Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
C
Malicious Package
Affects
npm-sandbox-research-c5d6
| Versions
*
C
Malicious Package
Affects
npm-sandbox-research-f1g2
| Versions
*
C
Malicious Package
Affects
@ncurran/dc-selftest-33afb7
| Versions
*
C
Malicious Package
Affects
metrics-probe-dc85
| Versions
*
C
Malicious Package
Affects
@ncurran/sandbox-recon-uac-4e7c
| Versions
*
C
Malicious Package
Affects
string-tools-be6c
| Versions
*
C
Malicious Package
Affects
npm-sandbox-ping-r9t2
| Versions
*
C
Malicious Package
Affects
npm-sandbox-research-8b2f
| Versions
*
C
Malicious Package
Affects
npm-sandbox-research-9c4e
| Versions
*
C
Malicious Package
Affects
npm-sandbox-research-e9f0
| Versions
*
C
Malicious Package
Affects
metrics-pipeline-d8k2
| Versions
*
C
Malicious Package
Affects
fmt-helpers-794b
| Versions
*
C
Malicious Package
Affects
npm-sandbox-research-a1b2
| Versions
*
C
Malicious Package
Affects
color-utils-dee0
| Versions
*
C
Malicious Package
Affects
pkg-telemetry-r4f9
| Versions
*
C
Malicious Package
Affects
@ncurran/sandbox-recon-9b2d4f
| Versions
*
M
Cross-site Scripting (XSS)
CVE-2026-50557
Affects
@angular/core
| Versions
<19.2.18
>=20.0.0-next.0 <20.3.22
>=21.0.0-next.0 <21.2.15
>=22.0.0-next.0 <22.0.0-rc.2
M
Cross-site Scripting (XSS)
CVE-2026-50557
Affects
@angular/compiler
| Versions
<19.2.18
>=20.0.0-next.0 <20.3.22
>=21.0.0-next.0 <21.2.15
>=22.0.0-next.0 <22.0.0-rc.2
H
Arbitrary Command Injection
CVE-2025-57282
Affects
ngrok
| Versions
*
C
Malicious Package
Affects
sodel-pych
| Versions
*
H
Arbitrary Code Injection
CVE-2026-54271
Affects
protobufjs
| Versions
<7.6.2
>=8.0.0-experimental <8.5.0
H
Arbitrary Code Injection
CVE-2026-54271
Affects
protobufjs-cli
| Versions
<1.3.2
>=2.0.0 <2.5.0
C
Malicious Package
Affects
api-rs-node
| Versions
*
C
Malicious Package
Affects
chai-as-tokenized
| Versions
*
M
Incomplete List of Disallowed Inputs
CVE-2026-54300
Affects
@astrojs/netlify
| Versions
<7.0.13
M
Use of Cache Containing Sensitive Information
CVE-2026-50184
Affects
@angular/service-worker
| Versions
<19.2.23
>=20.0.0-next.0 <20.3.22
>=21.0.0-next.0 <21.2.15
>=22.0.0-next.0 <22.0.0-rc.2
H
Exposure of Private Personal Information to an Unauthorized Actor
CVE-2026-54264
Affects
@angular/service-worker
| Versions
<20.3.25
>=21.0.0-next.0 <21.2.17
>=22.0.0-next.0 <22.0.1
M
Use of Cache Containing Sensitive Information
CVE-2026-50169
Affects
@angular/service-worker
| Versions
<19.2.23
>=20.0.0-next.0 <20.3.22
>=21.0.0-next.0 <21.2.15
>=22.0.0-next.0 <22.0.0-next.4
H
Server-side Request Forgery (SSRF)
CVE-2026-50168
Affects
@angular/platform-server
| Versions
<19.2.23
>=20.0.0-next.0 <20.3.22
>=21.0.0-next.0 <21.2.15
>=22.0.0-next.0 <22.0.0-rc.2
H
Cross-site Scripting (XSS)
CVE-2026-54265
Affects
@angular/compiler
| Versions
<20.3.25
>=21.0.0-next.0 <21.2.17
>=22.0.0-next.0 <22.0.1