Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Cross-site Scripting (XSS)CVE-2026-30830
Affects defuddle | Versions <0.9.0
Has fix
npmPublished 9 Mar 2026
  • M
Origin Validation ErrorCVE-2025-68467
Affects darkreader | Versions <4.9.117
Has fix
npmPublished 9 Mar 2026
  • C
Malicious Package
Affects odds-analyzer | Versions *
No fix available
npmPublished 9 Mar 2026
  • C
Malicious Package
Affects tw-modern-ui | Versions *
No fix available
npmPublished 9 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-30887
Affects @oneuptime/common | Versions <10.0.18
Has fix
npmPublished 9 Mar 2026
  • H
Access Control BypassCVE-2026-30820
Affects flowise | Versions <3.0.13
Has fix
npmPublished 9 Mar 2026
  • C
Arbitrary File UploadCVE-2026-30821
Affects flowise | Versions <3.0.13
Has fix
npmPublished 9 Mar 2026
  • C
Improperly Controlled Modification of Dynamically-Determined Object AttributesCVE-2026-30822
Affects flowise | Versions <3.0.13
Has fix
npmPublished 9 Mar 2026
  • H
Missing Authentication for Critical FunctionCVE-2026-30824
Affects flowise | Versions <3.0.13
Has fix
npmPublished 9 Mar 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-30827
Affects express-rate-limit | Versions >=8.0.0 <8.0.2>=8.1.0 <8.1.1>=8.2.0 <8.2.2
Has fix
npmPublished 9 Mar 2026
  • H
Weak Password Recovery Mechanism for Forgotten Password
Affects @workflow/core | Versions <4.2.0-beta.64
Has fix
npmPublished 8 Mar 2026
  • M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CVE-2026-3484
Affects mcp-nmap-server | Versions *
No fix available
npmPublished 8 Mar 2026
  • M
Missing AuthorizationCVE-2026-30850
Affects parse-server | Versions <8.6.9>=9.0.0-alpha.1 <9.5.0-alpha.9
Has fix
npmPublished 8 Mar 2026
  • H
Improper Verification of Cryptographic SignatureCVE-2026-30863
Affects parse-server | Versions <8.6.10>=9.0.0-alpha.1 <9.5.0-alpha.11
Has fix
npmPublished 8 Mar 2026
  • H
Directory TraversalCVE-2026-30848
Affects parse-server | Versions <8.6.8>=9.0.0-alpha.1 <9.5.0-alpha.8
Has fix
npmPublished 8 Mar 2026
  • M
Incorrect AuthorizationCVE-2026-30854
Affects parse-server | Versions >=9.3.1-alpha.3 <9.5.0-alpha.10
Has fix
npmPublished 8 Mar 2026
  • M
Information ExposureCVE-2026-30835
Affects parse-server | Versions <8.6.7>=9.0.0-alpha.1 <9.5.0-alpha.6
Has fix
npmPublished 8 Mar 2026
  • H
Incorrect AuthorizationCVE-2026-30229
Affects parse-server | Versions <8.6.6>=9.0.0-alpha.1 <9.5.0-alpha.4
Has fix
npmPublished 8 Mar 2026
  • H
Incorrect AuthorizationCVE-2026-30228
Affects parse-server | Versions <8.6.5>=9.0.0-alpha.1 <9.5.0-alpha.3
Has fix
npmPublished 8 Mar 2026
  • M
Symlink AttackCVE-2026-30916
Affects shescape | Versions <2.1.9
Has fix
npmPublished 8 Mar 2026
  • M
Improper Authentication
Affects @x402/svm | Versions <2.6.0
Has fix
npmPublished 8 Mar 2026
  • H
Uncontrolled RecursionCVE-2026-30241
Affects mercurius | Versions <16.8.0
Has fix
npmPublished 6 Mar 2026
  • H
Insertion of Sensitive Information Into Sent Data
Affects flowise | Versions <3.0.13
Has fix
npmPublished 6 Mar 2026
  • M
Use of Password Hash With Insufficient Computational Effort
Affects flowise | Versions <3.0.13
Has fix
npmPublished 6 Mar 2026
  • H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CVE-2026-29053
Affects ghost | Versions <6.19.1
Has fix
npmPublished 6 Mar 2026
  • H
Cross-site Request Forgery (CSRF)CVE-2026-29784
Affects ghost | Versions >=5.101.6 <6.19.3
Has fix
npmPublished 6 Mar 2026
  • C
Malicious Package
Affects @wgu-edu/wgu-core | Versions *
No fix available
npmPublished 6 Mar 2026
  • C
Malicious Package
Affects @wgu-edu/wgu-icons | Versions *
No fix available
npmPublished 6 Mar 2026
  • H
Server-side Request Forgery (SSRF)CVE-2026-3125
Affects @opennextjs/cloudflare | Versions <1.17.1
Has fix
npmPublished 6 Mar 2026
  • H
Missing Authentication for Critical FunctionCVE-2026-29613
Affects openclaw | Versions <2026.2.12
Has fix
npmPublished 6 Mar 2026