VulnScope — package-centric CVE lookup- HIGH8.0CVE-2026-53441Jenkins: Stored XSS vulnerability in node offline cause description
- HIGH8.1In Spring for Apache Kafka, overly broad trusted-package matching in header mappers exposes JDK classes to deserialization
- HIGH8.7Netty has Insufficient Bailiwick Validation for NS Records
- HIGH7.5Netty: SCTP reassembly nests buffers without bound
- HIGH8.7Netty Vulnerable to DNS Cache Poisoning via Missing Bailiwick Checks in CNAME Records
- HIGH7.5Netty: SNI handler pre-allocates up to 16 MiB from nine attacker bytes
- HIGH7.5Netty's Default QUIC token handler accepts any client-supplied token
- HIGH7.5Netty: HAProxy SSL TLV parsing leaks retained slice on invalid TLV length
- HIGH7.5Netty has a Vulnerable Default Configuration Which Leads to Denial of Service via Unbounded HTTP/3 Header Size
- HIGH7.5Netty has Unbounded Direct Memory Consumption in its RedisDecoder
- HIGH7.5Netty: Memory Exhaustion in RedisArrayAggregator due to Deeply Nested Arrays
- HIGH8.1Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking
- LOW3.1Bugsink: Issue bulk actions can affect another project’s issue if its UUID is known
- LOW3.1Bugsink: Issue event views can show an event from another project if its UUID is known
- HIGH8.3praisonai-platform: Agent endpoints accept any agent_id without workspace ownership check, cross-workspace read/update/delete IDOR
- HIGH7.3Apache Airflow: Arbitrary import in custom deadline-reference deserialization
- HIGH8.8Apache Airflow: Authenticated RCE via XCom PATCH endpoint — XComUpdateBody missing FORBIDDEN_XCOM_KEYS validator
- HIGH7.5Apache Airflow: API authorization bypass: bulk TaskInstances allows cross-DAG mutation
- LOW2.5A security flaw has been discovered in gradio-app gradio 6.14.0.
- HIGH8.6Docling Core: Unsafe remote filename resolution
- HIGH8.1Docling Core: Insufficient validation of image reference URIs
- HIGH7.1Docling: Unsafe URI and Path Handling in HTML Backend
- HIGH7.5Docling: Unsafe XML Entity Expansion in USPTO Patent Backend
- HIGH8.2Docling: Unsafe Playwright-based HTML Rendering
- HIGH7.5Docling: Unsafe Zip Extraction in EasyOCR Model Download
← PrevPage 2 of 171Next →