VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

4,463 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.6CVE-2026-55447Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit2026/6/19
CRITICAL9.9Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow2026/6/19
CRITICAL9.0HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allo…2026/6/18
CRITICAL9.8python-statemachine SCXML <data expr> Eval Injection2026/6/18
CRITICAL9.1Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing value…2026/6/17
CRITICAL9.1Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, fo…2026/6/17
CRITICAL9.3Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak2026/6/17
CRITICAL9.1Apache Airflow SFTP provider: Path traversal in SFTPHook.retrieve_directory2026/6/17
CRITICAL9.1Apache DolphinScheduler: The `/v2` experimental interface lacks permission checks2026/6/17
CRITICAL9.8Apache DolphinScheduler: DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure2026/6/17
CRITICAL9.6Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a…2026/6/17
CRITICAL9.8Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API2026/6/16
CRITICAL9.1vLLM: OpenAI auth bypass2026/6/16
CRITICAL9.6Langflow: Unauthenticated RCE in Shareable Playgrounds2026/6/16
CRITICAL9.1Mitigation bypass in the DOM: Security component.2026/6/16
CRITICAL9.1Same-origin policy bypass in the Networking: Cookies component.2026/6/16
CRITICAL9.6Sandbox escape due to incorrect boundary conditions in the Networking component.2026/6/16
CRITICAL9.6Sandbox escape in the Security: Process Sandboxing component.2026/6/16
CRITICAL9.6Sandbox escape in the DOM: Navigation component.2026/6/16
CRITICAL9.6Sandbox escape in the DOM: Workers component.2026/6/16
CRITICAL9.1Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery.2026/6/15
CRITICAL9.1Socket versions before 2.041 for Perl have an out-of-bounds heap read.2026/6/15
CRITICAL9.6Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the rendere…2026/6/11
CRITICAL9.1Meta Ads MCP: Unauthenticated HTTP MCP Tool Execution Leaks Operator Meta Access Token2026/6/11
CRITICAL9.8GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.2026/6/10

第 1 / 179 頁下一頁 →