Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
H
Symlink Attack
CVE-2026-55607
Affects
@anthropic-ai/claude-code
| Versions
>=2.1.38 <2.1.163
M
Authorization Bypass Through User-Controlled Key
CVE-2026-14209
Affects
@keycloakify/keycloak-admin-ui
| Versions
*
H
Missing Authorization
Affects
@grackle-ai/mcp
| Versions
<0.132.2
H
Missing Authorization
Affects
@grackle-ai/plugin-core
| Versions
<0.132.2
H
Missing Authorization
Affects
@grackle-ai/auth
| Versions
<0.132.2
M
Insertion of Sensitive Information into Externally-Accessible File or Directory
Affects
@bitbonsai/mcpvault
| Versions
<0.11.5
M
Server-side Request Forgery (SSRF)
CVE-2026-58485
Affects
mcp-searxng
| Versions
<1.7.1
M
Unsafe Dependency Resolution
CVE-2026-54325
Affects
@earendil-works/pi-coding-agent
| Versions
<0.79.0
M
Improper Encoding or Escaping of Output
CVE-2026-57583
Affects
@openzeppelin/wizard
| Versions
<0.10.11
M
Improper Encoding or Escaping of Output
CVE-2026-57583
Affects
@openzeppelin/wizard-cairo
| Versions
<3.0.1
M
Improper Encoding or Escaping of Output
CVE-2026-57583
Affects
@openzeppelin/wizard-stellar
| Versions
<0.6.2
M
Improper Encoding or Escaping of Output
CVE-2026-57583
Affects
@openzeppelin/wizard-stylus
| Versions
<0.3.1
H
Creation of Temporary File in Directory with Insecure Permissions
CVE-2026-54328
Affects
@mariozechner/pi-coding-agent
| Versions
>=0.50.0
H
Creation of Temporary File in Directory with Insecure Permissions
CVE-2026-54328
Affects
@earendil-works/pi-coding-agent
| Versions
>=0.74.0 <0.78.1
H
Prototype Pollution
CVE-2026-55091
Affects
flat-to-nested
| Versions
<1.1.2
H
Command Injection
CVE-2026-55849
Affects
@cyclonedx/cyclonedx-npm
| Versions
>=2.1.0 <5.0.0
M
Server-side Request Forgery (SSRF)
CVE-2026-55591
Affects
signalk-server
| Versions
<2.28.0
H
Server-side Request Forgery (SSRF)
CVE-2026-54157
Affects
@lobehub/lobehub
| Versions
>=0.0.0
H
Allocation of Resources Without Limits or Throttling
CVE-2026-58483
Affects
mcp-searxng
| Versions
<1.7.1
M
Cross-site Scripting (XSS)
Affects
@sveltia/cms
| Versions
<0.167.3
H
Cross-site Scripting (XSS)
CVE-2026-58500
Affects
appium-mcp
| Versions
<1.85.10
H
Improper Verification of Cryptographic Signature
CVE-2026-58200
Affects
@jhb.software/payload-cloudinary-plugin
| Versions
>=0.3.0 <0.4.0
C
Malicious Package
Affects
vps-maintenance-paperclip-adapter
| Versions
*
C
Malicious Package
Affects
vps-maintenance
| Versions
*
C
Malicious Package
Affects
paperclip2
| Versions
*
C
Embedded Malicious Code
Affects
tailwindcss-style-animate
| Versions
=1.1.6
C
Embedded Malicious Code
Affects
tailwindcss-animate-style
| Versions
=1.2.5
C
Malicious Package
Affects
@zynkit/probe
| Versions
=0.0.1
C
Malicious Package
Affects
@zynkit/jwtbytes
| Versions
=0.4.3
=0.5.1
=0.5.2
=0.5.3
=0.5.4
C
Malicious Package
Affects
@tinyfox/shapecheck
| Versions
=0.7.4
=0.8.5
=0.8.6
=0.8.7
=0.8.8