Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Directory TraversalCVE-2026-27606
Affects rollup | Versions <2.80.0>=3.0.0-0 <3.30.0>=4.0.0-1 <4.59.0
Has fix
npmPublished 25 Feb 2026
  • C
Malicious Package
Affects ultimates-express | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects express-soaps | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects modify-setting | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects chai-tools | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects chai-as-pause | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects es1int-config | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects argon-web3-chain | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects json-mapping-srcs | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects node-argon | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects es1int-re1ease | Versions *
No fix available
npmPublished 24 Feb 2026
  • C
Malicious Package
Affects dotenvx-ext | Versions *
No fix available
npmPublished 24 Feb 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-27729
Affects astro | Versions >=5.0.0 <5.17.3>=6.0.0-alpha.0 <6.0.0-beta.15
Has fix
npmPublished 24 Feb 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-25545
Affects astro | Versions <5.17.3>=6.0.0-alpha.0 <6.0.0-beta.7
Has fix
npmPublished 24 Feb 2026
  • H
Open RedirectCVE-2026-27191
Affects @feathersjs/authentication-oauth | Versions <5.0.40
Has fix
npmPublished 23 Feb 2026
  • H
Origin Validation ErrorCVE-2026-27192
Affects @feathersjs/authentication-oauth | Versions <5.0.40
Has fix
npmPublished 23 Feb 2026
  • H
Exposure of Sensitive System Information to an Unauthorized Control SphereCVE-2026-27193
Affects @feathersjs/authentication-oauth | Versions <5.0.40
Has fix
npmPublished 23 Feb 2026
  • H
CRLF InjectionCVE-2026-27203
Affects ebay-mcp | Versions <1.7.3
Has fix
npmPublished 23 Feb 2026
  • L
Exposure of Data Element to Wrong SessionCVE-2026-27492
Affects lettermint | Versions <1.5.1
Has fix
npmPublished 23 Feb 2026
  • C
Malicious Package
Affects eslint-verify-plugin | Versions *
No fix available
npmPublished 23 Feb 2026
  • C
Malicious Package
Affects npm-security-testing | Versions *
No fix available
npmPublished 23 Feb 2026
  • C
Malicious Package
Affects rbxm-tools | Versions *
No fix available
npmPublished 23 Feb 2026
  • C
Malicious Package
Affects react-dropzone-truffle | Versions *
No fix available
npmPublished 23 Feb 2026
  • H
Unsafe Dependency ResolutionCVE-2026-26974
Affects @tygo-van-den-hurk/slyde | Versions <0.0.5
Has fix
npmPublished 22 Feb 2026
  • L
User ImpersonationCVE-2026-27484
Affects openclaw | Versions <2026.2.19
Has fix
npmPublished 22 Feb 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-27488
Affects openclaw | Versions <2026.2.19
Has fix
npmPublished 22 Feb 2026
  • M
Allocation of Resources Without Limits or ThrottlingCVE-2026-27576
Affects openclaw | Versions <2026.2.19
Has fix
npmPublished 22 Feb 2026
  • M
UNIX Symbolic Link (Symlink) FollowingCVE-2026-27485
Affects openclaw | Versions <2026.2.19
Has fix
npmPublished 22 Feb 2026
  • H
Incorrect Regular ExpressionCVE-2026-25896
Affects fast-xml-parser | Versions >=4.1.3 <4.5.4>=5.0.0 <5.3.5
Has fix
npmPublished 20 Feb 2026
  • C
Malicious Package
Affects rollup-plugin-polyfill-swc | Versions *
No fix available
npmPublished 20 Feb 2026