Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-42205
Affects avo | Versions <3.31.1
Has fix
RubyGemsPublished 27 Apr 2026
  • H
Missing AuthorizationCVE-2026-40870
Affects decidim-comments | Versions <0.30.5>=0.30.0.rc1, <0.31.1
Has fix
RubyGemsPublished 22 Apr 2026
  • H
Missing AuthorizationCVE-2026-40870
Affects decidim-api | Versions <0.30.5>=0.30.0.rc1, <0.31.1
Has fix
RubyGemsPublished 22 Apr 2026
  • L
Authorization Bypass Through User-Controlled Key
Affects fat_free_crm | Versions >=0.10.1-rc1, <0.26.0
Has fix
RubyGemsPublished 16 Apr 2026
  • M
Missing AuthorizationCVE-2026-40869
Affects decidim-budgets | Versions >=0.19.0, <0.30.5>=0.31.0.rc1, <0.31.1
Has fix
RubyGemsPublished 15 Apr 2026
  • H
Infinite loop
Affects iodine | Versions >=0.0.1.pre
Has fix
RubyGemsPublished 15 Apr 2026
  • C
Cross-site Scripting (XSS)CVE-2026-23891
Affects decidim-core | Versions <0.31.1
Has fix
RubyGemsPublished 15 Apr 2026
  • H
Improper Check for Unusual or Exceptional ConditionsCVE-2026-40069
Affects bsv-sdk | Versions <0.8.2
Has fix
RubyGemsPublished 15 Apr 2026
  • H
Improper Verification of Cryptographic SignatureCVE-2026-40070
Affects bsv-wallet | Versions <0.3.4
Has fix
RubyGemsPublished 15 Apr 2026
  • H
Improper Verification of Cryptographic SignatureCVE-2026-40070
Affects bsv-sdk | Versions <0.8.2
Has fix
RubyGemsPublished 15 Apr 2026
  • H
Out-of-bounds ReadCVE-2026-35201
Affects rdiscount | Versions >=1.3.1.1, <2.2.7.4
Has fix
RubyGemsPublished 13 Apr 2026
  • C
Not Failing Securely ('Failing Open')CVE-2026-39324
Affects rack-session | Versions >=2.0.0, <2.1.2
Has fix
RubyGemsPublished 8 Apr 2026
  • H
Regular Expression Denial of Service (ReDoS)CVE-2026-35611
Affects addressable | Versions >=2.3.0, <2.9.0
Has fix
RubyGemsPublished 7 Apr 2026
  • H
Denial of Service (DoS)CVE-2026-34829
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Incorrect Behavior Order: Validate Before CanonicalizeCVE-2026-34786
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Permissive Regular ExpressionCVE-2026-34763
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Denial of Service (DoS)CVE-2026-34826
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Permissive Regular ExpressionCVE-2026-34830
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Denial of Service (DoS)CVE-2026-34230
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Partial String ComparisonCVE-2026-34785
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Improper Handling of Length Parameter InconsistencyCVE-2026-34831
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
CRLF InjectionCVE-2026-26962
Affects rack | Versions >=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Interpretation ConflictCVE-2026-32762
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Improper Validation of Syntactic Correctness of InputCVE-2026-34835
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Inefficient Algorithmic ComplexityCVE-2026-34827
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Interpretation ConflictCVE-2026-26961
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Arbitrary Code InjectionCVE-2026-4800
Affects lodash-rails | Versions >=0.7.0
Has fix
RubyGemsPublished 1 Apr 2026
  • M
Cross-site Scripting (XSS)
Affects action_text-trix | Versions <2.1.18
Has fix
RubyGemsPublished 30 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-34060
Affects ruby-lsp | Versions <0.26.9
Has fix
RubyGemsPublished 29 Mar 2026
  • H
Improper Control of Dynamically-Managed Code ResourcesCVE-2026-33286
Affects graphiti | Versions <1.10.2
Has fix
RubyGemsPublished 29 Mar 2026