Live feed · Tech

100+ CVEs affecting Tech

CSV KEV CSV

Heuristically tagged from vendor / product / title. Use the chips to switch industries or clear the filter.

Filter100 items

Ecosystem

Source

CVE-2026-53441—EPSS0%3 h ago
Jenkins: Stored XSS vulnerability in node offline cause description
maven
OSV-MAL-2026-5731—5 h ago
Malicious code in houzidawang807 (npm)
npm
OSV-MAL-2026-5729—5 h ago
Malicious code in houzidawang806 (npm)
npm
OSV-MAL-2026-5732—5 h ago
Malicious code in houzidawang808 (npm)
npm
OSV-MAL-2026-5737—5 h ago
Malicious code in postcss-minify-selector-parser (npm)
npm
OSV-MAL-2026-5730—5 h ago
Malicious code in class-synth (npm)
npm
OSV-MAL-2026-5738—5 h ago
Malicious code in postinstall-logger-7x9z (npm)
npm
OSV-MAL-2026-5736—5 h ago
Malicious code in node-stack-frames (npm)
npm
OSV-MAL-2026-5734—5 h ago
Malicious code in node-denv (npm)
npm
OSV-MAL-2026-5739—5 h ago
Malicious code in sheratan_haha (npm)
npm
OSV-MAL-2026-5735—5 h ago
Malicious code in node-multi-downloader (npm)
npm
OSV-MAL-2026-5733—5 h ago
Malicious code in node-app-doctor (npm)
npm
CVE-2026-11769—6 h ago
We have released version 5.24.0 of the Grafana Operator. This patch includes a CRITICAL severity security fix for a path traversal/privilege escalation vulnerability in the Grafana Operator. ### Summary The Grafana Operator supports l
OSV-MAL-2026-5716—9 h ago
Malicious code in beamz (npm)
npm
OSV-MAL-2026-5728—9 h ago
Malicious code in vite-config-react (npm)
npm
OSV-MAL-2026-5727—9 h ago
Malicious code in vite-config-optimizer (npm)
npm
OSV-MAL-2026-5726—9 h ago
Malicious code in ecto_module (npm)
npm
CVE-2026-44705—EPSS0%9 h ago
tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untrusted data flows into the prefix, postfix,
npmCWE-22
OSV-MAL-2026-5723—10 h ago
Malicious code in @ci-lifecycle-test/postinstall-ping (npm)
npm
OSV-MAL-2026-5545—10 h ago
Malicious code in acme-widget-layout-utils (PyPI)
pypi
OSV-MAL-2026-5725—10 h ago
Malicious code in dash-grid-normalizer (PyPI)
pypi
OSV-MAL-2026-5724—10 h ago
Malicious code in warp-dependency (npm)
npm
CVE-2026-54090—EPSS0%14 h ago
File Browser has a Command Execution Allowlist Bypass via Shell Metacharacter Injection
go
OSV-MAL-2026-5722—14 h ago
Malicious code in textwrap-toolkit-stager (PyPI)
pypi
CVE-2026-48049—EPSS0%14 h ago
@hapi/inert has a static-file confinement bypass via sibling-prefix path
npm
CVE-2026-47248—EPSS0%14 h ago
Parse Server's GraphQL "Did you mean ...?" validation suggestions disclose schema to unauthenticated callers
npmCWE-209
CVE-2026-50287—EPSS0%14 h ago
@agenticmail/mcp Missing Authentication for Critical Function
npmCWE-306
CVE-2026-54093—EPSS0%15 h ago
File Browser: FilePath traversal in download-as-zip/tar via Windows-style backslash separators in stored filenames
go
CVE-2026-54092—EPSS0%15 h ago
File Browser has a DoS Vulnerability via Public Login API
go
CVE-2026-54094—EPSS0%15 h ago
File Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scope
go
OSV-MAL-2026-5718—15 h ago
Malicious code in ect-472839-ctf (npm)
npm
OSV-MAL-2026-5721—15 h ago
Malicious code in ect-839201-ctf (npm)
npm
OSV-MAL-2026-5720—15 h ago
Malicious code in ect-839201 (npm)
npm
OSV-MAL-2026-5719—15 h ago
Malicious code in ect-654321 (npm)
npm
OSV-MAL-2026-5717—15 h ago
Malicious code in claudechor (npm)
npm
CVE-2026-45011High· 7.3EPSS0%15 h ago
Apostrophe has stored XSS via javascript: URL in Image Widget Link
npmCWE-79 CWE-116
CVE-2026-44990Critical· 9.3EPSS0%15 h ago
Apostrophe has default XSS via `xmp` raw-text passthrough in `sanitize-html`
npmCWE-79
CVE-2026-47140—EPSS0%15 h ago
NodeVM builtin denylist bypass via process and inspector/promises allows host code execution
npmCWE-693
CVE-2026-44311—EPSS0%15 h ago
Fabric.js improper escaping in fabric.Gradient colorStops leads to XSS in SVG serialization
npm
OSV-MAL-2026-5710—16 h ago
Malicious code in chalk-plus-ts (npm)
npm
OSV-MAL-2026-5709—16 h ago
Malicious code in chalk-plus-js (npm)
npm
OSV-MAL-2026-5715—16 h ago
Malicious code in workflow-postgres-setup (npm)
npm
OSV-MAL-2026-5711—16 h ago
Malicious code in chalk-pro (npm)
npm
OSV-MAL-2026-5712—16 h ago
Malicious code in jextic-eclib (npm)
npm
OSV-MAL-2026-5713—16 h ago
Malicious code in vite-plugin-compress-js (npm)
npm
OSV-MAL-2026-5714—16 h ago
Malicious code in vite-plugin-logo (npm)
npm
CVE-2026-53999—16 h ago
Radius Controller May Delete a Container Resource via an Injected Deployment Annotation (Multi-Tenant Installs)
go
OSV-GHSA-gv7w-rqvm-qjhr—16 h ago
esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY
npm
OSV-GHSA-g7r4-m6w7-qqqr—16 h ago
esbuild allows arbitrary file read when running the development server on Windows
npm
OSV-MAL-2026-5279—17 h ago
Malicious code in uprobe (PyPI)
pypi
OSV-MAL-2026-5683—17 h ago
Malicious code in trongapy (PyPI)
pypi
OSV-MAL-2026-5457—17 h ago
Malicious code in tao-subnet-metrics (PyPI)
pypi
OSV-MAL-2026-5284—17 h ago
Malicious code in synago (PyPI)
pypi
OSV-MAL-2026-4767—17 h ago
Malicious code in silly-logger (PyPI)
pypi
OSV-MAL-2026-4766—17 h ago
Malicious code in saas-common-lib-473815 (PyPI)
pypi
OSV-MAL-2026-4821—17 h ago
Malicious code in pywingui (PyPI)
pypi
OSV-MAL-2026-5679—17 h ago
Malicious code in pylogxo (PyPI)
pypi
OSV-MAL-2026-5283—17 h ago
Malicious code in okite (PyPI)
pypi
OSV-MAL-2026-5277—17 h ago
Malicious code in pantheon-toolsets (PyPI)
pypi
OSV-MAL-2026-5299—17 h ago
Malicious code in pantheon-agents (PyPI)
pypi
OSV-MAL-2026-4760—17 h ago
Malicious code in nvidia-nat-semantic-kernel (PyPI)
pypi
OSV-MAL-2026-5698—17 h ago
Malicious code in nagios-xi (PyPI)
pypi
OSV-MAL-2026-5282—17 h ago
Malicious code in mrbios (PyPI)
pypi
OSV-MAL-2026-5317—17 h ago
Malicious code in instructor-mcp (PyPI)
pypi
OSV-MAL-2026-5281—17 h ago
Malicious code in executor-http (PyPI)
pypi
OSV-MAL-2026-4746—17 h ago
Malicious code in crw (PyPI)
pypi
OSV-MAL-2026-5272—17 h ago
Malicious code in goodoltoulas (PyPI)
pypi
OSV-MAL-2026-5300—17 h ago
Malicious code in funcdesc (PyPI)
pypi
OSV-MAL-2026-5404—17 h ago
Malicious code in cubifyanything (PyPI)
pypi
OSV-MAL-2026-5298—17 h ago
Malicious code in executor-engine (PyPI)
pypi
OSV-MAL-2026-5295—17 h ago
Malicious code in coolbox (PyPI)
pypi
OSV-MAL-2026-5290—17 h ago
Malicious code in cmd2func (PyPI)
pypi
OSV-MAL-2026-5312—17 h ago
Malicious code in bt-burn-watch (PyPI)
pypi
OSV-MAL-2026-4744—17 h ago
Malicious code in cch-agent (PyPI)
pypi
OSV-MAL-2026-5680—17 h ago
Malicious code in bittensor-burn-message (PyPI)
pypi
OSV-MAL-2026-4742—17 h ago
Malicious code in aurapro-ui (PyPI)
pypi
OSV-MAL-2026-5280—17 h ago
Malicious code in bramin (PyPI)
pypi
OSV-MAL-2026-5649—17 h ago
Malicious code in bibip-bip (PyPI)
pypi
OSV-MAL-2026-5677—17 h ago
Malicious code in worker-build (npm)
npm
OSV-MAL-2026-5672—17 h ago
Malicious code in vqlxjmpr (npm)
npm
OSV-MAL-2026-5576—17 h ago
Malicious code in vite-tsconfig (npm)
npm
OSV-MAL-2026-5708—17 h ago
Malicious code in vite-svgr (npm)
npm
OSV-MAL-2026-5701—17 h ago
Malicious code in vite-react-toolkit (npm)
npm
OSV-MAL-2026-4703—17 h ago
Malicious code in veteran (npm)
npm
OSV-MAL-2026-5633—17 h ago
Malicious code in typeorm-encrypt (npm)
npm
OSV-MAL-2026-5638—17 h ago
Malicious code in tw-fluid-type (npm)
npm
OSV-MAL-2026-5406—17 h ago
Malicious code in ui-weave (npm)
npm
OSV-MAL-2026-5707—17 h ago
Malicious code in ttspc-server-sample (npm)
npm
OSV-MAL-2026-3774—17 h ago
Malicious code in ts-build-optimize (npm)
npm
OSV-MAL-2026-5705—17 h ago
Malicious code in theta-connector (npm)
npm
OSV-MAL-2026-5706—17 h ago
Malicious code in theta-kit (npm)
npm
OSV-MAL-2026-4682—17 h ago
Malicious code in tango-app-api-trax (npm)
npm
OSV-MAL-2026-5632—17 h ago
Malicious code in tailwindcss-merge (npm)
npm
OSV-MAL-2026-5637—17 h ago
Malicious code in tailwindcss-animotion (npm)
npm
OSV-MAL-2026-5636—17 h ago
Malicious code in swagger-express-routes (npm)
npm
OSV-MAL-2026-5693—17 h ago
Malicious code in sea-bound-siren (npm)
npm
OSV-MAL-2026-5629—17 h ago
Malicious code in sass-formats (npm)
npm
OSV-MAL-2026-5310—17 h ago
Malicious code in regexp-ts (npm)
npm
OSV-MAL-2026-5634—17 h ago
Malicious code in react-photo-views (npm)
npm
OSV-MAL-2026-4792—17 h ago
Malicious code in react-json-chalk (npm)
npm