Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7v42-g35v-xrch
  • crates.io/httpsig-hyper
 Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass 13 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-4chv-4c6w-w254
  • crates.io/soroban-sdk-macros
 The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide 13 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-p5vf-5754-x7p3
  • crates.io/polymarket-client-sdks
 `polymarket-client-sdks` was removed from crates.io for malicious code 4 days ago
  • No fix available
GHSA-8h58-w33p-wq3g
  • crates.io/pgp
 rPGP affected by crash in message handling for deeply nested messages 4 days ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-g433-pq76-6cmf
  • crates.io/hpke-rs
  • crates.io/hpke-rs-rust-crypto
 Bug fixes in hpke-rs, hpke-rs-rust-crypto 4 days ago
  • Fix available
RUSTSEC-2026-0011
  • crates.io/polymarket-client-sdks
 `polymarket-client-sdks` was removed from crates.io for malicious code 4 days ago
  • No fix available
GHSA-435g-fcv3-8j26
  • crates.io/libcrux-ecdh
  • crates.io/libcrux-ed25519
  • crates.io/libcrux-psq
 Bug-Fixes in `libcrux-ecdh`, `libcrux-ed25519`, `libcrux-psq` 5 days ago
  • Fix available
GHSA-xx7m-69ff-9crp
  • crates.io/surrealdb
 SurrealDB vulnerable to Denial of Service through scripting function memory edge case 5 days ago
  • Fix available
  • Severity - 6.0 (Medium)
GHSA-vgr2-r5hm-f6gf
  • crates.io/sha-rst
 `sha-rst` was removed from crates.io for malicious code 5 days ago
  • No fix available
GHSA-6v2j-vr4h-f632
  • crates.io/finch_cli_rust
 `finch_cli_rust` was removed from crates.io for malicious code 5 days ago
  • No fix available
GHSA-xp79-9mxw-878j
  • crates.io/finch-rst
 `finch-rst` was removed from crates.io for malicious code 5 days ago
  • No fix available
RUSTSEC-2026-0012
  • crates.io/keccak
 Unsoundness in opt-in ARMv8 assembly backend for `keccak` 5 days ago
  • Fix available
GHSA-gcqf-3g44-vc9p
  • crates.io/actix-files
 [actix-files] Panic triggered by empty Range header in GET request for static file 06 Feb
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-8v2v-wjwg-vx6r
  • crates.io/actix-files
 actix-files has a possible exposure of information vulnerability 06 Feb
  • Fix available
  • Severity - 6.3 (Medium)
RUSTSEC-2026-0010
  • crates.io/polymarket-clients-sdk
 `polymarket-clients-sdk` was removed from crates.io for malicious code 06 Feb
  • No fix available
GHSA-f632-vm87-2m2f
  • crates.io/qdrant
 qdrant has arbitrary file write via `/logger` endpoint 05 Feb
  • Fix available
  • Severity - 8.5 (High)
Load more...