Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • C
Malicious Package
Affects json-dec | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects changelog-utils-structured-logger | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects undicy-http | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects separadordeinfocc | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects changelog-cli-logger | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects @amsterdam-local/forms-component-library | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects shenxun162938 | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects spr-i18n-labels | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects json-spacer | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects rollup-plugin-polyfill-route | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects ts-bing | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects ts-moduler | Versions *
No fix available
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects vime-azl | Versions *
No fix available
npmPublished 23 Apr 2026
  • M
XML InjectionCVE-2026-41650
Affects fast-xml-builder | Versions <1.1.5
Has fix
npmPublished 23 Apr 2026
  • H
XML InjectionCVE-2026-41672
Affects xmldom | Versions *
No fix available
npmPublished 23 Apr 2026
  • H
XML InjectionCVE-2026-41672
Affects @xmldom/xmldom | Versions <0.8.13>=0.9.0 <0.9.10
Has fix
npmPublished 23 Apr 2026
  • M
Improper Validation of Specified Index, Position, or Offset in InputCVE-2026-41907
Affects uuid | Versions <14.0.0
Has fix
npmPublished 23 Apr 2026
  • M
Cross-site Scripting (XSS)CVE-2026-41238
Affects dompurify | Versions >=3.0.1 <3.4.0
Has fix
npmPublished 23 Apr 2026
  • L
Cross-site Scripting (XSS)CVE-2026-41239
Affects dompurify | Versions >=1.0.10 <3.4.0
Has fix
npmPublished 23 Apr 2026
  • C
Malicious Package
Affects sparkling-sdk | Versions *
No fix available
npmPublished 22 Apr 2026
  • C
Malicious Package
Affects color-studio | Versions *
No fix available
npmPublished 22 Apr 2026
  • C
Malicious Package
Affects @stlm/common-ui | Versions *
No fix available
npmPublished 22 Apr 2026
  • H
Missing AuthorizationCVE-2026-41266
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • C
Embedded Malicious Code
Affects kube-health-tools | Versions *
No fix available
npmPublished 22 Apr 2026
  • H
Arbitrary File UploadCVE-2026-41269
Affects flowise-components | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • H
Arbitrary File UploadCVE-2026-41269
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • H
Missing Authentication for Critical FunctionCVE-2026-41273
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • M
Use of Hard-coded Credentials
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • M
Use of Hard-coded Credentials
Affects flowise | Versions <3.1.0
Has fix
npmPublished 22 Apr 2026
  • M
Cross-site Scripting (XSS)CVE-2026-41067
Affects astro | Versions <6.1.6
Has fix
npmPublished 22 Apr 2026