Homepage
Snyk Security Dog Illustration

Snyk Security Database

The leading database for open source vulnerabilities and cloud misconfigurations

Explore packages and vulnerabilities by …

Application

npmMavenpipNuGetcocoapodsComposerGo logoGoRubyGemsUnmanagedCargo logoCargoSwifthexpubConan logoConan

Operating system

DebianAlpine LinuxUbuntuRed Hat Enterprise LinuxCentOSAmazon Linux logoAmazon LinuxOracle Linux logoOracle LinuxRocky LinuxSuse Linux Enterprise ServerWolfiAlmaLinuxChainguard

Infrastructure as Code

AWSAzureGCPKubernetes

Vulnerabilities from the last week

Incorrect Authorization

0.0
0
10
SECURITY ISSUES FOUNDKEY ECOSYSTEM PROJECTSUSTAINABLEACTIVE
Affects

openclaw <2026.3.28-beta.1

openclaw is a 🦞 OpenClaw — Personal AI Assistant

Affected versions of this package are vulnerable to Incorrect Authorization via the /sessions/:sessionKey/history route, which failed to enforce the required operator.read scope during authentication. An attacker can access session history data without proper authorization by sending requests with a valid bearer token that lacks the necessary scope.

Arbitrary Code Injection

0.0
0
10
Affects

langflow-base [0,]

Affected versions of this package are vulnerable to Arbitrary Code Injection through the Agentic Assistant validation process. An attacker can execute arbitrary server-side Python code by supplying input that causes the assistant to return malicious component code, which is then instantiated during validation.

SQL Injection: Hibernate

0.0
0
10
Affects

xyz.erupt:erupt-ai [0,]

Affected versions of this package are vulnerable to SQL Injection: Hibernate in the EruptDataQuery function of the MCP Tool Interface. An attacker can execute unauthorized SQL commands by manipulating input data processed by the application.

Recent vulnerabilities disclosed by Snyk

Snyk security
researchers
have disclosed

3482

vulnerabilities

Snyk mascot with laptop
See all Snyk disclosed vulnerabilities
Report a new vulnerability

About Snyk dependencies vulnerability database

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

Snyk graduation illustration
                      Â