Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
Missing Support for Integrity Check
CVE-2026-48995
Affects
pnpm
| Versions
<10.33.4
>=11.0.0 <11.0.7
H
Arbitrary Argument Injection
CVE-2026-50014
Affects
pnpm
| Versions
<10.34.0
>=11.0.0 <11.4.0
C
Malicious Package
Affects
@vpms/design-system
| Versions
*
C
Malicious Package
Affects
velocityfix
| Versions
*
C
Malicious Package
Affects
unsafe-malicious-package
| Versions
*
C
Malicious Package
Affects
ts-einkle-slot
| Versions
*
C
Malicious Package
Affects
ts-einkle
| Versions
*
C
Malicious Package
Affects
ts-ankle
| Versions
*
C
Malicious Package
Affects
polymarket-clob-math
| Versions
*
C
Malicious Package
Affects
hunsterx-package
| Versions
*
C
Malicious Package
Affects
gx-npm-ui
| Versions
*
C
Malicious Package
Affects
gx-npm-lib
| Versions
*
C
Malicious Package
Affects
gx-npm-feature-flags
| Versions
*
C
Malicious Package
Affects
@epsteinlovekids483/crossmint-wallets-sdk-pentest
| Versions
*
C
Malicious Package
Affects
crossmint-wallets-sdk
| Versions
*
H
Cross-site Scripting (XSS)
CVE-2026-53950
Affects
@tryghost/activitypub
| Versions
<3.1.0
H
Improper Validation of Integrity Check Value
CVE-2026-50021
Affects
@pnpm/lockfile.utils
| Versions
<1004.0.4
H
Improper Validation of Integrity Check Value
CVE-2026-50021
Affects
pnpm
| Versions
<10.34.1
>=11.0.0 <11.4.0
H
External Control of File Name or Path
CVE-2026-55699
Affects
@pnpm/bins.resolver
| Versions
<1100.0.6
H
External Control of File Name or Path
CVE-2026-55699
Affects
pnpm
| Versions
<10.34.2
>=11.0.0-alpha.0 <11.5.3
H
Unsafe Dependency Resolution
CVE-2026-55487
Affects
@pnpm/building.policy
| Versions
<1100.0.8
H
Unsafe Dependency Resolution
CVE-2026-55487
Affects
pnpm
| Versions
<10.34.2
>=11.0.0-alpha.0 <11.5.3
H
External Control of File Name or Path
CVE-2026-55700
Affects
@pnpm/releasing.commands
| Versions
<1100.4.2
H
External Control of File Name or Path
CVE-2026-55700
Affects
pnpm
| Versions
>=11.3.0 <11.5.3
H
External Control of File Name or Path
CVE-2026-59194
Affects
@pnpm/config.deps-installer
| Versions
*
H
External Control of File Name or Path
CVE-2026-59194
Affects
pnpm
| Versions
<10.34.4
>=11.0.0-alpha.0 <11.7.0
M
Brute Force
CVE-2026-11779
Affects
payload
| Versions
>=0.0.0
C
Malicious Package
Affects
@immobiliarelabs/backstage-plugin-ldap-auth-backend
| Versions
=1.1.3
=2.0.5
=3.0.2
=4.3.2
=5.2.1
C
Malicious Package
Affects
@immobiliarelabs/backstage-plugin-ldap-auth
| Versions
=1.1.4
=2.0.5
=3.0.2
=4.3.2
=5.2.1
C
Malicious Package
Affects
@immobiliarelabs/backstage-plugin-gitlab-backend
| Versions
=3.0.3
=4.0.2
=5.2.1
=6.13.1
=7.0.2