Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Prototype Pollution
CVE-2026-46625
Affects
js-cookie
| Versions
>=2.0.0 <3.0.7
M
Permissive List of Allowed Inputs
CVE-2026-46341
Affects
@apify/actors-mcp-server
| Versions
<0.9.21
H
Incorrect Authorization
CVE-2026-49473
Affects
@cedar-policy/authorization-for-expressjs
| Versions
<0.3.0
M
Insufficient Session Expiration
CVE-2026-55617
Affects
hydrooj
| Versions
>=4.10.4 <5.0.2
M
Server-side Request Forgery (SSRF)
CVE-2026-10690
Affects
@wonderwhy-er/desktop-commander
| Versions
<0.2.38
M
Regular Expression Denial of Service (ReDoS)
CVE-2026-10691
Affects
@wonderwhy-er/desktop-commander
| Versions
<0.2.39
H
Server-side Request Forgery (SSRF)
Affects
auth-fetch-mcp
| Versions
<3.0.1
H
Arbitrary File Upload
CVE-2026-46426
Affects
@budibase/server
| Versions
*
M
Allocation of Resources Without Limits or Throttling
CVE-2026-53781
Affects
@steipete/summarize-core
| Versions
<0.17.0
M
Server-side Request Forgery (SSRF)
CVE-2026-53782
Affects
@steipete/summarize
| Versions
<0.17.0
M
Server-side Request Forgery (SSRF)
CVE-2026-53782
Affects
@steipete/summarize-core
| Versions
<0.17.0
H
Command Injection
CVE-2026-49255
Affects
electerm
| Versions
<3.11.11
H
Directory Traversal
CVE-2026-49253
Affects
electerm
| Versions
<3.11.11
H
Inefficient Algorithmic Complexity
CVE-2026-49250
Affects
@conform-to/dom
| Versions
>=1.8.0 <1.19.4
M
Improper Input Validation
CVE-2026-14631
Affects
webpack-dev-server
| Versions
<5.2.6
M
Cross-site Request Forgery (CSRF)
CVE-2026-14620
Affects
webpack-dev-server
| Versions
<5.2.6
M
Server-side Request Forgery (SSRF)
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
M
Server-side Request Forgery (SSRF)
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
M
Cross-site Scripting (XSS)
CVE-2026-50290
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
M
Information Exposure
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.140
M
Server-side Request Forgery (SSRF)
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
M
Improper Neutralization of Special Elements in Data Query Logic
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
H
Server-side Request Forgery (SSRF)
CVE-2026-50288
Affects
@asymmetric-effort/specifyjs
| Versions
<0.2.136
C
Malicious Package
Affects
api-node-utils
| Versions
*
C
Malicious Package
Affects
api-ts-utils
| Versions
*
C
Malicious Package
Affects
ts-node-utils
| Versions
*
C
Malicious Package
Affects
typescript-util-core
| Versions
*
C
Malicious Package
Affects
web-api-node
| Versions
*
C
Malicious Package
Affects
@sql-access/nodesql
| Versions
*
C
Malicious Package
Affects
decode-sdks
| Versions
*