Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Dart and Flutter SDKs provide software development kits for the Dart programming language. In versions of the Dart SDK prior to 3.11.0 and the Flutter SDK prior to version 3.41.0, when the pub cli
Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler,
CVE-2025-65112
CRITICAL CVSS 9.8
Find Similar
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbi
CVE-2026-30797
CRITICAL CVSS 9.3
Find Similar
Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API
CVE-2025-63289
CRITICAL CVSS 9.1
Find Similar
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryption_helper.dart file
A vulnerability has been found in PackageKit up to 1.3.5. Affected is the function g_file_test of the file src/pk-transaction.c of the component API. Such manipulation of the argument frontend-socket
A vulnerability was determined in CityData CityChat up to 0.12.6 on Android. Affected by this vulnerability is an unknown functionality of the file resources/assets/flutter_assets/assets/credentials.j
`zip` is a zip library for rust which supports reading and writing of simple ZIP files. In the archive extraction routine of affected versions of the `zip` crate starting with version 1.3.0 and prior
tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path th
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstr
A vulnerability, which was classified as problematic, has been found in bsc Peru Cocktails App 1.0.0 on Android. Affected by this issue is some unknown functionality of the file AndroidManifest.xml of
A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/ind
Symlink following vulnerability in Gleam's Hex package export allows files outside the project root to be embedded in the generated package tarball. The file collection helpers (gleam_files, native_f
A vulnerability has been found in JoeyBling SpringBoot_MyBatisPlus up to a6a825513bd688f717dbae3a196bc9c9622fea26 and classified as critical. This vulnerability affects the function Download of the fi
A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmar
CVE-2026-45321
CRITICAL CVSS 9.6 KEV
Find Similar
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate G
A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results in
astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory wh
All versions of the package decompress are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) when extracting a ZIP archive containing two entries with the same path - the first bein
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been rated as problematic. This issue affects the function tag_resources of the file src/mist/api/tag/views.py. The manipulation
Page 1+ Next →