Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo
cocoapods
Composer
Conan
Go
hex
Maven
npm
NuGet
pip
pub
RubyGems
Swift
Unmanaged (C/C++)
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
VULNERABILITY
AFFECTS
TYPE
PUBLISHED
H
Prototype Pollution
content-security-policy-parser
<0.5.0
npm
13 Aug 2025
C
Arbitrary Command Injection
@cdklabs/cdk-proserve-lib
<0.5.1
npm
13 Aug 2025
H
Improper Authentication
@fedify/fedify
<1.3.20
>=1.4.0-dev.585 <1.4.13
>=1.5.0-dev.636 <1.5.5
>=1.6.0-dev.754 <1.6.8
>=1.7.0-pr.251.885 <1.7.9
>=1.8.0-dev.909 <1.8.5
npm
10 Aug 2025
H
Information Exposure
@workos-inc/authkit-remix
<0.15.0
npm
10 Aug 2025
H
Information Exposure
@workos-inc/authkit-react-router
<0.7.0
npm
10 Aug 2025
M
Regular Expression Denial of Service (ReDoS)
@oakserver/oak
*
npm
10 Aug 2025
H
Arbitrary Command Injection
mcp-package-docs
<0.1.28
npm
8 Aug 2025
C
Insufficient Entropy
thinbus-srp
<2.0.1
npm
8 Aug 2025
M
Open Redirect
@astrojs/internal-helpers
>=0.6.1 <0.7.1
npm
8 Aug 2025
H
Use After Free
electron
<37.2.6
npm
7 Aug 2025
H
Directory Traversal
@anthropic-ai/claude-code
<0.2.113
npm
7 Aug 2025
H
Prototype Pollution
linkify-react
<4.3.2
npm
7 Aug 2025
H
Prototype Pollution
linkifyjs
<4.3.2
npm
7 Aug 2025
M
Insertion of Sensitive Information into Log File
kuzu
<0.8.2
npm
7 Aug 2025
M
Allocation of Resources Without Limits or Throttling
bento4
*
npm
7 Aug 2025
H
Command Injection
@anthropic-ai/claude-code
<1.0.20
npm
7 Aug 2025
M
Symlink Attack
tmp
<0.2.4
npm
7 Aug 2025
M
Regular Expression Denial of Service (ReDoS)
@actions/glob
*
npm
6 Aug 2025
L
Directory Traversal
vvvebjs
*
npm
6 Aug 2025
M
Directory Traversal
ipx
<1.3.2
>=2.0.0-0 <2.1.1
>=3.0.0 <3.1.1
npm
6 Aug 2025
H
Prototype Pollution
js-toml
<1.0.2
npm
6 Aug 2025
C
Malicious Package
epic-games-nav-share
*
npm
4 Aug 2025
C
Malicious Package
epic-fortnite-shared-values
*
npm
4 Aug 2025
H
Prototype Pollution
@nyariv/sandboxjs
<0.8.24
npm
4 Aug 2025
C
Arbitrary Command Injection
@nestjs/devtools-integration
<0.2.1
npm
3 Aug 2025
C
Improper Neutralization of Input Used for LLM Prompting
@modelcontextprotocol/server-slack
*
npm
1 Aug 2025
C
Malicious Package
dhei-0731-pkg2
*
npm
1 Aug 2025
M
Server-side Request Forgery (SSRF)
webfinger.js
<2.8.1
npm
1 Aug 2025
H
Improper Authorization
@finos/git-proxy
<1.19.2
npm
31 Jul 2025
H
Information Exposure
@finos/git-proxy
<1.19.2
npm
31 Jul 2025
