VulnScope — package-centric CVE lookup

Search

23,718 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

MEDIUM6.9CVE-2026-50560Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM4.8Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM5.3Netty is a network application framework for development of protocol servers and clients.6/12/2026
MEDIUM6.7A flaw was found in QEMU's virtio-blk device.6/12/2026
MEDIUM5.3OpenTelemetry-cpp is the C++ implementation of OpenTelemetry.6/12/2026
MEDIUM5.4Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization6/12/2026
MEDIUM5.3Crypt::PBKDF2 versions before 0.261630 for Perl have a weak default algorithm and number of iterations.6/12/2026
MEDIUM5.9Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks.6/12/2026
CRITICAL9.0Budibase: Workspace-scoped builder escalates to global admin via /api/public/v1/roles/assign6/12/2026
MEDIUM6.5Budibase: Unanchored Regex in `matchers.ts` Allows CSRF Bypass via Query String Injection in Budibase Worker6/12/2026
MEDIUM6.7LangGraph has NoSQL parameter injection in MongoDBSaver, allowing cross-tenant state access6/12/2026
MEDIUM6.5A stack buffer overflow flaw was found in the GStreamer H.265 codec parser library (gst-plugins-bad).6/12/2026
MEDIUM5.3Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process t…6/11/2026
CRITICAL9.6Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the rendere…6/11/2026
MEDIUM5.3Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromise…6/11/2026
MEDIUM6.5Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy…6/11/2026
MEDIUM5.3Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to o…6/11/2026
MEDIUM5.1Vim is an open source, command line text editor.6/11/2026
MEDIUM6.9Vim is an open source, command line text editor.6/11/2026
MEDIUM5.3Russh: SSH identification parsing accepted non-canonical client banners and did not bound pre-banner input6/11/2026
MEDIUM6.5Russh: Unchecked keyboard-interactive prompt count in client auth path6/11/2026
MEDIUM6.5An out-of-bounds write vulnerability was found in GStreamer's H.266/VVC PPS picture partition parser in gst-plugins-bad.6/11/2026
MEDIUM5.3@hapi/inert has a static-file confinement bypass via sibling-prefix path6/11/2026
MEDIUM5.3netty-codec-http2: ByteBuf Reference-Count Leak in DelegatingDecompressorFrameListener Leads to Memory Exhaustion6/11/2026
MEDIUM5.3joi has an uncaught RangeError on deeply nested input through recursive `link()` schemas6/11/2026

Page 1 of 949Next →