logo

Database

Security

Vulnerabilities

Real-time alerts of vulnerabilities across monitored open-source ecosystems.

Ecosystems covered

4

Debian, Maven, Npm & more

Total vulnerabilities tracked

49

From global vulnerability databases

Exclude malware
Package ckeditor

FLAT-NKBKA (MAL-2026-2667)

Use of software with malware In ckeditor5-minimap

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-minimap

FLAT-0FZ1M (CVE-2026-28343)

Reflected cross-site scripting (XSS) In ckeditor5

0.6

Low

Ecosystem: Npm

Package: ckeditor5

FLAT-61O8B (CVE-2025-13980)

Unauthorized access to files In drupal/ckeditor5_premium_features

1.3

Low

Ecosystem: Packagist

Package: drupal/ckeditor5_premium_features

FLAT-LF7V6 (CVE-2025-43783)

Reflected cross-site scripting (XSS) In com.liferay:com.liferay.frontend.editor.ckeditor.web

1.2

Low

Ecosystem: Maven

Package: com.liferay:com.liferay.frontend.editor.ckeditor.web

FLAT-S0SO6 (CVE-2025-58064)

Reflected cross-site scripting (XSS) In ckeditor5

0.6

Low

Ecosystem: Npm

Package: ckeditor5

FLAT-BWMMA (CVE-2025-43761)

Reflected cross-site scripting (XSS) In liferay-ckeditor

2.7

Low

Ecosystem: Npm

Package: liferay-ckeditor

FLAT-FM86C (MAL-2025-17938)

Use of software with malware In dam-pkg-ckeditor

5.2

Medium

Ecosystem: Npm

Package: dam-pkg-ckeditor

FLAT-CMMVS (MAL-2025-17083)

Use of software with malware In ckeditor5-s3-upload

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-s3-upload

FLAT-LXOHE (CVE-2025-6674)

Reflected cross-site scripting (XSS) In drupal/ckeditor5_youtube

1.1

Low

Ecosystem: Packagist

Package: drupal/ckeditor5_youtube

FLAT-64ZVK (CVE-2025-25299)

Reflected cross-site scripting (XSS) In ckeditor5-premium-features

2.7

Low

Ecosystem: Npm

Package: ckeditor5-premium-features

FLAT-YBH7S (MAL-2024-9541)

Use of software with malware In ckeditor5-table

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-table

FLAT-UN1HS (MAL-2024-9540)

Use of software with malware In ckeditor5-cloud-services

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-cloud-services

FLAT-07W5U (MAL-2024-9539)

Use of software with malware In ckeditor5-block-quote

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-block-quote

FLAT-7I2WQ (MAL-2024-9538)

Use of software with malware In ckeditor5-alignment

5.2

Medium

Ecosystem: Npm

Package: ckeditor5-alignment

FLAT-0W2GA (MAL-2024-9201)

Use of software with malware In uploadcare-ckeditor

5.2

Medium

Ecosystem: Npm

Package: uploadcare-ckeditor

FLAT-HCJ5E (CVE-2024-45613)

Reflected cross-site scripting (XSS) In ckeditor5

1.2

Low

Ecosystem: Npm

Package: ckeditor5

FLAT-CLK3W (CVE-2024-43411)

Reflected cross-site scripting (XSS) In ckeditor4

1.1

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-HK8PP (CVE-2024-43407)

Reflected cross-site scripting (XSS) In ckeditor/ckeditor

1.3

Low

Ecosystem: Packagist

Package: ckeditor/ckeditor

FLAT-UV9L0 (CVE-2024-13245)

Reflected cross-site scripting (XSS) In drupal/ckeditor_lts

0.6

Low

Ecosystem: Packagist

Package: drupal/ckeditor_lts

FLAT-O0HGW (CVE-2023-4771)

Reflected cross-site scripting (XSS) In ckeditor4

1.3

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-3O8PL (CVE-2024-24816)

Reflected cross-site scripting (XSS) In ckeditor4

1.3

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-78K4I (CVE-2024-24815)

Reflected cross-site scripting (XSS) In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-3SOH5 (GHSA-hxjc-9j8v-v9pr)

Reflected cross-site scripting (XSS) In ckeditor4

0.0

None

Ecosystem: Npm

Package: ckeditor4

FLAT-URTUF (GHSA-m8fw-p3cr-6jqc)

Reflected cross-site scripting (XSS) In typo3/cms-rte-ckeditor

0.6

Low

Ecosystem: Packagist

Package: typo3/cms-rte-ckeditor

FLAT-K5F7B (CVE-2023-37905)

Reflected cross-site scripting (XSS) In ckeditor-wordcount-plugin

1.3

Low

Ecosystem: Npm

Package: ckeditor-wordcount-plugin

FLAT-7IXKG (CVE-2023-36477)

Server side cross-site scripting In org.xwiki.platform:xwiki-platform-ckeditor-ui

6.1

Medium

Ecosystem: Maven

Package: org.xwiki.platform:xwiki-platform-ckeditor-ui

FLAT-Y22HA (CVE-2023-28439)

Reflected cross-site scripting (XSS) In ckeditor3

1.3

Low

Ecosystem: Debian

Package: ckeditor3

FLAT-MPD9H (CVE-2022-48110)

Reflected cross-site scripting (XSS) In ckeditor5

0.0

None

Ecosystem: Npm

Package: ckeditor5

FLAT-ZA9P3 (CVE-2023-22457)

Cross-site request forgery In org.xwiki.contrib:application-ckeditor-ui

5.9

Medium

Ecosystem: Maven

Package: org.xwiki.contrib:application-ckeditor-ui

FLAT-62LIS (CVE-2022-42116)

Reflected cross-site scripting (XSS) In com.liferay:com.liferay.frontend.editor.ckeditor.web

1.3

Low

Ecosystem: Maven

Package: com.liferay:com.liferay.frontend.editor.ckeditor.web

FLAT-JRYBK (CVE-2022-31175)

Reflected cross-site scripting (XSS) In @ckeditor/ckeditor5-markdown-gfm

0.6

Low

Ecosystem: Npm

Package: @ckeditor/ckeditor5-markdown-gfm

FLAT-5RHZT (CVE-2021-26271)

Asymmetric denial of service - ReDoS In ckeditor4-dev

6.6

Medium

Ecosystem: Npm

Package: ckeditor4-dev

FLAT-128FW (CVE-2020-27193)

Reflected cross-site scripting (XSS) In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-2WZYX (CVE-2014-5191)

Reflected cross-site scripting (XSS) In ckeditor/ckeditor

2.7

Low

Ecosystem: Packagist

Package: ckeditor/ckeditor

FLAT-5MJAD (CVE-2022-24728)

Reflected cross-site scripting (XSS) In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-7H9A4 (CVE-2022-24729)

Asymmetric denial of service - ReDoS In ckeditor

6.6

Medium

Ecosystem: Debian

Package: ckeditor

FLAT-FB87W (DLA-2813-1)

Server side cross-site scripting In ckeditor

1.3

Low

Ecosystem: Debian

Package: ckeditor

FLAT-PKW5W (CVE-2021-26272)

Insecure service configuration In ckeditor4

4.9

Medium

Ecosystem: Npm

Package: ckeditor4

FLAT-1Q29E (CVE-2021-37695)

Reflected cross-site scripting (XSS) In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-AG5WP (CVE-2021-32809)

Lack of data validation - Modify DOM Elements In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-VWY31 (CVE-2021-32808)

Reflected cross-site scripting (XSS) In ckeditor4

1.2

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-VMM0U (CVE-2020-9281)

Reflected cross-site scripting (XSS) In ckeditor4

1.3

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-I218H (CVE-2021-21391)

Asymmetric denial of service In @ckeditor/ckeditor5-widget

4.9

Medium

Ecosystem: Npm

Package: @ckeditor/ckeditor5-widget

FLAT-JPQ7J (CVE-2021-21254)

Asymmetric denial of service In @ckeditor/ckeditor5-markdown-gfm

4.9

Medium

Ecosystem: Npm

Package: @ckeditor/ckeditor5-markdown-gfm

FLAT-37TPM (CVE-2020-9440)

Reflected cross-site scripting (XSS) In ckeditor4

1.3

Low

Ecosystem: Npm

Package: ckeditor4

FLAT-23UN3 (CVE-2018-11093)

Reflected cross-site scripting (XSS) In @ckeditor/ckeditor5-link

1.2

Low

Ecosystem: Npm

Package: @ckeditor/ckeditor5-link

FLAT-4AYPH (DRUPAL-CONTRIB-2018-014)

Improper authorization control for web services In drupal/ckeditor_uploadimage

2.7

Low

Ecosystem: Packagist

Package: drupal/ckeditor_uploadimage

FLAT-YE93Y (DSA-2522-1)

Server side cross-site scripting In fckeditor

1.3

Low

Ecosystem: Debian

Package: fckeditor

FLAT-GE53W (DSA-1836-1)

Server side template injection In fckeditor

2.7

Low

Ecosystem: Debian

Package: fckeditor