VulnScope — 以套件為主體的 CVE 查詢工具- HIGH8.8CVE-2026-42271⚠ KEVEPSS 4.1%LiteLLM: Authenticated command execution via MCP stdio test endpoints
- CRITICAL9.8⚠ KEVEPSS 56.9%LiteLLM has SQL Injection in Proxy API key verification
- CRITICAL9.8⚠ KEVEPSS 80.7%Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass
- —⚠ KEVEPSS 23.9%Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2
- CRITICAL9.8⚠ KEVEPSS 24.0%Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint
- HIGH8.8⚠ KEVEPSS 32.7%Langflow CORS misconfiguration enables Account Takeover and RCE
- HIGH8.0⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting
- CRITICAL9.8⚠ KEVEPSS 92.7%Langflow Unauth RCE
- HIGH8.1⚠ KEVEPSS 70.8%freetype - security update
- CRITICAL9.1⚠ KEVEPSS 93.9%Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.
- MEDIUM5.3⚠ KEVEPSS 94.4%nghttp2 - security update
- HIGH8.8⚠ KEVEPSS 93.3%thunderbird - security update
- HIGH8.9⚠ KEVEPSS 84.0%Apache superset missing check for default SECRET_KEY
- HIGH8.8⚠ KEVEPSS 93.5%Apache Spark UI can allow impersonation if ACLs enabled
- CRITICAL9.8⚠ KEVEPSS 94.4%salt - security update
- CRITICAL9.8⚠ KEVEPSS 94.2%salt - security update
- MEDIUM6.5⚠ KEVEPSS 93.7%SaltStack Salt is vulnerable Arbitrary Directory Access
- CRITICAL9.8⚠ KEVEPSS 94.4%Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
- CRITICAL9.8⚠ KEVEPSS 94.4%Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
- CRITICAL9.0⚠ KEVEPSS 94.4%mod_proxy SSRF
- CRITICAL9.8⚠ KEVEPSS 94.1%Authentication bypass in Apache Airflow
- HIGH8.8⚠ KEVEPSS 22.3%chromium - security update
- HIGH7.8⚠ KEVEPSS 92.6%sudo - security update
- MEDIUM6.5⚠ KEVEPSS 93.0%freetype - security update
- MEDIUM5.5⚠ KEVEPSS 94.4%Microsoft Netlogon Privilege Escalation Vulnerability