VulnScope — package-centric CVE lookup

Search

1,127 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

CRITICAL9.9CVE-2026-42812EPSS 0.12%Apache Polaris has an Improper Input Validation issue5/4/2026
CRITICAL9.9EPSS 0.11%Apache Polaris has an Improper Input Validation issue5/4/2026
CRITICAL9.9EPSS 0.11%Apache Polaris has an Improper Input Validation Issue5/4/2026
CRITICAL9.9EPSS 0.10%Apache Polaris has an Improper Input Validation Issue5/4/2026
CRITICAL9.8EPSS 0.64%Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest5/4/2026
CRITICAL9.1EPSS 0.11%Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing5/4/2026
CRITICAL9.8EPSS 0.08%Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41635 Incomplete Fix)5/1/2026
CRITICAL9.8EPSS 0.29%Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41409 Incomplete Fix)5/1/2026
CRITICAL10.0EPSS 0.09%Shopizer has a path traversal issue4/30/2026
CRITICAL9.0EPSS 0.05%Jenkins GitHub Plugin has an XSS vulnerability4/29/2026
LOW3.7EPSS 0.07%xxl-job has a Resource Injection issue4/29/2026
LOW3.7EPSS 0.06%Spring gRPC AuthenticationException messages are reflected to remote client4/28/2026
CRITICAL9.1EPSS 0.02%Spring Boot's default security filter chain has no authorization rule with Actuator but without Health4/28/2026
CRITICAL9.8EPSS 0.28%Apache MINA Vulnerable to Deserialization of Untrusted Data (CVE-2024-52046 Incomplete Fix)4/27/2026
CRITICAL9.4EPSS 0.33%Apache Camel's Camel-Mail component is vulnerable to Camel message header injection4/27/2026
CRITICAL10.0EPSS 6.1%Apache camel-coap allows header injection that can lead to remote code execution4/27/2026
CRITICAL9.8EPSS 0.06%Apache MINA vulnerable to Deserialization of Untrusted Data4/27/2026
CRITICAL9.9EPSS 0.23%Apache Camel has an incomplete fix for CVE-2025-276364/27/2026
LOW3.7EPSS 0.07%Spring Security Vulnerable to User Attribute Enumeration when Using DaoAuthenticationProvider4/22/2026
CRITICAL9.9EPSS 0.03%Spinnaker: RCE via expression parsing due to unrestricted context handling4/21/2026
CRITICAL9.9EPSS 0.09%Spinnaker: RCE when using gitrepo artifact types due to improper sanitization of user input on branch and paths4/21/2026
CRITICAL9.1EPSS 0.22%Apache Kafka: Missing JWT token validation in OAUTHBEARER authentication4/20/2026
CRITICAL9.0EPSS 0.06%Improper neutralization of specific syntax patterns for unauthorized expressions in Thymeleaf4/15/2026
CRITICAL9.0EPSS 0.06%Improper restriction of the scope of accessible objects in Thymeleaf expressions4/15/2026
CRITICAL9.9EPSS 0.08%Expression Injection in OpenRemote4/14/2026

← PrevPage 2 of 46Next →