Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-2249
  • npm/chai-as-added
 Malicious code in chai-as-added (npm) 22 minutes ago
  • No fix available
MAL-2026-2251
  • npm/testtestsharp
 Malicious code in testtestsharp (npm) 27 minutes ago
  • No fix available
CGA-wf6r-m9m7-hvjf
  • Chainguard/knative-kafka-broker-1.20-dispatcher-loom
  • Chainguard/knative-kafka-broker-fips-1.20-receiver-loom
  • Chainguard/wildfly-openjdk-21
  • Wolfi/wildfly-openjdk-21
 See record for full details 1 hour ago
  • Fix available
MAL-2026-2246
  • npm/@ev-tech/eva-container-api
 Malicious code in @ev-tech/eva-container-api (npm) 2 hours ago
  • No fix available
MAL-2026-2247
  • npm/cua-primitives-server
 Malicious code in cua-primitives-server (npm) 2 hours ago
  • No fix available
MAL-2026-2248
  • npm/shop-republik-ch
 Malicious code in shop-republik-ch (npm) 2 hours ago
  • No fix available
CGA-pxg7-m349-gccx
  • Chainguard/tritonserver-backend-vllm-cuda-12.9
  • Chainguard/tritonserver-backend-vllm-cuda-13.0
  • Chainguard/vllm-openai-cuda-12.9
 See record for full details 2 hours ago
  • Fix available
CGA-42x3-3w3m-56rc
  • Chainguard/tritonserver-backend-vllm-cuda-13.0
 See record for full details 2 hours ago
  • Fix available
CGA-4h86-chwp-p86p
  • Chainguard/tritonserver-backend-vllm-cuda-13.0
 See record for full details 2 hours ago
  • Fix available
CGA-5pv9-gvpq-m4xj
  • Chainguard/tritonserver-backend-vllm-cuda-13.0
 See record for full details 2 hours ago
  • Fix available
GHSA-wcjx-v2wj-xg87
  • PyPI/c2cciutils
 C2C CI utils is vulnerable to DoS via pyasn dependency (CVE-2026-30922) 5 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-c7w3-x93f-qmm8
  • npm/nodemailer
 Nodemailer has SMTP command injection due to unsanitized `envelope.size` parameter 5 hours ago
  • Fix available
  • Severity - 2.3 (Low)
GHSA-prh4-vhfh-24mj
  • Go/github.com/goharbor/harbor
 Harbor: LDAP password and OIDC secret are not redacted in the audit log 5 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-6q6h-j7hj-3r64
  • npm/happy-dom
 Happy DOM ECMAScriptModuleCompiler: unsanitized export names are interpolated as executable code 5 hours ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-2qvq-rjwj-gvw9
  • npm/handlebars
 Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection 5 hours ago
  • Fix available
  • Severity - 4.7 (Medium)
GHSA-2j22-pr5w-6gq8
  • RubyGems/loofah
 Loofah has improper detection of disallowed URIs via `allowed_uri?` 5 hours ago
  • Fix available
  • Severity - 2.3 (Low)
Load more...