Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Missing Authentication for Critical FunctionCVE-2026-39363
Affects vite-plus | Versions <0.1.16
Has fix
npmPublished 7 Apr 2026
- H
Missing Authentication for Critical FunctionCVE-2026-39363
Affects vite | Versions >=6.0.0 <6.4.2>=7.0.0 <7.3.2>=8.0.0 <8.0.5
Has fix
npmPublished 7 Apr 2026
- M
Directory TraversalCVE-2026-39365
Affects vite-plus | Versions <0.1.16
Has fix
npmPublished 7 Apr 2026
- M
Directory TraversalCVE-2026-39365
Affects vite | Versions <6.4.2>7.0.0 <7.3.2>8.0.0 <8.0.5
Has fix
npmPublished 7 Apr 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-23864
Affects next | Versions >=13.0.0 <15.0.8>=15.1.0 <15.1.12>=15.2.0-canary.0 <15.2.9>=15.3.0-canary.0 <15.3.9>=15.4.0-canary.0 <15.4.11>=15.5.0 <15.5.10>=15.6.0-canary.0 <15.6.0-canary.61>=16.0.0-canary.0 <16.0.11>=16.1.0-canary.0 <16.1.5>=16.2.0-canary.0 <16.2.0-canary.9
Has fix
npmPublished 7 Apr 2026
- M
Incomplete List of Disallowed InputsCVE-2026-34425
Affects @openclaw/discord | Versions >=0.0.0
Has fix
npmPublished 7 Apr 2026
- M
Incomplete List of Disallowed InputsCVE-2026-34425
Affects openclaw | Versions <2026.4.2
Has fix
npmPublished 7 Apr 2026
- C
Improper Control of Dynamically-Managed Code ResourcesCVE-2026-34156
Affects @nocobase/plugin-workflow-javascript | Versions <2.0.28
Has fix
npmPublished 6 Apr 2026
- H
Improper Authorization in Handler for Custom URL SchemeCVE-2026-35394
Affects @mobilenext/mobile-mcp | Versions <0.0.50
Has fix
npmPublished 6 Apr 2026
- H
Command InjectionCVE-2026-25044
Affects @budibase/types | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- H
Command InjectionCVE-2026-25044
Affects @budibase/shared-core | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- H
Command InjectionCVE-2026-25044
Affects @budibase/server | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- C
Command InjectionCVE-2026-35216
Affects @budibase/shared-core | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- C
Command InjectionCVE-2026-35216
Affects @budibase/types | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- C
Command InjectionCVE-2026-35216
Affects @budibase/server | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- H
Directory TraversalCVE-2026-35214
Affects @budibase/types | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- H
Directory TraversalCVE-2026-35214
Affects @budibase/server | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- C
Insecure Default Initialization of ResourceCVE-2026-31818
Affects @budibase/backend-core | Versions <3.33.4
Has fix
npmPublished 6 Apr 2026
- H
Prototype PollutionCVE-2026-34221
Affects @mikro-orm/core | Versions <6.6.10-dev.1>=7.0.0-dev.0 <7.0.6-dev.8
Has fix
npmPublished 6 Apr 2026
- C
SQL InjectionCVE-2026-34220
Affects @mikro-orm/mariadb | Versions <6.6.10-dev.1
Has fix
npmPublished 6 Apr 2026
- C
SQL InjectionCVE-2026-34220
Affects @mikro-orm/core | Versions <6.6.10-dev.1>=7.0.0-dev.0 <7.0.6-dev.8
Has fix
npmPublished 6 Apr 2026
- M
Out-of-bounds ReadCVE-2026-35038
Affects signalk-server | Versions <2.24.0
Has fix
npmPublished 6 Apr 2026
- H
Arbitrary Code InjectionCVE-2026-34725
Affects dbgate-web | Versions >=7.0.0-alpha.10 <7.1.5
Has fix
npmPublished 6 Apr 2026
- M
Missing Authentication for Critical FunctionCVE-2026-33951
Affects signalk-server | Versions <2.24.0-beta.3
Has fix
npmPublished 6 Apr 2026
Affects @stablelib/cbor | Versions <2.0.3
Has fix
npmPublished 6 Apr 2026
Affects @stablelib/ed25519 | Versions <2.1.0
Has fix
npmPublished 6 Apr 2026
- M
Use of GET Request Method With Sensitive Query StringsCVE-2026-25118
Affects @immich/sdk | Versions <2.6.0
Has fix
npmPublished 6 Apr 2026