bugsink vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-53954Mediumbugsink: Bugsink: DOS using large numbers of event tagsCVE-2026-47728Mediumbugsink: Bugsink: Project scoping missing in sourcemap and debug-file lookupCVE-2026-47716Lowbugsink: Bugsink: Issue bulk actions can affect another project’s issue if its UUID is knownCVE-2026-47715Lowbugsink: Bugsink: Issue event views can show an event from another project if its UUID is knownCVE-2026-44502Mediumbugsink: Bunsink has an SSRF bypass in `validate_webhook_url`CVE-2026-40162Highbugsink: Bugsink affected by authenticated arbitrary file write in artifactbundle/assembleCVE-2026-27614Criticalbugsink: Bugsink is vulnerable to Stored XSS via Pygments fallback in stacktrace renderingCVE-2025-64509Highbugsink: Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli input (via CPU)CVE-2025-64508Highbugsink: Bugsink is vulnerable to unauthenticated remote DoS via crafted Brotli inputCVE-2025-54433Highbugsink: Bugsink path traversal via event_id in ingestion

Stop the waste.
Protect your environment with Kodem.