7 Dec 2025

H

Insertion of Sensitive Information Into Sent DataCVE-2025-66566

Affects org.lz4:lz4-pure-java | Versions [0,]

Has fix

MavenPublished 7 Dec 2025

H

Insertion of Sensitive Information Into Sent DataCVE-2025-66566

Affects net.jpountz.lz4:lz4 | Versions [0,]

Has fix

MavenPublished 7 Dec 2025

M

Open RedirectCVE-2025-11222

Affects com.linecorp.centraldogma:centraldogma-server-auth-shiro | Versions [,0.78.0)

Has fix

MavenPublished 5 Dec 2025

H

XML External Entity (XXE) InjectionCVE-2025-54988

Affects org.apache.tika:tika-parsers | Versions [1.13,2.0.0)

Has fix

MavenPublished 5 Dec 2025

H

XML External Entity (XXE) InjectionCVE-2025-54988

Affects org.apache.tika:tika-core | Versions [1.13,3.2.2)

Has fix

MavenPublished 5 Dec 2025

H

Improper Verification of Cryptographic SignatureCVE-2025-65945

Affects org.webjars.npm:jws | Versions [0,]

Has fix

MavenPublished 5 Dec 2025

M

Allocation of Resources Without Limits or ThrottlingCVE-2025-66453

Affects org.mozilla:rhino | Versions [,1.7.14.1)[1.7.15,1.7.15.1)[1.8.0,1.8.1)

Has fix

MavenPublished 4 Dec 2025

M

Deserialization of Untrusted DataCVE-2025-13805

Affects org.nutz.cloud:nutzcloud-loach-server | Versions [0,]

Has fix

MavenPublished 3 Dec 2025

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.