Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • M
Unchecked Return Value
Affects nokogiri | Versions >=1.5.1, <1.19.1
Has fix
RubyGemsPublished 19 Feb 2026
  • M
Cross-site Scripting (XSS)CVE-2026-25500
Affects rack | Versions <2.2.22>=3.0.0.beta1, <3.1.20>=3.2.0, <3.2.5
Has fix
RubyGemsPublished 18 Feb 2026
  • M
Exposure of Information Through Directory ListingCVE-2026-22860
Affects rack | Versions <2.2.22>=3.0.0.beta1, <3.1.20>=3.2.0, <3.2.5
Has fix
RubyGemsPublished 18 Feb 2026
  • M
Arbitrary Code ExecutionCVE-2026-2302
Affects mongoid | Versions <7.6.1>=8.0.0, <8.0.12>=8.1.0, <8.1.12>=9.0.0, <9.0.10
Has fix
RubyGemsPublished 11 Feb 2026
  • H
Arbitrary Command Injection
Affects bitcoinrb | Versions <1.12.0
Has fix
RubyGemsPublished 11 Feb 2026
  • M
Server-side Request Forgery (SSRF)CVE-2026-25765
Affects faraday | Versions <2.14.1
Has fix
RubyGemsPublished 10 Feb 2026
  • M
Cross-site Scripting (XSS)
Affects phlex | Versions <1.11.1>=2.0.0.beta1, <2.0.3>=2.1.0, <2.1.3>=2.2.0, <2.2.2>=2.3.0, <2.3.2>=2.4.0.beta1, <2.4.1
Has fix
RubyGemsPublished 9 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25757
Affects spree | Versions <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc2, <5.3.2
Has fix
RubyGemsPublished 9 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2025-65017
Affects decidim | Versions >=0.30.0.rc1, <0.30.4
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2025-65017
Affects decidim-core | Versions >=0.30.0.rc1, <0.30.4
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25758
Affects spree_core | Versions <4.10.3>=5.0.0.rc1, <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc1, <5.3.2
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25758
Affects spree_api | Versions <4.10.3>=5.0.0.rc1, <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc1, <5.3.2
Has fix
RubyGemsPublished 8 Feb 2026
  • M
Improper Certificate ValidationCVE-2026-1530
Affects fog-kubevirt | Versions <1.5.1
Has fix
RubyGemsPublished 3 Feb 2026
  • H
Directory TraversalCVE-2020-36939
Affects cassandra-web | Versions >=0.1.0
Has fix
RubyGemsPublished 29 Jan 2026
  • H
Improper Certificate ValidationCVE-2026-1531
Affects foreman_kubevirt | Versions <0.4.3
Has fix
RubyGemsPublished 29 Jan 2026
  • H
Eval InjectionCVE-2026-23885
Affects alchemy_cms | Versions <7.4.12>=8.0.0.a, <8.0.3
Has fix
RubyGemsPublished 20 Jan 2026
  • C
Eval InjectionCVE-2025-68271
Affects openc3 | Versions >=5.0.6, <6.10.2
Has fix
RubyGemsPublished 14 Jan 2026
  • C
Arbitrary Code InjectionCVE-2011-10019
Affects spree | Versions <0.60.2
Has fix
RubyGemsPublished 14 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22588
Affects spree_api | Versions >=3.7.0.beta, <4.10.2>=5.0.0.rc1, <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 12 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22589
Affects spree_storefront | Versions <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22589
Affects spree_core | Versions <4.10.2>=5.0.0.rc1, <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Inclusion of Sensitive Information in Source Code
Affects shakapacker | Versions <9.5.0
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Server-side Request Forgery (SSRF)CVE-2025-68696
Affects httparty | Versions >=0.0.0, <0.24.0
Has fix
RubyGemsPublished 24 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2023-53936
Affects camaleon_cms | Versions <2.8.0
Has fix
RubyGemsPublished 19 Dec 2025
  • M
Use of a Broken or Risky Cryptographic AlgorithmCVE-2025-14762
Affects aws-sdk-s3 | Versions <1.208.0
Has fix
RubyGemsPublished 18 Dec 2025
  • M
Improper Verification of Cryptographic SignatureCVE-2025-68113
Affects altcha | Versions <1.0.0
Has fix
RubyGemsPublished 17 Dec 2025
  • C
Improper Verification of Cryptographic SignatureCVE-2025-66568
Affects ruby-saml | Versions <1.18.0
Has fix
RubyGemsPublished 9 Dec 2025
  • C
Improper Verification of Cryptographic SignatureCVE-2025-66567
Affects ruby-saml | Versions <1.18.0
Has fix
RubyGemsPublished 9 Dec 2025
  • C
Arbitrary Code InjectionCVE-2011-10026
Affects rd_searchlogic | Versions >=0.0.0
Has fix
RubyGemsPublished 26 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2025-64501
Affects prosemirror_to_html | Versions <0.2.1
Has fix
RubyGemsPublished 7 Nov 2025