VulnScope — package-centric CVE lookup

Search

3,465 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL9.6CVE-2026-2587GlassFish's gadget handler is vulnerable to RCE5/19/2026
CRITICAL9.1GlassFish's Administration Console is Vulnerable to RCE5/19/2026
CRITICAL9.8Camel-CXF and Camel-Knative Message Header are Vulnerable to Injection via Missing Inbound Filtering5/19/2026
MEDIUM6.8Keycloak: Unauthorized account takeover via WebAuthn token replay5/19/2026
MEDIUM6.5Keycloak: Information disclosure via OIDC token introspection endpoint audience bypass5/19/2026
MEDIUM4.9Keycloak: Information Disclosure via evaluate-scopes Admin API5/19/2026
MEDIUM5.4Keycloak: Revoked Tokens Can Remain Active When Both Realm-Level and Client-Level `notBefore` Revocation Policies are Configured5/19/2026
MEDIUM4.3Keycloak: Policy bypass during WebAuthn credential registration via client-side JavaScript manipulation5/19/2026
MEDIUM5.3EPSS 0.06%OpenTelemetry Java SDK has Unbounded Memory Allocation in W3C Baggage Propagation5/14/2026
MEDIUM5.3EPSS 0.13%Apache Commons Configuration: StackOverflowError for YAML input with cycles5/14/2026
CRITICAL9.8EPSS 0.05%Goobi viewer - Core: Unauthenticated Solr Streaming Expression Proxy5/13/2026
CRITICAL9.1EPSS 0.03%Security feature bypass vulnerability in Azure Key Vault Keys library for Java5/12/2026
CRITICAL9.1EPSS 0.10%Apache Tomcat: Security constraints not correctly applied5/12/2026
CRITICAL9.8EPSS 0.14%Apache Tomcat: Digest authenticator will authenticate any unknown user5/12/2026
CRITICAL9.8EPSS 0.25%Apache Tomcat: HTTP/2 request headers not validated5/12/2026
CRITICAL9.1EPSS 0.01%sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)5/12/2026
CRITICAL9.1EPSS 0.03%Unity Catalog has a JWT Issuer Validation Bypass tht Allows Complete User Impersonation5/11/2026
MEDIUM5.3EPSS 0.01%Vert.x has a DoS via unbounded server-side SNI SslContext cache growth5/9/2026
MEDIUM6.1EPSS 0.07%Alkacon OpenCms is vulnerable to XSS via updateModelGroups.jsp5/8/2026
MEDIUM6.1EPSS 0.19%Alkacon OpenCms is vulnerable to XSS via cmis-online/type5/8/2026
MEDIUM4.4EPSS 0.01%Spring Cloud Config Server Logged Sensitive Information5/7/2026
CRITICAL9.1EPSS 0.14%Spring Cloud Config vulnerable to Path Traversal5/7/2026
MEDIUM5.3EPSS 0.02%Netty MQTT: Resource exhaustion in MqttDecoder5/7/2026
MEDIUM6.8EPSS 0.01%Netty Redis Codec Encoder has a CRLF Injection Issue5/7/2026
MEDIUM6.5EPSS 0.01%Netty vulnerable to HTTP Request Smuggling due to malformed Transfer-Encoding5/7/2026

← PrevPage 2 of 139Next →