VulnScope — package-centric CVE lookup

Search

1,226 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

LOW3.1CVE-2026-11691Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compr…6/9/2026
LOW3.1Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had comp…6/9/2026
LOW3.1Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utili…6/9/2026
LOW3.1Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to l…6/9/2026
LOW3.1Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known6/5/2026
LOW3.1Bugsink: Issue event views can show an event from another project if its UUID is known6/5/2026
LOW3.1Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised t…6/5/2026
LOW3.1Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-or…6/5/2026
LOW3.1Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had c…6/5/2026
LOW3.1Insufficient validation of untrusted input in Loader in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised…6/5/2026
LOW2.2In OpenStack Neutron before 28.0.1, a project manager can create or update a port on a shared network owned by another project and set devi…6/4/2026
LOW2.5A security flaw has been discovered in gradio-app gradio 6.14.0.6/4/2026
LOW3.7daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processi…6/3/2026
LOW3.1A flaw has been found in dask up to 3.0.6/3/2026
LOW3.3EPSS 0.01%A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11.6/2/2026
LOW3.3EPSS 0.01%A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2.6/1/2026
LOW3.1EPSS 0.04%Apache Airflow: Log server JWT authorization bypass via Python lstrip() character stripping allows cross-Dag log access6/1/2026
LOW3.3EPSS 0.01%A security vulnerability has been detected in Assimp up to 6.0.4.6/1/2026
LOW3.3EPSS 0.01%A vulnerability was determined in Assimp up to 6.0.4.6/1/2026
LOW3.3EPSS 0.01%A vulnerability has been found in Assimp up to 6.0.4.5/31/2026
LOW3.3EPSS 0.01%A flaw has been found in Assimp up to 6.0.4.5/31/2026
LOW3.3EPSS 0.01%A vulnerability was detected in Assimp up to 6.0.4.5/31/2026
LOW3.7Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix5/29/2026
LOW3.17-Zip is a file archiver with a high compression ratio.5/29/2026
LOW3.3Dulwich doesn't sanitize commit subjects in `porcelain.format_patch`5/29/2026

← PrevPage 2 of 50Next →