Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25757
Affects spree | Versions <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc2, <5.3.2
Has fix
RubyGemsPublished 9 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2025-65017
Affects decidim | Versions >=0.30.0.rc1, <0.30.4
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2025-65017
Affects decidim-core | Versions >=0.30.0.rc1, <0.30.4
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25758
Affects spree_core | Versions <4.10.3>=5.0.0.rc1, <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc1, <5.3.2
Has fix
RubyGemsPublished 8 Feb 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-25758
Affects spree_api | Versions <4.10.3>=5.0.0.rc1, <5.0.8>=5.1.0.beta, <5.1.10>=5.2.0.rc1, <5.2.7>=5.3.0.rc1, <5.3.2
Has fix
RubyGemsPublished 8 Feb 2026
  • M
Improper Certificate ValidationCVE-2026-1530
Affects fog-kubevirt | Versions <1.5.1
Has fix
RubyGemsPublished 3 Feb 2026
  • H
Directory TraversalCVE-2020-36939
Affects cassandra-web | Versions >=0.1.0
Has fix
RubyGemsPublished 29 Jan 2026
  • H
Improper Certificate ValidationCVE-2026-1531
Affects foreman_kubevirt | Versions <0.4.3
Has fix
RubyGemsPublished 29 Jan 2026
  • H
Eval InjectionCVE-2026-23885
Affects alchemy_cms | Versions <7.4.12>=8.0.0.a, <8.0.3
Has fix
RubyGemsPublished 20 Jan 2026
  • C
Eval InjectionCVE-2025-68271
Affects openc3 | Versions >=5.0.6, <6.10.2
Has fix
RubyGemsPublished 14 Jan 2026
  • C
Arbitrary Code InjectionCVE-2011-10019
Affects spree | Versions <0.60.2
Has fix
RubyGemsPublished 14 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22588
Affects spree_api | Versions >=3.7.0.beta, <4.10.2>=5.0.0.rc1, <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 12 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22589
Affects spree_storefront | Versions <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Authorization Bypass Through User-Controlled KeyCVE-2026-22589
Affects spree_core | Versions <4.10.2>=5.0.0.rc1, <5.0.7>=5.1.0.beta, <5.1.9>=5.2.0.rc1, <5.2.5
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Inclusion of Sensitive Information in Source Code
Affects shakapacker | Versions <9.5.0
Has fix
RubyGemsPublished 11 Jan 2026
  • H
Server-side Request Forgery (SSRF)CVE-2025-68696
Affects httparty | Versions >=0.0.0, <0.24.0
Has fix
RubyGemsPublished 24 Dec 2025
  • M
Cross-site Scripting (XSS)CVE-2023-53936
Affects camaleon_cms | Versions <2.8.0
Has fix
RubyGemsPublished 19 Dec 2025
  • M
Use of a Broken or Risky Cryptographic AlgorithmCVE-2025-14762
Affects aws-sdk-s3 | Versions <1.208.0
Has fix
RubyGemsPublished 18 Dec 2025
  • M
Improper Verification of Cryptographic SignatureCVE-2025-68113
Affects altcha | Versions <1.0.0
Has fix
RubyGemsPublished 17 Dec 2025
  • C
Improper Verification of Cryptographic SignatureCVE-2025-66568
Affects ruby-saml | Versions <1.18.0
Has fix
RubyGemsPublished 9 Dec 2025
  • C
Improper Verification of Cryptographic SignatureCVE-2025-66567
Affects ruby-saml | Versions <1.18.0
Has fix
RubyGemsPublished 9 Dec 2025
  • C
Arbitrary Code InjectionCVE-2011-10026
Affects rd_searchlogic | Versions >=0.0.0
Has fix
RubyGemsPublished 26 Nov 2025
  • M
Cross-site Scripting (XSS)CVE-2025-64501
Affects prosemirror_to_html | Versions <0.2.1
Has fix
RubyGemsPublished 7 Nov 2025
  • C
Arbitrary File Write via Archive Extraction (Zip Slip)CVE-2025-12790
Affects mqtt | Versions <0.7.0
Has fix
RubyGemsPublished 7 Nov 2025
  • M
Regular Expression Denial of Service (ReDoS)CVE-2025-61921
Affects sinatra | Versions <4.2.0
Has fix
RubyGemsPublished 12 Oct 2025
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2025-61919
Affects rack | Versions >=3.2.0, <3.2.3>=3.0.0, <3.1.18<2.2.20
Has fix
RubyGemsPublished 12 Oct 2025
  • M
Information ExposureCVE-2025-61780
Affects rack | Versions <2.2.20>=3.0.0.beta1, <3.1.18>=3.2.0, <3.2.3
Has fix
RubyGemsPublished 10 Oct 2025
  • M
Improper Removal of Sensitive Information Before Storage or TransferCVE-2025-61594
Affects uri | Versions <0.12.5>=0.13.0, <0.13.3>=1.0.0, <1.0.4
Has fix
RubyGemsPublished 9 Oct 2025
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2025-61770
Affects rack | Versions <2.2.19>=3.1.0, <3.1.17>=3.2.0, <3.2.2
Has fix
RubyGemsPublished 7 Oct 2025
  • H
Allocation of Resources Without Limits or ThrottlingCVE-2025-61771
Affects rack | Versions <2.2.19>=3.1.0, <3.1.17>=3.2.0, <3.2.2
Has fix
RubyGemsPublished 7 Oct 2025