Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All Vulnerabilities
APPLICATION
Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++
OPERATING SYSTEM
All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi
Report a new vulnerability
Vulnerabilities
Packages
M
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-10222
Affects
hermes-agent
| Versions
[,0.18.0)
H
Multiple Operations on Resource in Single-Operation Context
CVE-2026-42358
Affects
apache-airflow
| Versions
[,3.2.2rc1)
C
Improper Neutralization of Special Elements Used in a Template Engine
CVE-2026-42252
Affects
apache-airflow-core
| Versions
[,3.2.2rc1)
M
Authorization Bypass Through User-Controlled Key
CVE-2026-46764
Affects
apache-airflow-core
| Versions
[,3.2.2rc1)
H
Incomplete List of Disallowed Inputs
CVE-2026-55830
Affects
restrictedpython
| Versions
[,8.3)
H
Missing Authorization
CVE-2026-54423
Affects
ironic
| Versions
[0,]
H
Insufficient Granularity of Access Control
CVE-2026-44918
Affects
ironic
| Versions
[0,]
M
Improper Validation of Specified Quantity in Input
CVE-2026-53720
Affects
pymonocypher
| Versions
[,4.0.2.7)
M
Directory Traversal
CVE-2026-15138
Affects
mcp-text-editor
| Versions
[0,]
H
Incomplete List of Disallowed Inputs
CVE-2026-49825
Affects
lxml-html-clean
| Versions
[,0.4.5)
M
Uncontrolled Recursion
Affects
trapster
| Versions
[0,]
H
External Control of File Name or Path
Affects
phantom-audio
| Versions
[,1.3.1)
H
Allocation of Resources Without Limits or Throttling
CVE-2026-49476
Affects
soupsieve
| Versions
[,2.8.4)
H
Regular Expression Denial of Service (ReDoS)
CVE-2026-49477
Affects
soupsieve
| Versions
[,2.8.4)
L
Server-side Request Forgery (SSRF)
CVE-2026-48737
Affects
pyload-ng
| Versions
[0,]
H
Allocation of Resources Without Limits or Throttling
CVE-2026-48987
Affects
pyload-ng
| Versions
[0,]
H
Cross-site Request Forgery (CSRF)
CVE-2026-49471
Affects
serena-agent
| Versions
[,1.5.2)
H
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2026-55404
Affects
yt-dlp
| Versions
[,2026.7.4)
H
Open Redirect
CVE-2026-59806
Affects
gradio
| Versions
[,6.20.0)
H
Directory Traversal
CVE-2026-54590
Affects
asyncssh
| Versions
[,2.23.1)
H
Directory Traversal
CVE-2026-54591
Affects
asyncssh
| Versions
[,2.23.1)
H
Improper Handling of Highly Compressed Data (Data Amplification)
CVE-2026-59939
Affects
httplib2
| Versions
[,0.32.0)
H
Authentication Bypass Using an Alternate Path or Channel
CVE-2026-59822
Affects
litellm
| Versions
[,1.84.0)
M
Directory Traversal
CVE-2026-59820
Affects
litellm
| Versions
[,1.83.7)
M
External Control of File Name or Path
CVE-2026-59819
Affects
litellm
| Versions
[,1.83.10)
H
Arbitrary Code Injection
CVE-2026-59821
Affects
litellm
| Versions
[,1.82.0)
H
Infinite loop
CVE-2026-59935
Affects
pypdf
| Versions
[,6.14.2)
H
Infinite loop
CVE-2026-59936
Affects
pypdf
| Versions
[,6.14.1)
H
Insertion of Sensitive Information into Externally-Accessible File or Directory
CVE-2026-49298
Affects
apache-airflow-core
| Versions
[,3.2.2rc1)
M
Improper Handling of Unicode Encoding
CVE-2026-59890
Affects
setuptools
| Versions
[,83.0.0)