FLAT-ZTOH8 (CVE-2026-35675)
Account Takeover In phpmyfaq/phpmyfaq
9.1
Critical
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-LYFNO (CVE-2026-35672)
Insecure functionality In thorsten/phpmyfaq
6.3
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-OZYX1 (CVE-2026-35671)
Improper authorization control for web services In thorsten/phpmyfaq
6.1
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-KQ2O7 (CVE-2026-35676)
Account lockout In phpmyfaq/phpmyfaq
6.8
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-MQSB4 (CVE-2026-24425)
Server side template injection In php-twig
6.1
Medium
Ecosystem: Debian
Package: php-twig
FLAT-B9WM1 (CVE-2026-46365)
Improper authorization control for web services In thorsten/phpmyfaq
1.3
Low
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-GU63Z (CVE-2026-45008)
Lack of data validation - Path Traversal In phpmyfaq/phpmyfaq
5.7
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-NAQ2C (CVE-2026-46363)
Server side cross-site scripting In phpmyfaq/phpmyfaq
0.5
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-O30L8 (CVE-2026-46360)
Server side cross-site scripting In phpmyfaq/phpmyfaq
0.4
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-WSOW4 (CVE-2026-45009)
Authentication mechanism absence or evasion In phpmyfaq/phpmyfaq
1.3
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-ZQQZS (CVE-2026-46367)
Server side cross-site scripting In phpmyfaq
7.3
High
Ecosystem: Packagist
Package: phpmyfaq
FLAT-Z3WRV (CVE-2026-46491)
Lack of data validation - Path Traversal In simplesamlphp/simplesamlphp-module-casserver
6.7
Medium
Ecosystem: Packagist
Package: simplesamlphp/simplesamlphp-module-casserver
FLAT-EJ9CT (CVE-2026-45062)
Lack of data validation In github.com/dunglas/frankenphp
8.2
High
Ecosystem: Go
Package: github.com/dunglas/frankenphp
FLAT-FFE1N (CVE-2025-65954)
Server-side request forgery (SSRF) In simplesamlphp/simplesamlphp-module-casserver
0.5
Low
Ecosystem: Packagist
Package: simplesamlphp/simplesamlphp-module-casserver
FLAT-WVZD8 (CVE-2026-6811)
Improper resource allocation In php-mongodb
2.3
Low
Ecosystem: Debian
Package: php-mongodb
FLAT-RGMUG (CVE-2026-44167)
Asymmetric denial of service - ReDoS In phpseclib
6.3
Medium
Ecosystem: Debian
Package: phpseclib
FLAT-RNPVL (MAL-2026-3637)
Use of software with malware In intercom-php
5.2
Medium
Ecosystem: Packagist
Package: intercom-php
FLAT-LHPSW (CVE-2026-7263)
Improper resource allocation In php8.4
1.7
Low
Ecosystem: Debian
Package: php8.4
FLAT-E219E (CVE-2026-6104)
Out-of-bounds read In php8.4
1.7
Low
Ecosystem: Debian
Package: php8.4
FLAT-26IDU (CVE-2026-7261)
Improper resource allocation In php7.4
1.7
Low
Ecosystem: Debian
Package: php7.4
FLAT-4JH79 (CVE-2026-7258)
Lack of data validation In php8.2
1.7
Low
Ecosystem: Debian
Package: php8.2
FLAT-EWJ35 (CVE-2026-7262)
Asymmetric denial of service In php8.4
1.7
Low
Ecosystem: Debian
Package: php8.4
FLAT-I3Q1J (CVE-2026-7568)
Out-of-bounds read In php8.4
1.7
Low
Ecosystem: Debian
Package: php8.4
FLAT-MDIRX (CVE-2026-6722)
Improper resource allocation In php8.4
8.4
High
Ecosystem: Debian
Package: php8.4
FLAT-MLK2N (CVE-2026-7259)
Lack of data validation In php8.2
0.5
Low
Ecosystem: Debian
Package: php8.2
FLAT-Z25SW (CVE-2026-6735)
Reflected cross-site scripting (XSS) In php8.4
5.9
Medium
Ecosystem: Debian
Package: php8.4
FLAT-JZAKH (CVE-2025-14179)
SQL injection - Code In php8.2
5.9
Medium
Ecosystem: Debian
Package: php8.2
FLAT-MM39P (GHSA-gr3r-crp5-qrrm)
Use of software with malware In intercom/intercom-php
6.0
Medium
Ecosystem: Packagist
Package: intercom/intercom-php
FLAT-F60DU (CVE-2026-42552)
Technical information leak In flightphp/core
7.7
High
Ecosystem: Packagist
Package: flightphp/core
FLAT-BR9OL (CVE-2026-42551)
Lack of data validation In flightphp/core
5.7
Medium
Ecosystem: Packagist
Package: flightphp/core
FLAT-S7Q6Z (CVE-2026-42550)
SQL injection - Code In flightphp/core
8.4
High
Ecosystem: Packagist
Package: flightphp/core
FLAT-R0XJU (CVE-2026-42549)
Lack of data validation - Path Traversal In flightphp/core
0.4
Low
Ecosystem: Packagist
Package: flightphp/core
FLAT-3R9DC (CVE-2026-42548)
Reflected cross-site scripting (XSS) In flightphp/core
6.2
Medium
Ecosystem: Packagist
Package: flightphp/core
FLAT-BN692 (GHSA-289f-fq7w-6q2w)
SQL injection - Code In thorsten/phpmyfaq
9.1
Critical
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-RVA97 (GHSA-gh9p-q46p-57g2)
Lack of data validation - Path Traversal In thorsten/phpmyfaq
4.1
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-R6ZKZ (GHSA-99qv-g4x9-mgc3)
Authentication mechanism absence or evasion In thorsten/phpmyfaq
2.7
Low
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-EBXAB (GHSA-pm8c-3qq3-72w7)
SQL injection - Code In phpmyfaq/phpmyfaq
6.1
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-TWPV2 (GHSA-9pq7-mfwh-xx2j)
Lack of protection against brute force attacks In thorsten/phpmyfaq
8.9
High
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-DIWP3 (GHSA-jrc5-w569-h7h5)
Authentication mechanism absence or evasion In thorsten/phpmyfaq
0.6
Low
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-18VYL (GHSA-pqh6-8fxf-jx22)
Server side cross-site scripting In phpmyfaq/phpmyfaq
3.8
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-56JDO (GHSA-rm98-82fr-mcfx)
Improper authorization control for web services In phpmyfaq/phpmyfaq
1.3
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-J9NUQ (GHSA-whqh-9pq5-c7r3)
Server side cross-site scripting In phpmyfaq/phpmyfaq
5.6
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-2TLDV (GHSA-f5p7-2c9q-8896)
Server side cross-site scripting In phpmyfaq/phpmyfaq
4.0
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-LCK1F (GHSA-7cx3-2qx2-3g6w)
Improper authorization control for web services In thorsten/phpmyfaq
1.3
Low
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-MKGEB (GHSA-hpgw-ww76-c68r)
Authentication mechanism absence or evasion In thorsten/phpmyfaq
5.7
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-WFDG0 (GHSA-9525-27vj-c8r8)
Server side cross-site scripting In thorsten/phpmyfaq
5.7
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-42RMU (GHSA-r7cg-qjjm-xhqq)
Improper resource allocation In webonyx/graphql-php
7.8
High
Ecosystem: Packagist
Package: webonyx/graphql-php
FLAT-68R80 (GHSA-fc86-6rv6-2jpm)
Improper resource allocation In webonyx/graphql-php
7.7
High
Ecosystem: Packagist
Package: webonyx/graphql-php
FLAT-TARMR (CVE-2026-42569)
Improper authorization control for web services In nabeel/phpvms
7.9
High
Ecosystem: Packagist
Package: nabeel/phpvms
FLAT-5TEB6 (CVE-2026-40902)
Improper resource allocation In phpoffice/phpspreadsheet
7.7
High
Ecosystem: Packagist
Package: phpoffice/phpspreadsheet
FLAT-32YY7 (CVE-2026-40863)
Asymmetric denial of service - ReDoS In phpoffice/phpspreadsheet
7.7
High
Ecosystem: Packagist
Package: phpoffice/phpspreadsheet
FLAT-BG04V (CVE-2026-34084)
Insecure deserialization In phpoffice/phpspreadsheet
7.2
High
Ecosystem: Packagist
Package: phpoffice/phpspreadsheet
FLAT-2A5LL (CVE-2026-40296)
Server side cross-site scripting In phpoffice/phpspreadsheet
0.5
Low
Ecosystem: Packagist
Package: phpoffice/phpspreadsheet
FLAT-FA9NE (CVE-2026-35453)
Reflected cross-site scripting (XSS) In phpoffice/phpspreadsheet
1.3
Low
Ecosystem: Packagist
Package: phpoffice/phpspreadsheet
FLAT-1MMXB (GHSA-mh6w-vxff-9wqp)
Lack of data validation In phpunit/phpunit
5.8
Medium
Ecosystem: Packagist
Package: phpunit/phpunit
FLAT-6RNFW (CVE-2026-41570)
Lack of data validation In phpunit/phpunit
5.8
Medium
Ecosystem: Packagist
Package: phpunit/phpunit
FLAT-SX9CG (CVE-2026-40476)
Improper resource allocation In webonyx/graphql-php
2.7
Low
Ecosystem: Packagist
Package: webonyx/graphql-php
FLAT-JD8GI (CVE-2026-40194)
Lack of data validation - Path Traversal In php-phpseclib
1.7
Low
Ecosystem: Debian
Package: php-phpseclib
FLAT-TO70H (CVE-2021-21707)
Lack of data validation - Path Traversal In php
2.7
Low
Ecosystem: Alpm
Package: php
FLAT-DXJLD (CVE-2015-9253)
Asymmetric denial of service In php-fpm
7.7
High
Ecosystem: Alpm
Package: php-fpm
FLAT-63Z3X (CVE-2018-7260)
Reflected cross-site scripting (XSS) In phpmyadmin
0.5
Low
Ecosystem: Alpm
Package: phpmyadmin
FLAT-KEHKC (CVE-2020-7071)
Lack of data validation In php
2.7
Low
Ecosystem: Alpm
Package: php
FLAT-RBJ2J (CVE-2021-21702)
Lack of data validation In php
6.6
Medium
Ecosystem: Alpm
Package: php
FLAT-DCKUH (CVE-2021-27927)
Improper authorization control for web services In zabbix-frontend-php
6.3
Medium
Ecosystem: Alpm
Package: zabbix-frontend-php
FLAT-8PVKZ (CVE-2021-21704)
Lack of data validation In php
4.6
Medium
Ecosystem: Alpm
Package: php
FLAT-NOJIU (CVE-2021-21705)
Lack of data validation In php
2.7
Low
Ecosystem: Alpm
Package: php
FLAT-FFENK (CVE-2021-21703)
Out-of-bounds read In php
4.4
Medium
Ecosystem: Alpm
Package: php
FLAT-FP3ED (CVE-2016-6911)
Out-of-bounds read In php
4.9
Medium
Ecosystem: Alpm
Package: php
FLAT-0ILDJ (CVE-2016-7478)
Insecure deserialization In php
6.3
Medium
Ecosystem: Alpm
Package: php
FLAT-6ALK9 (CVE-2016-7568)
Out-of-bounds read In php
8.1
High
Ecosystem: Alpm
Package: php
FLAT-DLHJK (CVE-2016-8670)
Out-of-bounds read In php
9.1
Critical
Ecosystem: Alpm
Package: php
FLAT-DFB72 (CVE-2016-9138)
Insecure deserialization In php
6.7
Medium
Ecosystem: Alpm
Package: php
FLAT-VF8KK (CVE-2016-9933)
Improper resource allocation In php
6.6
Medium
Ecosystem: Alpm
Package: php
FLAT-1O4UN (CVE-2016-9934)
Lack of data validation In php
7.7
High
Ecosystem: Alpm
Package: php
FLAT-NUZLC (CVE-2016-9935)
Out-of-bounds read In php
6.7
Medium
Ecosystem: Alpm
Package: php
FLAT-ZYEJI (CVE-2016-9936)
Insecure deserialization In php
8.0
High
Ecosystem: Alpm
Package: php
FLAT-IUE6M (CVE-2017-5340)
Out-of-bounds read In php
8.4
High
Ecosystem: Alpm
Package: php
FLAT-F8FOI (CVE-2016-7125)
Lack of data validation In php
7.7
High
Ecosystem: Alpm
Package: php
FLAT-D9MG1 (CVE-2019-11043)
Improper resource allocation - Buffer overflow In php
8.4
High
Ecosystem: Alpm
Package: php
FLAT-R5NFH (CVE-2020-35132)
Server side cross-site scripting In phpldapadmin
1.2
Low
Ecosystem: Alpm
Package: phpldapadmin
FLAT-Q1ZJ6 (CVE-2026-34974)
Server side cross-site scripting In thorsten/phpmyfaq
5.6
Medium
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-KL6V2 (CVE-2026-34973)
NoSQL injection In thorsten/phpmyfaq
2.7
Low
Ecosystem: Packagist
Package: thorsten/phpmyfaq
FLAT-3AM1J (CVE-2026-34729)
Server side cross-site scripting In phpmyfaq/phpmyfaq
7.2
High
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-0WT6J (CVE-2026-34728)
Lack of data validation - Path Traversal In phpmyfaq/phpmyfaq
5.7
Medium
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-6X6YO (CVE-2026-34236)
Insecure generation of random numbers In auth0/auth0-php
8.1
High
Ecosystem: Packagist
Package: auth0/auth0-php
FLAT-593LC (CVE-2026-32629)
Server side cross-site scripting In phpmyfaq/phpmyfaq
2.4
Low
Ecosystem: Packagist
Package: phpmyfaq/phpmyfaq
FLAT-JPXWN (DLA-4518-1)
Local file inclusion In phpseclib
7.7
High
Ecosystem: Debian
Package: phpseclib
FLAT-ABTPP (DSA-6187-1)
Insecure HTTP methods enabled In php-phpseclib3
1.3
Low
Ecosystem: Debian
Package: php-phpseclib3
FLAT-P4ZXT (DSA-6185-1)
Local file inclusion In phpseclib
7.7
High
Ecosystem: Debian
Package: phpseclib
FLAT-SJO4D (DSA-6186-1)
Insecure HTTP methods enabled In php-phpseclib
1.3
Low
Ecosystem: Debian
Package: php-phpseclib
FLAT-Q8SBU (GHSA-27qh-8cxx-2cr5)
Lack of data validation In aws/aws-sdk-php
4.4
Medium
Ecosystem: Packagist
Package: aws/aws-sdk-php
FLAT-MCHBK (CVE-2026-33942)
Insecure deserialization In saloonphp/saloon
8.1
High
Ecosystem: Packagist
Package: saloonphp/saloon
FLAT-U066W (CVE-2026-33183)
Out-of-bounds read In saloonphp/saloon
1.7
Low
Ecosystem: Packagist
Package: saloonphp/saloon
FLAT-RKB89 (CVE-2026-33182)
Server-side request forgery (SSRF) In saloonphp/saloon
6.6
Medium
Ecosystem: Packagist
Package: saloonphp/saloon
FLAT-EOCJL (CVE-2026-33347)
Server-side request forgery (SSRF) In php-league-commonmark
1.7
Low
Ecosystem: Debian
Package: php-league-commonmark
FLAT-R0NI2 (CVE-2026-32935)
Lack of data validation - Path Traversal In php-phpseclib
4.6
Medium
Ecosystem: Debian
Package: php-phpseclib
FLAT-8IVXL (CVE-2026-32600)
Missing subresource integrity check In simplesamlphp/xml-security
8.1
High
Ecosystem: Packagist
Package: simplesamlphp/xml-security
FLAT-RPN8S (CVE-2026-30838)
Reflected cross-site scripting (XSS) In php-league-commonmark
1.2
Low
Ecosystem: Debian
Package: php-league-commonmark
FLAT-ADWAV (DSA-6154-1)
Insecure file upload In php8.2
1.3
Low
Ecosystem: Debian
Package: php8.2
FLAT-CRALW (CVE-2026-27836)
Improper authorization control for web services In thorsten/phpmyfaq
8.0
High
Ecosystem: Packagist
Package: thorsten/phpmyfaq