Search

101 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL9.8CVE-2026-9082⚠ KEVEPSS 13.0%Drupal Core SQL Injection Vulnerability5/20/2026
CRITICAL9.6CVE-2026-45321⚠ KEVEPSS 17.1%Malware in @tanstack/* packages exfiltrates cloud credentials, GitHub tokens, and SSH keys5/12/2026
CRITICAL9.8CVE-2026-42208⚠ KEVEPSS 56.9%LiteLLM has SQL Injection in Proxy API key verification4/24/2026
CRITICAL9.8CVE-2026-39987⚠ KEVEPSS 82.2%Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass4/8/2026
CRITICAL9.8CVE-2026-33017⚠ KEVEPSS 24.0%Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint3/17/2026
CRITICAL9.8CVE-2026-24061⚠ KEVEPSS 91.5%inetutils - security update1/21/2026
CRITICAL9.9CVE-2025-68613⚠ KEVEPSS 65.8%n8n Vulnerable to Remote Code Execution via Expression Injection12/22/2025
CRITICAL10.0CVE-2025-55182⚠ KEVEPSS 82.0%React Server Components are Vulnerable to RCE12/3/2025
CRITICAL9.8CVE-2025-11953⚠ KEVEPSS 20.1%@react-native-community/cli has arbitrary OS command injection11/3/2025
CRITICAL9.8CVE-2025-10585⚠ KEVEPSS 1.5%Google Chromium V8 Type Confusion Vulnerability9/24/2025
CRITICAL9.1CVE-2025-54236⚠ KEVEPSS 72.2%Magento Community Edition Improper Input Validation vulnerability9/9/2025
CRITICAL9.8CVE-2024-4577⚠ KEVEPSS 94.4%Argument Injection in PHP-CGI8/11/2025
CRITICAL9.8CVE-2025-54068⚠ KEVEPSS 58.9%Livewire is vulnerable to remote command execution during component property update hydration7/17/2025
CRITICAL9.8CVE-2025-3248⚠ KEVEPSS 92.7%Langflow Unauth RCE6/17/2025
CRITICAL9.9CVE-2025-49113⚠ KEVEPSS 90.5%roundcube - security update6/2/2025
CRITICAL10.0CVE-2025-32432⚠ KEVEPSS 92.9%Craft CMS Allows Remote Code Execution4/25/2025
CRITICAL9.9CVE-2025-24016⚠ KEVEPSS 93.5%Remote code execution in Wazuh server in github.com/wazuh/wazuh4/22/2025
CRITICAL10.0CVE-2025-32433⚠ KEVEPSS 59.7%Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability4/16/2025
CRITICAL9.0CVE-2024-58136⚠ KEVEPSS 78.9%yiisoft/yii2 Mishandles the Attaching of Behavior Defined by a `__class` Array Key4/10/2025
CRITICAL10.0CVE-2025-24201⚠ KEVEPSS 0.21%Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability3/11/2025
CRITICAL9.8CVE-2025-24813⚠ KEVEPSS 94.1%Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT3/10/2025
CRITICAL9.8CVE-2025-24893⚠ KEVEPSS 93.7%XWiki Platform allows remote code execution as guest via SolrSearchMacros request2/20/2025
CRITICAL9.8CVE-2024-56145⚠ KEVEPSS 93.9%Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled12/18/2024
CRITICAL9.8CVE-2024-9680⚠ KEVEPSS 30.8%firefox-esr - security update10/9/2024
CRITICAL9.6CVE-2024-7971⚠ KEVEPSS 1.0%Google Chromium V8 Type Confusion Vulnerability8/21/2024

Page 1 of 5Next →