Vulnerability DB | Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Prototype PollutionCVE-2025-57330

Affects org.webjars.npm:web3-core-subscriptions | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

H

Server-side Request Forgery (SSRF)CVE-2025-59436

Affects org.webjars.npm:ip | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

H

Server-side Request Forgery (SSRF)CVE-2025-59437

Affects org.webjars.npm:ip | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

L

Relative Path TraversalCVE-2025-58752

Affects org.webjars.npm:vite | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

M

Arbitrary Code InjectionCVE-2025-55305

Affects org.webjars.npm:electron | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

M

Regular Expression Denial of Service (ReDoS)CVE-2025-9670

Affects org.webjars.npm:turndown | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

H

Cross-site Scripting (XSS)CVE-2025-66021

Affects com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer | Versions [0,20260101.1)

Has fix

MavenPublished 26 Nov 2025

C

Interpretation ConflictCVE-2025-12816

Affects org.webjars.npm:node-forge | Versions [0,]

Has fix

MavenPublished 26 Nov 2025

M

Use of Hard-coded Cryptographic KeyCVE-2025-65998

Affects org.apache.syncope.core.idrepo:syncope-core-idrepo-logic | Versions [,3.0.15)[4.0.0-M0, 4.0.3)

Has fix

MavenPublished 25 Nov 2025

M

Use of Hard-coded Cryptographic KeyCVE-2025-65998

Affects org.apache.syncope.core:syncope-core-persistence-jpa | Versions [,3.0.15)[4.0.0-M0, 4.0.3)

Has fix

MavenPublished 25 Nov 2025

M

Use of Hard-coded Cryptographic KeyCVE-2025-65998

Affects org.apache.syncope.core:syncope-core-provisioning-java | Versions [,3.0.15)[4.0.0-M0, 4.0.3)

Has fix

MavenPublished 25 Nov 2025

M

Use of Hard-coded Cryptographic KeyCVE-2025-65998

Affects org.apache.syncope.core:syncope-core-spring | Versions [,3.0.15)[4.0.0-M0, 4.0.3)

Has fix

MavenPublished 25 Nov 2025

M

Use of Hard-coded Cryptographic KeyCVE-2025-65998

Affects org.apache.syncope.core:syncope-core-starter | Versions [,3.0.15)[4.0.0-M0, 4.0.3)

Has fix

MavenPublished 25 Nov 2025

M

Allocation of Resources Without Limits or ThrottlingCVE-2025-13466

Affects org.webjars.npm:body-parser | Versions [2.2.0,]

Has fix

MavenPublished 25 Nov 2025

M

Directory TraversalCVE-2025-13435

Affects cn.dreampie:resty-httpclient | Versions [0,]

Has fix

MavenPublished 21 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.viewer:causeway-viewer-wicket-viewer | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.commons:causeway-commons | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.core:causeway-core-config | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.core:causeway-applib | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.core:causeway-core-runtimeservices | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

H

Deserialization of Untrusted DataCVE-2025-64408

Affects org.apache.causeway.core:causeway-core-metamodel | Versions [2.0.0-RC1,3.5.0)[4.0.0-M1,]

Has fix

MavenPublished 20 Nov 2025

C

Race ConditionCVE-2025-12383

Affects org.glassfish.jersey.core:jersey-client | Versions [,2.46)[3.0.0-M1,3.0.17)[3.1.0-M1,3.1.10)[4.0.0-M1,4.0.0-M2)

Has fix

MavenPublished 19 Nov 2025

H

Command InjectionCVE-2025-64756

Affects org.webjars.npm:glob | Versions [0,]

Has fix

MavenPublished 18 Nov 2025

M

Directory TraversalCVE-2025-13266

Affects io.github.wwwlike:vlife-base | Versions [0,]

Has fix

MavenPublished 17 Nov 2025

C

Prototype PollutionCVE-2025-13204

Affects org.webjars.npm:expr-eval | Versions [0,]

Has fix

MavenPublished 16 Nov 2025

H

Uncontrolled Search Path ElementCVE-2025-12967

Affects software.amazon.jdbc:aws-advanced-jdbc-wrapper | Versions [,2.6.5)

Has fix

MavenPublished 16 Nov 2025

H

Binding to an Unrestricted IP AddressCVE-2025-11538

Affects org.keycloak:keycloak-quarkus-dist | Versions [,26.4.3)

Has fix

MavenPublished 14 Nov 2025

M

Prototype PollutionCVE-2025-64718

Affects org.webjars.bowergithub.nodeca:js-yaml | Versions [0,]

Has fix

MavenPublished 14 Nov 2025

M

Prototype PollutionCVE-2025-64718

Affects org.webjars.npm:js-yaml | Versions [,4.1.1)

Has fix

MavenPublished 14 Nov 2025

M

Prototype PollutionCVE-2025-64718

Affects org.webjars.bower:js-yaml | Versions [0,]

Has fix

MavenPublished 14 Nov 2025

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.