Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-33658
Affects activestorage | Versions <7.2.3.1>=8.0.0, <8.0.4.1>=8.1.0, <8.1.2.1
Has fix
RubyGemsPublished 26 Mar 2026
- M
CRLF InjectionCVE-2026-33635
Affects icalendar | Versions >=2.0.0, <2.12.2
Has fix
RubyGemsPublished 25 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-33167
Affects actionpack | Versions >=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- L
Cross-site Scripting (XSS)CVE-2026-33168
Affects actionview | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-33170
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- H
Memory Allocation with Excessive Size ValueCVE-2026-33174
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-33176
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- M
Regular Expression Denial of Service (ReDoS)CVE-2026-33169
Affects activesupport | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- M
Improper Handling of ValuesCVE-2026-33173
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- C
Directory TraversalCVE-2026-33195
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- M
Glob InjectionCVE-2026-33202
Affects activestorage | Versions <7.2.3.1>=8.0.0.beta1, <8.0.4.1>=8.1.0.beta1, <8.1.2.1
Has fix
RubyGemsPublished 24 Mar 2026
- H
Integer Overflow or WraparoundCVE-2026-33306
Affects bcrypt | Versions <3.1.22
Has fix
RubyGemsPublished 20 Mar 2026
- H
Use of Externally-Controlled Format StringCVE-2026-33210
Affects json | Versions >=2.14.0, <2.15.2.1>=2.16.0, <2.17.1.2>=2.18.0, <2.19.2
Has fix
RubyGemsPublished 19 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-33209
Affects avo | Versions <3.30.3
Has fix
RubyGemsPublished 19 Mar 2026
Affects loofah | Versions >=2.25.0, <2.25.1
Has fix
RubyGemsPublished 18 Mar 2026
- H
Unchecked Return ValueCVE-2026-31830
Affects sigstore | Versions <0.2.3
Has fix
RubyGemsPublished 15 Mar 2026
Affects action_text-trix | Versions <2.1.17
Has fix
RubyGemsPublished 12 Mar 2026
- H
Buffer OverflowCVE-2026-27820
Affects zlib | Versions <3.0.1>=3.1.0, <3.1.2>=3.2.0, <3.2.3
Has fix
RubyGemsPublished 12 Mar 2026
- M
Directory TraversalCVE-2026-1776
Affects camaleon_cms | Versions >=2.4.5.0, <2.9.2
Has fix
RubyGemsPublished 12 Mar 2026
- H
Command InjectionCVE-2026-0980
Affects rubyipmi | Versions <0.13.0
Has fix
RubyGemsPublished 2 Mar 2026
Affects nokogiri | Versions >=1.5.1, <1.19.1
Has fix
RubyGemsPublished 19 Feb 2026
- M
Cross-site Scripting (XSS)CVE-2026-25500
Affects rack | Versions <2.2.22>=3.0.0.beta1, <3.1.20>=3.2.0, <3.2.5
Has fix
RubyGemsPublished 18 Feb 2026
- M
Exposure of Information Through Directory ListingCVE-2026-22860
Affects rack | Versions <2.2.22>=3.0.0.beta1, <3.1.20>=3.2.0, <3.2.5
Has fix
RubyGemsPublished 18 Feb 2026
- M
Arbitrary Code ExecutionCVE-2026-2302
Affects mongoid | Versions <7.6.1>=8.0.0, <8.0.12>=8.1.0, <8.1.12>=9.0.0, <9.0.10
Has fix
RubyGemsPublished 11 Feb 2026
Affects bitcoinrb | Versions <1.12.0
Has fix
RubyGemsPublished 11 Feb 2026
- M
Server-side Request Forgery (SSRF)CVE-2026-25765
Affects faraday | Versions <2.14.1
Has fix
RubyGemsPublished 10 Feb 2026
Affects phlex | Versions <1.11.1>=2.0.0.beta1, <2.0.3>=2.1.0, <2.1.3>=2.2.0, <2.2.2>=2.3.0, <2.3.2>=2.4.0.beta1, <2.4.1
Has fix
RubyGemsPublished 9 Feb 2026