VulnScope — package-centric CVE lookup

Search

58,928 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

—CVE-2026-50195containerd: CRI checkpoint import allows local image tag poisoning6/19/2026
—CVE-2026-47262containerd image-triggered runtime DoS via unbounded group parsing6/19/2026
—In the Linux kernel, the following vulnerability has been resolved: bpf: Free reuseport cBPF prog after RCU grace period.6/19/2026
—In the Linux kernel, the following vulnerability has been resolved: ip6_vti: set netns_immutable on the fallback device.6/19/2026
—In the Linux kernel, the following vulnerability has been resolved: RDMA: During rereg_mr ensure that REREG_ACCESS is compatible If IB_MR_R…6/19/2026
HIGH8.8CedarJava has policy injection vulnerability6/19/2026
HIGH8.8CedarJava has type confusion vulnerability6/19/2026
MEDIUM5.8guzzlehttp/guzzle: Dot-Only Cookie Domains Match All Hosts6/19/2026
MEDIUM5.9guzzlehttp/guzzle: Silent HTTPS-Proxy Downgrade to Cleartext6/19/2026
MEDIUM5.3NL Portal Backend Libraries: Unauthenticated form resolver forwards the privileged Objecten-API token to a caller-supplied URL (SSRF)6/19/2026
HIGH8.3libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sf…6/19/2026
CRITICAL9.9Network-AI: Improper Neutralization of Special Elements used in an OS Command6/19/2026
CRITICAL9.1Network-AI: CVE-2026-46701 fix incomplete — empty default secret still authorizes all requests6/19/2026
MEDIUM6.5A path traversal in handling the "path" component of .repo files processed by libzypp before 17.38.13 in the 17.x series, or before 16.22.1…6/19/2026
MEDIUM6.1OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry.6/19/2026
MEDIUM5.4Coturn is a free open source implementation of TURN and STUN Server.6/19/2026
MEDIUM4.9libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation.6/19/2026
—OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry.6/19/2026
HIGH8.1Coturn is a free open source implementation of TURN and STUN Server.6/19/2026
—In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mi…6/19/2026
MEDIUM4.8guzzlehttp/psr7: CRLF Injection in HTTP Start-Line Serialization6/19/2026
MEDIUM5.3ts-deepmerge: Prototype Method Override leads to DoS6/19/2026
CRITICAL9.0HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allo…6/18/2026
MEDIUM5.3A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame.6/18/2026
LOW1.8A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation.6/18/2026

← PrevPage 2 of 2358Next →