VulnScope — 以套件為主體的 CVE 查詢工具

搜尋

60,858 筆結果

嚴重程度:CRITICAL HIGH MEDIUM LOW|生態系:npm PyPI Maven Debian Alpine|⚠ 只看 KEV

CRITICAL9.0CVE-2026-55203HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allo…2026/6/18
MEDIUM5.3A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a `GOAWAY` frame.2026/6/18
LOW1.8A flaw in Node.js Permission Model enforcement allows Bypass via `process.report.writeReport()` Path Misvalidation.2026/6/18
HIGH8.8An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specifically in the MagicYUV decoder, allows denial-of-service and, in…2026/6/18
MEDIUM5.8Signal K Server: Server-Side Request Forgery via Remote Connection Endpoints2026/6/18
CRITICAL9.8gemini-mcp-tool vulnerable to OS command injection and @file exfiltration via prompt quoting (CVE-2026-0755)2026/6/18
MEDIUM5.4OpenClaw: Empty-scope device re-pairing could confuse caller scope containment2026/6/18
HIGH7.1OpenClaw: Workspace-derived service PATH could influence trash command selection2026/6/18
HIGH7.1OpenClaw: Workspace .env STATE_DIRECTORY could influence bundled runtime dependency roots2026/6/18
HIGH8.1OpenClaw: Discord allowFrom could bind to mutable display names2026/6/18
HIGH7.1OpenClaw: Workspace .env npm_execpath could influence bundled runtime dependency install2026/6/18
HIGH7.1OpenClaw: Linux and macOS exec allowlists skipped configured argument patterns2026/6/18
MEDIUM4.2OpenClaw: BlueBubbles sender policy could match mutable conversation identifiers2026/6/18
MEDIUM6.5OpenClaw: memory-wiki shared search could miss session visibility checks2026/6/18
MEDIUM5.5OpenClaw: Config recovery could restore openclaw.json with broad file permissions2026/6/18
HIGH8.1OpenClaw: Zalo allowFrom could bind to mutable display names2026/6/18
MEDIUM4.3OpenClaw: Skill-command dispatch could skip before-tool-call hooks2026/6/18
MEDIUM6.1OpenClaw: Exported session HTML could keep unsafe markdown links2026/6/18
MEDIUM5.3OpenClaw: Slack reaction events could ignore reaction notification settings2026/6/18
MEDIUM4.2OpenClaw: Bootstrap token replay could widen pending pairing scopes2026/6/18
HIGH8.1OpenClaw: Shell positional parameters could weaken strict inline-eval checks2026/6/18
MEDIUM6.5OpenClaw: Hostname checks could treat trailing-dot hosts inconsistently2026/6/18
MEDIUM4.3OpenClaw: Exec allowlist could miss side effects from transparent command wrappers2026/6/18
MEDIUM6.5NL Portal Backend Libraries: Document contents remained downloadable by any logged-in user (incomplete fix of CVE-2026-49463)2026/6/18
MEDIUM4.2Daytona: Path traversal in sandbox volume id mounts arbitrary host paths into the sandbox — cross-tenant data access and host escape2026/6/18

第 1 / 2435 頁下一頁 →