VulnScope — package-centric CVE lookup

Search

34 results

Severity:CRITICAL HIGH MEDIUM LOW|Ecosystem:npm PyPI Maven Debian Alpine|⚠ In KEV only

HIGH8.8CVE-2026-42271⚠ KEVEPSS 4.1%LiteLLM: Authenticated command execution via MCP stdio test endpoints4/25/2026
CRITICAL9.8⚠ KEVEPSS 56.9%LiteLLM has SQL Injection in Proxy API key verification4/24/2026
CRITICAL9.8⚠ KEVEPSS 80.7%Marimo: Pre-Auth Remote Code Execution via Terminal WebSocket Authentication Bypass4/8/2026
—⚠ KEVEPSS 23.9%Trivy ecosystem supply chain was briefly compromised in github.com/aquasecurity/trivy3/30/2026
CRITICAL9.8⚠ KEVEPSS 24.0%Unauthenticated Remote Code Execution in Langflow via Public Flow Build Endpoint3/17/2026
HIGH8.8⚠ KEVEPSS 32.7%Langflow CORS misconfiguration enables Account Takeover and RCE12/6/2025
HIGH8.0⚠ KEVEPSS 0.60%Git allows arbitrary code execution through broken config quoting7/8/2025
CRITICAL9.8⚠ KEVEPSS 92.7%Langflow Unauth RCE6/17/2025
HIGH8.1⚠ KEVEPSS 70.8%freetype - security update3/11/2025
CRITICAL9.1⚠ KEVEPSS 93.9%Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path.7/1/2024
MEDIUM5.3⚠ KEVEPSS 94.4%Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc10/10/2023
HIGH8.8⚠ KEVEPSS 93.3%libwebp: OOB write in BuildHuffmanTable9/12/2023
HIGH8.9⚠ KEVEPSS 84.0%Apache superset missing check for default SECRET_KEY4/24/2023
HIGH8.8⚠ KEVEPSS 93.5%Apache Spark UI can allow impersonation if ACLs enabled7/19/2022
CRITICAL9.8⚠ KEVEPSS 94.4%SaltStack Salt Command Injection in netapi ssh client5/24/2022
CRITICAL9.8⚠ KEVEPSS 94.2%SaltStack Salt Unauthenticated Remote Code Execution5/24/2022
MEDIUM6.5⚠ KEVEPSS 93.7%SaltStack Salt is vulnerable Arbitrary Directory Access5/24/2022
CRITICAL9.8⚠ KEVEPSS 94.4%Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)10/7/2021
CRITICAL9.8⚠ KEVEPSS 94.4%Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.4910/5/2021
CRITICAL9.0⚠ KEVEPSS 94.4%mod_proxy SSRF9/16/2021
CRITICAL9.8⚠ KEVEPSS 94.1%Authentication bypass in Apache Airflow4/30/2021
HIGH8.8⚠ KEVEPSS 22.3%chromium - security update2/9/2021
HIGH7.8⚠ KEVEPSS 92.6%sudo - security update1/26/2021
MEDIUM6.5⚠ KEVEPSS 93.0%freetype - security update10/27/2020
MEDIUM5.5⚠ KEVEPSS 94.4%Microsoft Netlogon Privilege Escalation Vulnerability8/17/2020

Page 1 of 2Next →