VulnScope — package-centric CVE lookup

Search

238 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-11645⚠ KEVGoogle Chromium V8 Out-of-Bounds Read and Write Vulnerability6/9/2026
CRITICAL9.6⚠ KEVEPSS 17.1%Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys5/12/2026
HIGH8.8⚠ KEVEPSS 4.1%LiteLLM: Authenticated command execution via MCP stdio test endpoints4/25/2026
CRITICAL9.8⚠ KEVEPSS 56.9%LiteLLM has SQL Injection in Proxy API key verification4/24/2026
HIGH7.8⚠ KEVEPSS 2.2%Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability4/22/2026
CRITICAL9.8⚠ KEVEPSS 80.7%Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass4/8/2026
HIGH8.8⚠ KEVEPSS 83.5%Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans4/7/2026
HIGH8.8⚠ KEVEPSS 0.65%Google Dawn Use-After-Free Vulnerability4/1/2026
—⚠ KEVEPSS 23.9%Trivy ecosystem supply chain was briefly compromised in github.com/aquasecurity/trivy3/30/2026
CRITICAL9.8⚠ KEVEPSS 24.0%Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint3/17/2026
HIGH8.8⚠ KEVEPSS 3.2%Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability3/13/2026
HIGH8.8⚠ KEVEPSS 0.45%chromium - security update3/13/2026
HIGH8.8⚠ KEVEPSS 23.1%Google Chromium CSS Use-After-Free Vulnerability2/13/2026
CRITICAL9.8⚠ KEVEPSS 91.5%inetutils - security update1/21/2026
CRITICAL9.9⚠ KEVEPSS 65.8%n8n Vulnerable to Remote Code Execution via Expression Injection12/22/2025
MEDIUM6.1⚠ KEVEPSS 6.9%RoundCube Webmail Cross-site Scripting Vulnerability12/18/2025
HIGH8.8⚠ KEVEPSS 0.16%Apple Multiple Products Use-After-Free WebKit Vulnerability12/17/2025
HIGH8.8⚠ KEVEPSS 0.30%webkit2gtk - security update12/12/2025
HIGH8.8⚠ KEVEPSS 32.7%Langflow CORS misconfiguration enables Account Takeover and RCE12/6/2025
CRITICAL10.0⚠ KEVEPSS 84.5%React Server Components are Vulnerable to RCE12/3/2025
HIGH8.8⚠ KEVEPSS 2.8%chromium - security update11/17/2025
HIGH8.8⚠ KEVEPSS 0.05%Apple Multiple products Use-After-Free Vulnerability11/5/2025
CRITICAL9.8⚠ KEVEPSS 27.9%@react-native-community/cli has arbitrary OS command injection11/3/2025
HIGH7.8⚠ KEVEPSS 0.53%open-vm-tools - security update9/29/2025
CRITICAL9.8⚠ KEVEPSS 1.5%Google Chromium V8 Type Confusion Vulnerability9/24/2025

Page 1 of 10Next →