Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • C
Malicious Package
Affects paysafe-card-payments | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects upstart.previewcss | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects @kucoin-gbiz-next/tools | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects upstart-offer-container | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects @hrb-web/nuxt | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects upstartapplicationstatus | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
Malicious Package
Affects upstart-lending-status | Versions *
No fix available
npmPublished 13 Apr 2026
  • C
SQL InjectionCVE-2026-39356
Affects drizzle-orm | Versions >=1.0.0-beta.2-e93475f <1.0.0-beta.20-91f355e>=0.37.0 <0.45.2
Has fix
npmPublished 13 Apr 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-39371
Affects rwsdk | Versions >=1.0.0-beta.50 <1.0.6
Has fix
npmPublished 12 Apr 2026
  • M
Directory TraversalCVE-2026-35613
Affects coursevault-preview | Versions <0.1.1
Has fix
npmPublished 12 Apr 2026
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CVE-2026-5327
Affects fast-filesystem-mcp | Versions *
No fix available
npmPublished 12 Apr 2026
  • H
Missing Authentication for Critical Function
Affects n8n-mcp | Versions <2.47.6
Has fix
npmPublished 12 Apr 2026
  • M
Arbitrary Command InjectionCVE-2026-5831
Affects taskflow-ai | Versions <2.1.9
Has fix
npmPublished 12 Apr 2026
  • M
Regular Expression Denial of Service (ReDoS)CVE-2026-5986
Affects js-video-url-parser | Versions *
No fix available
npmPublished 12 Apr 2026
  • M
Open RedirectCVE-2026-40299
Affects next-intl | Versions <4.9.1
Has fix
npmPublished 12 Apr 2026
  • H
SQL InjectionCVE-2026-34825
Affects @nocobase/plugin-workflow-sql | Versions <2.0.30
Has fix
npmPublished 12 Apr 2026
  • H
SQL Injection
Affects @saltcorn/server | Versions <1.4.4>=1.5.0-beta.0 <1.5.2>=1.6.0-alpha.0 <1.6.0-beta.1
Has fix
npmPublished 12 Apr 2026
  • H
SQL Injection
Affects @saltcorn/data | Versions <1.4.4>=1.5.0-beta.0 <1.5.2>=1.6.0-alpha.0 <1.6.0-beta.1
Has fix
npmPublished 12 Apr 2026
  • C
Directory TraversalCVE-2026-40163
Affects @saltcorn/server | Versions <1.4.5>=1.5.0-beta.0 <1.5.3>=1.6.0-alpha.0 <1.6.0-beta.4
Has fix
npmPublished 12 Apr 2026
  • L
Cross-site Scripting (XSS)
Affects unhead | Versions >=3.0.0-beta.5 <3.0.1
Has fix
npmPublished 12 Apr 2026
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Affects mathjs | Versions <15.2.0
Has fix
npmPublished 12 Apr 2026
  • H
CRLF Injection
Affects basic-ftp | Versions <5.2.2
Has fix
npmPublished 12 Apr 2026
  • M
Authentication Bypass Using an Alternate Path or ChannelCVE-2026-35661
Affects openclaw | Versions <2026.3.28-beta.1
Has fix
npmPublished 12 Apr 2026
  • L
Incomplete List of Disallowed Inputs
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • M
Incorrect Authorization
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • M
Access Control Bypass
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • H
Insufficient Verification of Data Authenticity
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • L
Incorrect Permission Assignment for Critical Resource
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • M
Incorrect Authorization
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026
  • M
Insufficient Session Expiration
Affects openclaw | Versions <2026.4.8
Has fix
npmPublished 12 Apr 2026