october/october vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-26274Mediumoctober/october: October CMS has Safe Mode Bypass via Twig Database Write OperationsCVE-2024-51991Lowoctober/system: October CMS Allows Unprotected SVG Rename in Media ManagerCVE-2024-45962Lowoctober/october: October allows an admin account to upload PDF containing malicious JavaScriptCVE-2023-25365Highoctober/october: October CMS Cross-site Scripting vulnerabilityCVE-2023-37692Mediumoctober/october: Stored Cross-Site Scripting October CMSCVE-2015-5612Mediumoctober/october: October CMS XSS In Caption Tag of ProfileCVE-2017-16244Highoctober/october: October CMS CSRF CVE-2018-1999009Highoctober/october: October CMS Local File InclusionCVE-2017-1000194Criticaloctober/october: October CMS File Upload VulnerabilityCVE-2017-1000193Mediumoctober/october: October CMS XSSCVE-2021-41126Highoctober/october: Deleted Admin Can Sign In to Admin InterfaceGHSA-V73W-R9XG-7CR9Mediumoctober/october: Use of insecure jQuery version in OctoberCMS

Stop the waste.
Protect your environment with Kodem.