FLAT-LBEWZ (CVE-2026-41242)
Remote command execution In protobufjs
7.7
High
Ecosystem: Npm
Package: protobufjs
FLAT-JWBVW (GHSA-r4q5-vmmm-2653)
Sensitive information sent insecurely In follow-redirects
2.7
Low
Ecosystem: Npm
Package: follow-redirects
FLAT-1M0Q2 (CVE-2026-40175)
Server-side request forgery (SSRF) In node-axios
8.3
High
Ecosystem: Debian
Package: node-axios
FLAT-GHL50 (CVE-2025-62718)
Server-side request forgery (SSRF) In axios
1.7
Low
Ecosystem: Npm
Package: axios
FLAT-Y2LOZ (CVE-2026-39865)
Asymmetric denial of service In axios
6.3
Medium
Ecosystem: Npm
Package: axios
FLAT-L8EU6 (CVE-2019-11358)
Prototype Pollution In python-django
1.2
Low
Ecosystem: Alpm
Package: python-django
FLAT-XHNDG (CVE-2012-6708)
Reflected cross-site scripting (XSS) In ruby-rdoc
1.3
Low
Ecosystem: Alpm
Package: ruby-rdoc
FLAT-FH67W (CVE-2015-9251)
Reflected cross-site scripting (XSS) In ruby-rdoc
1.3
Low
Ecosystem: Alpm
Package: ruby-rdoc
FLAT-0M6R5 (CVE-2021-29425)
Lack of data validation - Path Traversal In java-commons-io
1.7
Low
Ecosystem: Alpm
Package: java-commons-io
FLAT-1XW5B (CVE-2021-33503)
Asymmetric denial of service In python-urllib3
6.6
Medium
Ecosystem: Alpm
Package: python-urllib3
FLAT-LK0IL (CVE-2021-32740)
Improper resource allocation In ruby-addressable
6.6
Medium
Ecosystem: Alpm
Package: ruby-addressable
FLAT-YBUJH (CVE-2021-23362)
Asymmetric denial of service In nodejs
2.7
Low
Ecosystem: Alpm
Package: nodejs
FLAT-S4UF4 (CVE-2026-4800)
Server side template injection In lodash-es
6.1
Medium
Ecosystem: Npm
Package: lodash-es
FLAT-12T0Z (CVE-2026-2950)
Prototype Pollution In lodash.unset
2.7
Low
Ecosystem: Npm
Package: lodash.unset
FLAT-26X10 (CVE-2026-34043)
Asymmetric denial of service - ReDoS In node-serialize-javascript
6.3
Medium
Ecosystem: Debian
Package: node-serialize-javascript
FLAT-LWS94 (GHSA-7rx3-28cr-v5wh)
Prototype Pollution In handlebars
1.7
Low
Ecosystem: Npm
Package: handlebars
FLAT-1PHPN (GHSA-442j-39wm-28r2)
Race condition In handlebars
1.7
Low
Ecosystem: Npm
Package: handlebars
FLAT-HHXLH (CVE-2026-4923)
Asymmetric denial of service - ReDoS In path-to-regexp
6.3
Medium
Ecosystem: Npm
Package: path-to-regexp
FLAT-GRMGJ (CVE-2026-33940)
Server side template injection In node-handlebars
8.4
High
Ecosystem: Debian
Package: node-handlebars
FLAT-KZ9GB (CVE-2026-33939)
Asymmetric denial of service In node-handlebars
6.3
Medium
Ecosystem: Debian
Package: node-handlebars
FLAT-B6UY6 (CVE-2026-33937)
Server side template injection In node-handlebars
8.4
High
Ecosystem: Debian
Package: node-handlebars
FLAT-BYPUT (CVE-2026-33938)
Server side template injection In node-handlebars
8.4
High
Ecosystem: Debian
Package: node-handlebars
FLAT-RAIEE (CVE-2026-33916)
Prototype Pollution In node-handlebars
0.6
Low
Ecosystem: Debian
Package: node-handlebars
FLAT-HIYRP (CVE-2026-4867)
Asymmetric denial of service - ReDoS In path-to-regexp
6.3
Medium
Ecosystem: Npm
Package: path-to-regexp
FLAT-KMLDZ (CVE-2026-33750)
Asymmetric denial of service - ReDoS In node-brace-expansion
5.6
Medium
Ecosystem: Debian
Package: node-brace-expansion
FLAT-RJX9J (CVE-2026-33896)
Insecure digital certificates In pcs
8.1
High
Ecosystem: RPM
Package: pcs
FLAT-WC5NL (CVE-2026-33894)
Lack of data validation In pcs
6.3
Medium
Ecosystem: RPM
Package: pcs
FLAT-FX94Q (CVE-2026-33891)
Improper resource allocation In grafana
6.3
Medium
Ecosystem: RPM
Package: grafana
FLAT-B314Z (CVE-2026-33671)
Asymmetric denial of service - ReDoS In node-anymatch
6.3
Medium
Ecosystem: Debian
Package: node-anymatch
FLAT-5MXTS (CVE-2026-33672)
Prototype Pollution In node-anymatch
2.7
Low
Ecosystem: Debian
Package: node-anymatch
FLAT-97RZK (CVE-2026-33895)
Lack of data validation In node-forge
7.7
High
Ecosystem: Npm
Package: node-forge
FLAT-PU2ZB (CVE-2026-33532)
Improper resource allocation In node-yaml
6.3
Medium
Ecosystem: Debian
Package: node-yaml
FLAT-7O3CB (CVE-2026-33349)
Lack of data validation In node-webfont
6.3
Medium
Ecosystem: Debian
Package: node-webfont
FLAT-JWGBJ (CVE-2026-33228)
Prototype Pollution In node-flatted
8.1
High
Ecosystem: Debian
Package: node-flatted
FLAT-SCSFJ (CVE-2026-33036)
XML injection (XXE) In node-webfont
7.7
High
Ecosystem: Debian
Package: node-webfont
FLAT-LFV3U (CVE-2026-32630)
Improper resource allocation In file-type
6.3
Medium
Ecosystem: Npm
Package: file-type
FLAT-TD7CI (CVE-2026-32141)
Improper resource allocation In flatted
7.7
High
Ecosystem: Npm
Package: flatted
FLAT-YBTS4 (CVE-2026-31808)
Improper resource allocation In file-type
7.7
High
Ecosystem: Npm
Package: file-type
FLAT-9YWAC (CVE-2026-31802)
Lack of data validation - Path Traversal In tar
5.6
Medium
Ecosystem: Npm
Package: tar
FLAT-14LRZ (CVE-2026-29786)
Lack of data validation - Path Traversal In node-tar
5.6
Medium
Ecosystem: Debian
Package: node-tar
FLAT-3BEYW (CVE-2026-29063)
Prototype Pollution In node-immutable
6.6
Medium
Ecosystem: Debian
Package: node-immutable
FLAT-JNLF0 (CVE-2026-3449)
Improper dependency pinning In @tootallnate/once
1.1
Low
Ecosystem: Npm
Package: @tootallnate/once
FLAT-2C0LP (GHSA-5c6j-r48x-rmvq)
Technical information leak In serialize-javascript
8.4
High
Ecosystem: Npm
Package: serialize-javascript
FLAT-ZGSSN (CVE-2026-27942)
Improper resource allocation - Buffer overflow In fast-xml-parser
2.7
Low
Ecosystem: Npm
Package: fast-xml-parser
FLAT-71TJ6 (CVE-2026-27903)
Improper resource allocation In minimatch
6.3
Medium
Ecosystem: Npm
Package: minimatch
FLAT-OWLMV (CVE-2026-27904)
Asymmetric denial of service - ReDoS In minimatch
6.3
Medium
Ecosystem: Npm
Package: minimatch
FLAT-59HIA (CVE-2026-27606)
Lack of data validation - Path Traversal In rollup
8.0
High
Ecosystem: Npm
Package: rollup
FLAT-S3JQJ (CVE-2026-25896)
Asymmetric denial of service - ReDoS In node-webfont
8.9
High
Ecosystem: Debian
Package: node-webfont
FLAT-KWFY6 (CVE-2026-2739)
Improper resource allocation In bn.js
2.7
Low
Ecosystem: Npm
Package: bn.js
FLAT-HCBEA (CVE-2026-26996)
Asymmetric denial of service - ReDoS In node-minimatch
6.6
Medium
Ecosystem: Debian
Package: node-minimatch
FLAT-9T41E (CVE-2026-26960)
Lack of data validation - Path Traversal In node-tar
9.0
Critical
Ecosystem: Debian
Package: node-tar
FLAT-MZ9MH (CVE-2026-26278)
XML injection (XXE) In node-webfont
6.3
Medium
Ecosystem: Debian
Package: node-webfont
FLAT-GZT8G (CVE-2026-2391)
Lack of data validation In qs
6.3
Medium
Ecosystem: Npm
Package: qs
FLAT-4F51S (CVE-2025-69873)
Asymmetric denial of service - ReDoS In ajv
2.7
Low
Ecosystem: Npm
Package: ajv
FLAT-FU0IJ (CVE-2026-25639)
Asymmetric denial of service In node-axios
6.3
Medium
Ecosystem: Debian
Package: node-axios
FLAT-NHHTJ (CVE-2025-68157)
Server-side request forgery (SSRF) In node-webpack
2.5
Low
Ecosystem: Debian
Package: node-webpack
FLAT-KZ72W (NEWTONSOFTJSON-2774678)
Insecure deserialization In newtonsoft.json
6.6
Medium
Ecosystem: NuGet
Package: newtonsoft.json
FLAT-FRBUY (CVE-2015-6096)
Business information leak In netframework
0.6
Low
Ecosystem: NuGet
Package: netframework
FLAT-YZ3YQ (JS-UNSETVALUE-2400660)
Prototype Pollution In unset-value
0.6
Low
Ecosystem: Npm
Package: unset-value
FLAT-TW49O (JS-MOCHA-561476)
Asymmetric denial of service - ReDoS In mocha
0.6
Low
Ecosystem: Npm
Package: mocha
FLAT-87PUB (CVE-2020-12265)
Lack of data validation - Path Traversal In decompress-tar
0.6
Low
Ecosystem: Npm
Package: decompress-tar
FLAT-KKI4X (CVE-2020-7656)
Reflected cross-site scripting (XSS) In org.webjars:jquery
1.3
Low
Ecosystem: Maven
Package: org.webjars:jquery
FLAT-JNN8C (CVE-2020-11023)
Reflected cross-site scripting (XSS) In org.webjars:jquery
2.3
Low
Ecosystem: Maven
Package: org.webjars:jquery
FLAT-2VW72 (CVE-2020-11022)
Reflected cross-site scripting (XSS) In org.webjars:jquery
2.3
Low
Ecosystem: Maven
Package: org.webjars:jquery
FLAT-XNIUI (CVE-2011-4969)
Reflected cross-site scripting (XSS) In org.webjars:jquery
1.3
Low
Ecosystem: Maven
Package: org.webjars:jquery
FLAT-5M801 (CVE-2026-25547)
Asymmetric denial of service - ReDoS In node-brace-expansion
7.7
High
Ecosystem: Debian
Package: node-brace-expansion
FLAT-97IR7 (CVE-2026-25128)
Asymmetric denial of service In fast-xml-parser
7.7
High
Ecosystem: Npm
Package: fast-xml-parser
FLAT-MLMT3 (CVE-2026-24842)
Lack of data validation - Path Traversal In tar
7.9
High
Ecosystem: Npm
Package: tar
FLAT-2Q36C (CVE-2025-50537)
Improper resource allocation In eslint
0.0
None
Ecosystem: Npm
Package: eslint
FLAT-9GXDS (CVE-2026-24001)
Asymmetric denial of service - ReDoS In node-diff
2.7
Low
Ecosystem: Debian
Package: node-diff
FLAT-CT3XH (CVE-2025-13465)
Prototype Pollution In lodash.unset
5.0
Medium
Ecosystem: Npm
Package: lodash.unset
FLAT-02MG7 (CVE-2026-23950)
Lack of data validation - Path Traversal In tar
6.7
Medium
Ecosystem: Npm
Package: tar
FLAT-FEYD5 (CVE-2026-23745)
Lack of data validation - Path Traversal In node-tar
5.5
Medium
Ecosystem: Debian
Package: node-tar
FLAT-6O52V (CVE-2026-21441)
Excessive privileges In python-urllib3
6.3
Medium
Ecosystem: Debian
Package: python-urllib3
FLAT-1VK13 (CVE-2025-15284)
Asymmetric denial of service In qs
1.7
Low
Ecosystem: Npm
Package: qs
FLAT-L271S (CVE-2025-66471)
Excessive privileges In urllib3
6.3
Medium
Ecosystem: PyPI
Package: urllib3
FLAT-M98SP (CVE-2025-65945)
Insufficient data authenticity validation In jws
6.4
Medium
Ecosystem: Npm
Package: jws
FLAT-CHW5Q (CVE-2025-12758)
Lack of data validation In validator
6.6
Medium
Ecosystem: Npm
Package: validator
FLAT-J5YMA (CVE-2025-66035)
Business information leak In @angular/common
4.4
Medium
Ecosystem: Npm
Package: @angular/common
FLAT-ICGVN (CVE-2025-66031)
Improper resource allocation In node-forge
6.6
Medium
Ecosystem: Npm
Package: node-forge
FLAT-WPONJ (CVE-2025-66030)
Out-of-bounds read In node-forge
1.7
Low
Ecosystem: Npm
Package: node-forge
FLAT-OJ2WS (CVE-2025-12816)
Lack of data validation In node-forge
6.6
Medium
Ecosystem: Npm
Package: node-forge
FLAT-X8I7R (CVE-2025-13033)
Lack of data validation In node-nodemailer
7.7
High
Ecosystem: Debian
Package: node-nodemailer
FLAT-LN9RO (CVE-2025-64718)
Prototype Pollution In js-yaml
2.7
Low
Ecosystem: Npm
Package: js-yaml
FLAT-OUY97 (CVE-2025-56200)
Reflected cross-site scripting (XSS) In validator
1.3
Low
Ecosystem: Npm
Package: validator
FLAT-R3G68 (CVE-2025-58754)
Asymmetric denial of service In node-axios
6.6
Medium
Ecosystem: Debian
Package: node-axios
FLAT-A5V5G (CVE-2025-57833)
SQL injection - Code In django
1.3
Low
Ecosystem: PyPI
Package: django
FLAT-2U3OC (CVE-2025-57810)
Improper resource allocation In jspdf
6.6
Medium
Ecosystem: Npm
Package: jspdf
FLAT-ME0DH (CVE-2025-9288)
Lack of data validation In sha.js
6.7
Medium
Ecosystem: Npm
Package: sha.js
FLAT-5BUTE (CVE-2025-54798)
Lack of data validation - Path Traversal In node-tmp
0.4
Low
Ecosystem: Debian
Package: node-tmp
FLAT-VH7P3 (CVE-2025-7783)
Lack of data validation In form-data
8.1
High
Ecosystem: Npm
Package: form-data
FLAT-QW4AS (CVE-2025-7339)
Lack of data validation In on-headers
1.0
Low
Ecosystem: Npm
Package: on-headers
FLAT-6W83Y (CVE-2025-7338)
Asymmetric denial of service In multer
6.6
Medium
Ecosystem: Npm
Package: multer
FLAT-2YTFA (CVE-2025-48924)
Improper resource allocation In commons-lang:commons-lang
2.7
Low
Ecosystem: Maven
Package: commons-lang:commons-lang
FLAT-HQHDX (CVE-2025-50181)
Server-side request forgery (SSRF) In python-urllib3
2.3
Low
Ecosystem: Debian
Package: python-urllib3
FLAT-9THO4 (CVE-2025-5889)
Asymmetric denial of service - ReDoS In brace-expansion
0.6
Low
Ecosystem: Npm
Package: brace-expansion
FLAT-4VPGT (CVE-2024-47081)
Sensitive information sent insecurely In requests
2.3
Low
Ecosystem: PyPI
Package: requests
FLAT-VNBTD (CVE-2025-48997)
Asymmetric denial of service In multer
6.6
Medium
Ecosystem: Npm
Package: multer
FLAT-FGHQR (CVE-2025-47944)
Asymmetric denial of service In multer
6.6
Medium
Ecosystem: Npm
Package: multer
FLAT-5R7OG (CVE-2025-47935)
Improper resource allocation In multer
6.6
Medium
Ecosystem: Npm
Package: multer