Crates.io

750 tracked vulnerabilities.

CVE-2026-2836
Pingora Alpha - Cache Poisoning
Mar 05, 2026
EPSS 0.00
CVE-2026-2835
Pingora - HTTP Request Smuggling
Mar 05, 2026
EPSS 0.00
CVE-2026-2833
Pingora - HTTP Request Smuggling
Mar 05, 2026
EPSS 0.00
CVE-2026-27801 MEDIUM
Vaultwarden <=1.34.3 - 2FA Bypass
Mar 04, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-21882 HIGH
theshit <0.2.0 - Privilege Escalation
Mar 02, 2026
CVSS 8.4
EPSS 0.00
CVE-2025-13327 MEDIUM
uv - Code Injection
Feb 27, 2026
CVSS 6.3
EPSS 0.00
CVE-2026-27822 CRITICAL
RustFS <1.0.0-alpha.83 - Stored XSS
Feb 25, 2026
CVSS 9.0
EPSS 0.00
CVE-2026-27607 HIGH
RustFS 1.0.0-alpha.56-82 - Auth Bypass
Feb 25, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-27572 HIGH
Wasmtime <24.0.6/36.0.6/4.0.04/41.0.4/42.0.0 - DoS
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-27204 MEDIUM
Wasmtime <24.0.6/36.0.6/40.0.4/41.0.4/42.0.0 - DoS
Feb 24, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-27195 HIGH
Wasmtime 39.0.0+ - DoS
Feb 24, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-27480 MEDIUM
Static Web Server 2.1.0-2.40.1 - Auth Bypass
Feb 21, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-26275 HIGH
httpsig-hyper <0.0.23 - Auth Bypass
Feb 19, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-25628 HIGH
Qdrant <1.16.0 - Path Traversal
Feb 06, 2026
CVSS 8.5
EPSS 0.00
CVE-2026-25727 MEDIUM
Crates.io Time < 0.3.47 - Stack Buffer Overflow
Feb 06, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-25541 HIGH
Crates.io Bytes < 1.11.1 - Out-of-Bounds Access
Feb 04, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-25537 HIGH
Keats Jsonwebtoken < 10.3.0 - Type Confusion
Feb 04, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24762 HIGH
Crates.io Rustfs < 1.0.0-alpha.82 - Log Information Exposure
Feb 03, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-21862 HIGH
Crates.io Rustfs < 1.0.0-alpha.78 - Authentication Bypass by Spoofing
Feb 03, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24889 MEDIUM
Crates.io Soroban-sdk < 25.0.2 - Integer Overflow
Jan 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-24850 MEDIUM
Crates.io Ml-dsa < 0.1.0-rc.4 - Signature Verification Bypass
Jan 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-24785 CRITICAL
Crates.io Clatter < 2.2.0 - Broken Cryptographic Algorithm
Jan 28, 2026
CVSS 9.1
EPSS 0.00
CVE-2026-24783 HIGH
Soroban fixed-point math <1.4.0 - Info Disclosure
Jan 27, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-24116 MEDIUM
Wasmtime <36.0.5, 40.0.3, 41.0.1 - Memory Corruption
Jan 27, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-22696
Crates.io Dcap-qvl < 0.3.9 - Improper Certificate Validation
Jan 26, 2026
EPSS 0.00
Products
openssl-src 26 wasmtime 26 deno 24 rusqlite 15 apollo-router 12 rustfs 10 tough 7 cargo 6 cranelift-codegen 6 hyper 6 sized-chunks 6 Simple-Wayland-HotKey-Daemon 6 deno_runtime 6 sudo-rs 5 smallvec 5 matrix-sdk-crypto 5 tauri 5 lock_api 5 xcb 5 gitoxide 5 libpulse-binding 4 evm 4 comrak 4 gix-worktree-state 4 russh 4 routinator 4 quiche 4 gix 4 gitoxide-core 4 messagepack-rs 4
Quick Filters
Critical CVEs With Exploits In CISA KEV