Vulnerability Database
A comprehensive hub for tracking high-impact vulnerabilities across application code and third-party libraries, for security teams and developers.
Trusted by Startups to Fortune 500
CVE-2026-48116
(7.5)
Command Injection via Unsanitized CLI Arguments (CWE-77) in AnythingLLM Filesystem Agent
Arbitrary Command Execution within Application Container
CVE-2026-45364
(7.3)
Improper Rate Limiting by Textual IP Keying (CWE-307) in Better Auth HTTP Rate Limiter
Authentication and Abuse-Rate Controls Bypass
CVE-2026-45344
(8.1)
Injection in Environment Configuration (CWE-74) in LinkAce Setup Flow
Remote Code Execution via Configuration Injection
CVE-2026-44973
(8.1)
Path Traversal (CWE-22) in go-billy Filesystem Abstractions
Unauthorized Filesystem Access
CVE-2026-44882
(8.1)
Missing Authorization Check (CWE-863) in Portainer Kubernetes Proxy Middleware
Authorization Bypass to Protected Kubernetes Endpoints
CVE-2026-44850
(8.5)
Authorization Bypass via Incomplete Bind Mount Enforcement (CWE-863) in Portainer Docker Environments
Privilege Escalation and Host Filesystem Access
CVE-2026-45288
(9.8)
SQL Injection via regConfig (CWE-89) in Marten Full-Text Search APIs
Arbitrary SQL Execution / Database Compromise
CVE-2026-49128
(7.5)
Path Traversal (CWE-22) in MPD Local Storage Plugin
Unauthorized File and Directory Access
CVE-2026-32847
(7.5)
Path Traversal (CWE-22) in DeepCode SPA Catch-all Route
Arbitrary File Read / Information Disclosure
CVE-2026-45332
(7.5)
Broken Access Control & Information Exposure (CWE-306/CWE-200) in Automad Setup API
Exposure of Authentication Secrets and Account Compromise Risk
