VulnScope — package-centric CVE lookup

Search

41,872 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM5.3CVE-2026-49342YARD is a documentation generation tool for the Ruby programming language.6/20/2026
HIGH7.1libde265 is an open source implementation of the h.265 video codec.6/20/2026
MEDIUM4.3libde265 is an open source implementation of the h.265 video codec.6/20/2026
HIGH7.1libde265 is an open source implementation of the h.265 video codec.6/20/2026
MEDIUM6.5A use-after-free vulnerability was found in FFmpeg's RASC video decoder.6/19/2026
CRITICAL9.6Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit6/19/2026
HIGH7.5Langflow: Unauthenticated DoS through multipart form boundary file upload6/19/2026
MEDIUM6.1Langflow: Logout button does not clear session6/19/2026
CRITICAL9.9Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow6/19/2026
MEDIUM6.8dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens6/19/2026
HIGH7.1A remote code execution vulnerability was found in libaom, the reference AV1 codec implementation.6/19/2026
HIGH7.6A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation.6/19/2026
HIGH7.1An arbitrary address write vulnerability was found in libaom, the reference AV1 codec implementation.6/19/2026
HIGH7.1A heap-buffer-overflow read vulnerability was found in libaom, the reference AV1 codec implementation.6/19/2026
MEDIUM6.5libheif is a HEIF and AVIF file format decoder and encoder.6/19/2026
MEDIUM6.5UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps()6/19/2026
HIGH7.1jupyterlab-git excluded_paths Case-Sensitivity Bypass Allows Reading Excluded Directories6/19/2026
HIGH7.5Stanza: Remote Code Execution via Unsafe Pickle Deserialization in Model Loaders6/19/2026
HIGH7.6Home Assistant: Konnected alarm-panel switch state and zone topology disclosed to unauthenticated actors on the LAN6/19/2026
HIGH8.0py7zr: Arbitrary File Write Vulnerability6/19/2026
HIGH7.3Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()6/19/2026
MEDIUM5.8guzzlehttp/guzzle: Dot-Only Cookie Domains Match All Hosts6/19/2026
MEDIUM5.9guzzlehttp/guzzle: Silent HTTPS-Proxy Downgrade to Cleartext6/19/2026
HIGH8.3libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sf…6/19/2026
MEDIUM6.5A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.1…6/19/2026

Page 1 of 1675Next →