Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cleartext Transmission of Sensitive InformationCVE-2026-40045
Affects openclaw | Versions <2026.4.2
Has fix
npmPublished 21 Apr 2026
  • M
Directory Traversal
Affects flowise-components | Versions >=1.4.3 <3.1.0
Has fix
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects apple-cloudkit-internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects cktool.config | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects cktool.core.internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects ac-sasskit-internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects apple-internal-security-poc-frank | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects cktool.internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects cktool.api | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects apple-idms-internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects apple-auth-internal | Versions *
No fix available
npmPublished 21 Apr 2026
  • C
Malicious Package
Affects tailwindthml-flips | Versions *
No fix available
npmPublished 20 Apr 2026
  • C
Malicious Package
Affects tailwind-text-fill | Versions *
No fix available
npmPublished 20 Apr 2026
  • C
Arbitrary Code InjectionCVE-2025-61260
Affects @openai/codex | Versions <0.23.0
Has fix
npmPublished 20 Apr 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-41270
Affects flowise | Versions <3.1.0
Has fix
npmPublished 20 Apr 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-41270
Affects flowise-components | Versions <3.1.0
Has fix
npmPublished 20 Apr 2026
  • M
Open RedirectCVE-2026-42259
Affects @saltcorn/server | Versions <1.4.6>=1.5.0-beta.0 <1.5.6>=1.6.0-alpha.0 <1.6.0-beta.5
Has fix
npmPublished 20 Apr 2026
  • H
Improper Neutralization of Special Elements in Data Query LogicCVE-2026-41274
Affects flowise-components | Versions >=2.2.3 <3.1.0
Has fix
npmPublished 20 Apr 2026
  • H
SQL InjectionCVE-2026-41478
Affects @saltcorn/data | Versions <1.4.6>=1.5.0-beta.0 <1.5.6>=1.6.0-alpha.0 <1.6.0-beta.5
Has fix
npmPublished 20 Apr 2026
  • H
SQL InjectionCVE-2026-41478
Affects @saltcorn/mobile-app | Versions <1.4.6>=1.5.0-beta.0 <1.5.6>=1.6.0-alpha.0 <1.6.0-beta.5
Has fix
npmPublished 20 Apr 2026
  • H
SQL InjectionCVE-2026-41478
Affects @saltcorn/server | Versions <1.4.6>=1.5.0-beta.0 <1.5.6>=1.6.0-alpha.0 <1.6.0-beta.5
Has fix
npmPublished 20 Apr 2026
  • H
Arbitrary Code InjectionCVE-2026-41138
Affects flowise-components | Versions >=1.3.0 <3.1.0
Has fix
npmPublished 20 Apr 2026
  • C
Partial String ComparisonCVE-2026-41268
Affects flowise | Versions <3.1.0
Has fix
npmPublished 20 Apr 2026
  • C
Partial String ComparisonCVE-2026-41268
Affects flowise-components | Versions <3.1.0
Has fix
npmPublished 20 Apr 2026
  • M
Execution with Unnecessary PrivilegesCVE-2026-4498
Affects kibana | Versions >=8.0.0 <8.19.14>=9.0.0 <9.2.8>=9.3.0 <9.3.3
Has fix
npmPublished 20 Apr 2026
  • M
Incorrect AuthorizationCVE-2026-33461
Affects kibana | Versions >=8.0.0 <8.19.14>=9.0.0 <9.2.8>=9.3.0 <9.3.3
Has fix
npmPublished 20 Apr 2026
  • M
Incorrect AuthorizationCVE-2026-33460
Affects kibana | Versions >=8.0.0 <8.19.14>=9.0.0 <9.2.8>=9.3.0 <9.3.3
Has fix
npmPublished 20 Apr 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-33459
Affects kibana | Versions >=8.15.0 <8.19.14>=9.0.0 <9.2.8>=9.3.0 <9.3.3
Has fix
npmPublished 20 Apr 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-33458
Affects kibana | Versions >=9.3.0 <9.3.2
Has fix
npmPublished 20 Apr 2026
  • C
Malicious Package
Affects @kjma/mailcraft | Versions *
No fix available
npmPublished 20 Apr 2026