CVE search
362,014 resultsCVE-2026-47770MEDIUMjq: stack overflow in deep structural equalityEPSS 0.1%CVE-2026-49839HIGHjq --rawfile invalid-state reuse after String too long causes heap-buffer-overflowEPSS 0.2%CVE-2026-54679MEDIUMjq: potential integer overflow in jvp_string_appendEPSS 0.1%CVE-2026-55180MEDIUMpnpm: Repository config can expand victim environment secrets into registry requests before scripts runEPSS 0.2%CVE-2026-48995MEDIUMpnpm: Tarball hash of GitHub git dependencies is not stored in lockfileEPSS 0.1%CVE-2026-11999HIGHX.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()EPSS 0.1%CVE-2026-50017MEDIUMpnpm binds unscoped user-level npm auth credentials to a repository-selected registryEPSS 0.3%CVE-2026-50016HIGHpnpm: Transitive dependency alias path traversal allows project path override via symlink replacementEPSS 0.3%CVE-2026-55967LOWAES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuseEPSS 0.1%CVE-2026-50015HIGHpnpm: Arbitrary File Write/Delete via Malicious Patch File (Path Traversal)EPSS 0.3%CVE-2026-55961HIGHwolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signerEPSS 0.1%CVE-2026-50014MEDIUMpnpm: Git Fetch Argument Injection via Lockfile resolution.commitEPSS 0.2%CVE-2026-50573MEDIUMpnpm: Unsafe default behavior breaks integrity checkEPSS 0.1%CVE-2026-50021MEDIUMpnpm: Integrity Check Bypass via Missing Lockfile Integrity FieldEPSS 0.1%CVE-2026-55700HIGHpnpm: stage download writes outside destination via manifest version traversalEPSS 0.3%CVE-2026-6091MEDIUMPartial-chain verification accepts untrusted intermediate as trust anchorEPSS 0.1%CVE-2026-55699MEDIUMpnpm: reserved bin name deletes PNPM_HOME during global removeEPSS 0.3%CVE-2026-55698HIGHpnpm: Project env lockfile can short-circuit package-manager resolution and execute lockfile-selected pnpm bytesEPSS 0.2%CVE-2026-55697HIGHpnpm: Repository-controlled configDependencies can select a pacquet native install engineEPSS 0.1%CVE-2026-6291MEDIUMBleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryptionEPSS 0.2%