Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
Affects @bitbonsai/mcpvault | Versions <0.11.4
  • C
User ImpersonationCVE-2026-58399
Affects @acastellon/auth | Versions <2.3.0
Affects @agenticmail/core | Versions <0.9.43
Affects @agenticmail/claudecode | Versions <0.2.39
Affects @agenticmail/codex | Versions <0.1.33
Affects @agenticmail/openclaw | Versions <0.5.71
  • C
Prototype PollutionCVE-2026-55388
Affects piscina | Versions <4.9.3>=5.0.0-alpha.0 <5.2.0>=6.0.0-rc.1 <6.0.0-rc.2
Affects @cardano402/mcp-server | Versions <0.1.2
Affects md-fileserver | Versions <1.10.3
Affects linkify-it | Versions <5.0.1
Affects @sigstore/core | Versions <3.2.1
Affects neotoma | Versions >=0.6.0 <0.11.1
  • M
Prototype PollutionCVE-2026-48819
Affects @hey-api/openapi-ts | Versions <0.97.3
Affects ghost | Versions >=4.0.0 <6.37.0
Affects @apify/actors-mcp-server | Versions <0.10.11
Affects @sigstore/verify | Versions >=3.1.0 <3.1.1
Affects sigstore | Versions <4.1.1
Affects @sigstore/cli | Versions <0.10.0
Affects @sigstore/verify | Versions <3.1.1
Affects repomix | Versions <1.14.1
Affects auth-fetch-mcp | Versions <3.0.2
Affects @jshookmcp/jshook | Versions >=0.3.1 <0.3.2
Affects repomix | Versions <1.14.1
Affects dbgate-api | Versions <7.1.9
Affects wetty | Versions <3.0.4
  • C
Directory TraversalCVE-2026-47669
Affects dbgate-api | Versions <7.1.9
  • H
Prototype PollutionCVE-2026-46625
Affects js-cookie | Versions >=2.0.0 <3.0.7
Affects @apify/actors-mcp-server | Versions <0.9.21
  • H
Affects hydrooj | Versions >=4.10.4 <5.0.2