CVE Archive

Vulnerability archive, with the context that matters

Browse known CVEs by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Browse by ecosystem

Latest vulnerabilities

CVE

Package / summary

Severity

CVE-2026-55878

symfony/ux-toolkit · symfony/ux-toolkit: Path Traversal Allows Arbitrary File Write and Read via…

High

CVE-2026-55877

symfony/ux-icons · symfony/ux-icons: XSS via unsanitized SVG content in local files and Iconify…

Medium

CVE-2026-55776

github.com/openbao/openbao · OpenBao: Transit secrets engine crashes on key creation with `derived: true`…

Medium

CVE-2026-55770

github.com/openbao/openbao · OpenBao: LDAPi ldaputil (wrong escape func)

Medium

CVE-2026-55692

starcitizenwiki/embedvideo · StarCitizenWiki Extension Embed Video: Stored XSS via malformed src url with…

High

CVE-2026-55650

@outerbase/studio · Outerbase Studio: Stored XSS in Text Widget Leads to Authentication Token…

Medium

CVE-2026-55447

langflow · Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit

Critical

CVE-2026-55446

langflow · Langflow: Unauthenticated DoS through multipart form boundary file upload

High

CVE-2026-55423

langflow · Langflow: Logout button does not clear session

Medium

CVE-2026-55255

langflow · Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows…

Critical

Which of these actually put you at risk?

Exploitability and impact depend on whether the vulnerable code runs in your environment. Kodem’s runtime intelligence shows you which.

Get a demo →

Vulnerability archive, with the context that matters

Which of these actually put you at risk?

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.