Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Request Forgery (CSRF)CVE-2025-64166
Affects mercurius | Versions <16.4.0
Has fix
npmPublished 6 Mar 2026
  • M
Incorrect Regular ExpressionCVE-2026-3419
Affects fastify | Versions >=5.7.2 <5.8.1
Has fix
npmPublished 6 Mar 2026
  • C
Malicious Package
Affects pear-apps-utils-date | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pear-apps-utils-avatar-initials | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects imhuman-fw-logger | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pear-apps-lib-ui-react-hooks | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects @imhuman/corp-build-utils-poc | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects @imhuman/fw-logger | Versions *
No fix available
npmPublished 5 Mar 2026
  • M
Directory TraversalCVE-2026-29185
Affects @backstage/integration | Versions <1.20.1>=1.21.0-next.0
Has fix
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects nf-referral-backend | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pearpass-utils-password-check | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pearpass-lib-data-export | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pear-apps-utils-qr | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pearpass-lib-data-import | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects pear-apps-lib-feedback | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Malicious Package
Affects nf-referral-backend-placeholder | Versions *
No fix available
npmPublished 5 Mar 2026
  • C
Prototype PollutionCVE-2026-28794
Affects @orpc/client | Versions <1.13.6
Has fix
npmPublished 5 Mar 2026
  • H
Incorrect AuthorizationCVE-2026-29182
Affects parse-server | Versions <8.6.4>=9.0.0-alpha.1 <9.4.1-alpha.3
Has fix
npmPublished 5 Mar 2026
  • C
Eval InjectionCVE-2026-29091
Affects locutus | Versions <3.0.0
Has fix
npmPublished 5 Mar 2026
  • H
Permissive List of Allowed InputsCVE-2026-29186
Affects @backstage/plugin-techdocs-node | Versions >=1.13.11 <1.14.3
Has fix
npmPublished 5 Mar 2026
  • L
Insertion of Sensitive Information into Log FileCVE-2026-29184
Affects @backstage/plugin-scaffolder-backend | Versions <3.1.4
Has fix
npmPublished 5 Mar 2026
  • M
Improper Handling of URL Encoding (Hex Encoding)CVE-2026-29087
Affects @hono/node-server | Versions <1.19.10
Has fix
npmPublished 5 Mar 2026
  • H
XML Entity Expansion (Billion Laughs)CVE-2026-29074
Affects svgo | Versions >=2.1.0 <2.8.1>=3.0.0 <3.3.3>=4.0.0 <4.0.1
Has fix
npmPublished 5 Mar 2026
  • M
Directory Traversal
Affects openclaw | Versions <2026.2.21
Has fix
npmPublished 5 Mar 2026
  • H
Symlink Attack
Affects openclaw | Versions <2026.2.25
Has fix
npmPublished 5 Mar 2026
  • H
Reliance on IP Address for Authentication
Affects openclaw | Versions <2026.2.19
Has fix
npmPublished 5 Mar 2026
  • M
Incorrect Authorization
Affects @openclaw/bluebubbles | Versions <2026.2.22
Has fix
npmPublished 5 Mar 2026
  • M
Incorrect Authorization
Affects openclaw | Versions <2026.2.22
Has fix
npmPublished 5 Mar 2026
  • H
Incorrect Authorization
Affects openclaw | Versions <2026.2.25
Has fix
npmPublished 5 Mar 2026
  • M
Authorization Bypass Through User-Controlled Key
Affects openclaw | Versions <2026.2.22
Has fix
npmPublished 5 Mar 2026