Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Denial of Service (DoS)CVE-2026-34829
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Incorrect Behavior Order: Validate Before CanonicalizeCVE-2026-34786
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Permissive Regular ExpressionCVE-2026-34763
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Denial of Service (DoS)CVE-2026-34826
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Permissive Regular ExpressionCVE-2026-34830
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Denial of Service (DoS)CVE-2026-34230
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Partial String ComparisonCVE-2026-34785
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Improper Handling of Length Parameter InconsistencyCVE-2026-34831
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
CRLF InjectionCVE-2026-26962
Affects rack | Versions >=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Interpretation ConflictCVE-2026-32762
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Improper Validation of Syntactic Correctness of InputCVE-2026-34835
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Inefficient Algorithmic ComplexityCVE-2026-34827
Affects rack | Versions >=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • M
Interpretation ConflictCVE-2026-26961
Affects rack | Versions <2.2.23>=3.0.0.beta1, <3.1.21>=3.2.0, <3.2.6
Has fix
RubyGemsPublished 3 Apr 2026
  • H
Arbitrary Code InjectionCVE-2026-4800
Affects lodash-rails | Versions >=0.7.0
Has fix
RubyGemsPublished 1 Apr 2026
  • M
Cross-site Scripting (XSS)
Affects action_text-trix | Versions <2.1.18
Has fix
RubyGemsPublished 30 Mar 2026
  • H
Arbitrary Code InjectionCVE-2026-34060
Affects ruby-lsp | Versions <0.26.9
Has fix
RubyGemsPublished 29 Mar 2026
  • H
Improper Control of Dynamically-Managed Code ResourcesCVE-2026-33286
Affects graphiti | Versions <1.10.2
Has fix
RubyGemsPublished 29 Mar 2026
  • H
Session FixationCVE-2026-33946
Affects mcp | Versions <0.9.2
Has fix
RubyGemsPublished 29 Mar 2026
  • L
Allocation of Resources Without Limits or ThrottlingCVE-2026-33658
Affects activestorage | Versions <7.2.3.1>=8.0.0, <8.0.4.1>=8.1.0, <8.1.2.1
Has fix
RubyGemsPublished 26 Mar 2026
  • M
SQL InjectionCVE-2026-4324
Affects katello | Versions <4.19.1
Has fix
RubyGemsPublished 25 Mar 2026
  • M
CRLF InjectionCVE-2026-33635
Affects icalendar | Versions >=2.0.0, <2.12.2
Has fix
RubyGemsPublished 25 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-33167
Affects actionpack | Versions >=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • L
Cross-site Scripting (XSS)CVE-2026-33168
Affects actionview | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • M
Cross-site Scripting (XSS)CVE-2026-33170
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • H
Memory Allocation with Excessive Size ValueCVE-2026-33174
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2026-33176
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • M
Regular Expression Denial of Service (ReDoS)CVE-2026-33169
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • M
Improper Handling of ValuesCVE-2026-33173
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • C
Directory TraversalCVE-2026-33195
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
  • M
Glob InjectionCVE-2026-33202
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026