Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
Vulnerabilities
search
All ecosystems
581500
AlmaLinux
4292
Alpaquita
8039
Alpine
3937
Android
2912
BellSoft Hardened Containers
304
Bitnami
6334
Chainguard
4755
CRAN
12
crates.io
1934
Debian
51955
Echo
2637
GHC
3
GIT
76663
GitHub Actions
37
Go
5314
Hackage
26
Hex
44
Julia
332
Linux
22983
Mageia
5785
Maven
6122
MinimOS
9107
npm
214197
NuGet
1512
openEuler
5792
openSUSE
10307
OSS-Fuzz
3733
Packagist
5580
Pub
10
PyPI
17582
Red Hat
18078
Rocky Linux
2584
Root
16823
RubyGems
1844
SUSE
17098
SwiftURL
46
Ubuntu
49858
VSCode
15
Wolfi
2914
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7p9h-m7m8-vhhv
Packagist/phpmyfaq/phpmyfaq
Packagist/thorsten/phpmyfaq
phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)
19 minutes ago
Fix available
Severity - 6.5 (Medium)
MAL-2026-494
npm/eits
Malicious code in eits (npm)
2 hours ago
No fix available
MAL-2026-495
npm/h-jsencrypt
Malicious code in h-jsencrypt (npm)
2 hours ago
No fix available
MAL-2026-496
npm/hemi-btc-staking-actions
Malicious code in hemi-btc-staking-actions (npm)
2 hours ago
No fix available
MAL-2026-497
npm/test-on-other
Malicious code in test-on-other (npm)
2 hours ago
No fix available
CGA-9m54-986w-g7rm
Chainguard/gh
Wolfi/gh
See record for full details
3 hours ago
Fix available
CGA-6h22-55xm-mr2f
Chainguard/gh
Wolfi/gh
See record for full details
3 hours ago
Fix available
CGA-28f7-f37x-xfxj
Chainguard/gh
Wolfi/gh
See record for full details
3 hours ago
Fix available
MAL-2026-493
npm/oxnoxon
Malicious code in oxnoxon (npm)
3 hours ago
No fix available
GHSA-c32p-wcqj-j677
Go/github.com/cometbft/cometbft
CometBFT has inconsistencies between how commit signatures are verified and how block time is derived
3 hours ago
Fix available
Severity - 7.1 (High)
GHSA-wvqx-m5px-6cmp
Maven/org.xwiki.platform:xwiki-platform-web-templates
XWiki Affected by Reflected Cross-Site Scripting (XSS) in Error Messages
4 hours ago
Fix available
Severity - 6.5 (Medium)
GHSA-7gcm-g887-7qv7
PyPI/protobuf
protobuf affected by a JSON recursion depth bypass
5 hours ago
No fix available
Severity - 8.2 (High)
CVE-2026-22995
Linux/Kernel
git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
ublk: fix use-after-free in ublk_partition_scan_work
5 hours ago
Fix available
CVE-2026-22994
Linux/Kernel
git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
bpf: Fix reference count leak in bpf_prog_test_run_xdp()
5 hours ago
Fix available
CVE-2026-22993
Linux/Kernel
git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
idpf: Fix RSS LUT NULL ptr issue after soft reset
5 hours ago
Fix available
CVE-2026-22992
Linux/Kernel
git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
libceph: return the handler error from mon_handle_auth_done()
5 hours ago
Fix available
Load more...
Vulnerability Database - OSV