github.com/getarcaneapp/arcane/backend vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-47179Highgithub.com/getarcaneapp/arcane/backend: Arcane Has an Authenticated Arbitrary Host File Read via Docker Compose Include DirectivesCVE-2026-47125Highgithub.com/getarcaneapp/arcane/backend: Arcane: Missing admin authorization on global variables endpointCVE-2026-45627Highgithub.com/getarcaneapp/arcane/backend: Arcane Backend: Unauthenticated reflected XSS via SVG color parameter enables admin account takeoverCVE-2026-45626Mediumgithub.com/getarcaneapp/arcane/backend: Arcane Backend: OS Command Injection in Volume Browser ListDirectory via path query parameterCVE-2026-45625Criticalgithub.com/getarcaneapp/arcane/backend: Arcane Backend: Missing admin authorization on git repository endpoints allows non-admin users to…CVE-2026-42461Highgithub.com/getarcaneapp/arcane/backend: Arcane Vulnerable to Unauthenticated Disclosure of Custom Compose Template Content (incl. `.env`…CVE-2026-40242Highgithub.com/getarcaneapp/arcane/backend: Arcane has Unauthenticated SSRF with Conditional Response Reflection in Template Fetch EndpointCVE-2026-23520Criticalgithub.com/getarcaneapp/arcane/backend: Arcane Has a Command Injection in Arcane Updater Lifecycle Labels That Enables RCE

Stop the waste.
Protect your environment with Kodem.