Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
CVE-2026-26013
  • github.com/langchain-ai/langchain
 LangChain affected by SSRF via image_url token counting in ChatOpenAI.get_num_tokens_from_messages 7 hours ago
  • Fix available
  • Severity - 3.7 (Low)
CVE-2026-26007
  • github.com/pyca/cryptography
 cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves 7 hours ago
  • Fix available
  • Severity - 8.2 (High)
CVE-2026-26006
  • github.com/significant-gravitas/autogpt
 Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt 7 hours ago
  • Fix available
  • Severity - 6.5 (Medium)
CVE-2026-25506
  • github.com/dun/munge
 MUNGE has a buffer overflow in message unpacking allows key leakage and credential forgery 10 hours ago
  • Fix available
  • Severity - 7.7 (High)
CVE-2026-26003
  • github.com/labring/fastgpt
 FastGPT Plugin forwarding request is not authenticated, posing a serious risk of attack 11 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
CVE-2026-25992
  • github.com/siyuan-note/siyuan
 SiYuan has a File Read Interface Case Bypass Vulnerability 11 hours ago
  • Fix available
  • Severity - 7.5 (High)
CVE-2026-25956
  • github.com/frappe/frappe
 Frappe Affected by XSS and Open Redirect in Sign Up 11 hours ago
  • Fix available
  • Severity - 6.1 (Medium)
CVE-2026-25947
  • github.com/worklenz/worklenz
 Worklenz Boolean-Based Blind SQL Injection via Improper ORDER BY Clause Input Validation 11 hours ago
  • Fix available
  • Severity - 8.8 (High)
CVE-2026-25805
  • github.com/zed-industries/zed
 Zed does not show Parameter Values for MCP Tool Calls. Users cannot detect tool poisoning. 11 hours ago
  • Fix available
  • Severity - 6.4 (Medium)
CVE-2026-25646
  • github.com/pnggroup/libpng
 LIBPNG has a heap buffer overflow in png_set_quantize 11 hours ago
  • Fix available
  • Severity - 8.3 (High)
CVE-2026-25577
  • github.com/emmett-framework/core
 Emmett has an Unhandled CookieError Exception Causing Denial of Service 11 hours ago
  • Fix available
  • Severity - 7.5 (High)
CVE-2026-24045
  • github.com/docmost/docmost
 Docmost Affected by Stored XSS in Public Share Page 11 hours ago
  • Fix available
  • Severity - 7.3 (High)
CVE-2026-25530
  • github.com/kanboard/kanboard
 Kanboard is missing authorization check in getSwimlane API allows cross-project data access 12 hours ago
  • Fix available
  • Severity - 4.3 (Medium)
CVE-2026-24885
  • github.com/kanboard/kanboard
 Kanboard Affected by Cross-Site Request Forgery (CSRF) via Content-Type Misconfiguration in Project Role Assignment 12 hours ago
  • Fix available
  • Severity - 5.7 (Medium)
CVE-2026-2259
  • github.com/aardappel/lobster
 See record for full details yesterday
  • Fix available
  • Severity - 3.3 (Low)
CVE-2026-2258
  • github.com/aardappel/lobster
 See record for full details yesterday
  • Fix available
  • Severity - 3.3 (Low)
Load more...