payload vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-34749Mediumpayload: Payload has a CSRF Protection Bypass in Authentication FlowCVE-2026-34746Highpayload: Payload has Authenticated SSRF via Upload FunctionalityCVE-2026-34747Highpayload: Payload has an SQL Injection via Query HandlingCVE-2026-34751Criticalpayload: Payload: Pre-Authentication Account Takeover via Parameter Injection in Password RecoveryCVE-2026-27567Mediumpayload: Payload: Server-Side Request Forgery (SSRF) in External File URL UploadsCVE-2026-25574Mediumpayload: payload-preferences has Cross-Collection IDOR in Access Control (Multi-Auth Environments)CVE-2025-4643Mediumpayload: Payload does not invalidate JWTs after log outCVE-2025-4644Mediumpayload: Payload's SQLite adapter Session Fixation vulnerabilityCVE-2023-30843Highpayload: Hidden fields can be leaked on readable collections in PayloadCVE-2022-27952Criticalpayload: Unrestricted Upload of File with Dangerous Type in Payload

Stop the waste.
Protect your environment with Kodem.