Vulnerability Directory

If you’re currently using these frameworks in your application’s tech stack, your application could be vulnerable.

Secure drop-in replacements for open source software from HeroDevs helps you stay secure, compliant, and compatible while you migrate.

Switch to Never-Ending Support (NES) from HeroDevs to immediately mitigate these vulnerabilities.

Codey gradient
Filtering by:
Severity
=
Text for Severity
Close icon
Clear Filters
Severity
ID
Technology
Libraries Affected
Category
Version(s) Affected
Published Date
High
NES for Apache Kafka
Apache Kafka
Remote Code Execution
>=2.3.0 <3.9.1
Jul 1, 2026
High
NES for Apache Kafka
Apache Kafka
Remote Code Execution
>=2.0.0 <3.9.1
Jul 1, 2026
High
NES for Apache Kafka
Apache Kafka
Information Exposure
>=2.8.0 <3.9.2, >=4.0.0 <4.0.2, >=4.1.0 <4.1.2
Jul 1, 2026
Medium
NES for Apache Kafka
Apache Kafka
Information Exposure
>=0.11.0 <3.9.2, =4.0.0
Jul 1, 2026
Low
Apache Tomcat
Apache Tomcat
Cross-Site Scripting
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
Jul 1, 2026
Low
Apache Tomcat
Apache Tomcat
Information Exposure
>=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
Jul 1, 2026
Low
Apache Tomcat
Apache Tomcat
Authorization Bypass
>=7.0.100 <= 7.0.109, >=8.5.38 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
Jul 1, 2026
Medium
Apache Tomcat
Apache Tomcat
Authorization Bypass
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
Jul 1, 2026
High
Apache Tomcat
Apache Tomcat
Authorization Bypass
>= 7.0.0 <=7.0.109, >=8.5.0 <=8.5.100, >=9.0.0.M1 <9.0.119, >=10.1.0-M1 <10.1.56, >=11.0.0-M1 <11.0.23
Jul 1, 2026
High
AngularJS
AngularJS
Cross-Site Scripting
>=1.2.0-rc.3
Jun 24, 2026
Medium
Jackson
jackson-databind
Authorization Bypass
>=2.8.0 <2.18.9, >=2.19.0 <2.21.5, >=3.1.0 <3.1.4
Jun 23, 2026
Medium
Jackson
jackson-databind
Authorization Bypass
<2.18.4, >=2.21.0 <2.21.4, >=3.0.0 <3.1.4
Jun 23, 2026
Medium
Jackson
jackson-databind
Authorization Bypass
>=2.9.0 <2.18.8, >=2.19.0 <2.21.4, >=3.0.0 <3.1.4
Jun 23, 2026
Low
Spring
Spring Security
Information Exposure
>=5.5.0 <=5.5.8, >=5.7.0 <=5.7.23, >=5.8.0 <=5.8.25, >=6.2.0 <=6.2.8, >=6.3.0 <=6.3.16, >=6.4.0 <=6.4.16, >=6.5.0 <=6.5.10, >=7.0.0 <=7.0.5
Jun 22, 2026
Medium
Jackson
jackson-databind
Denial of Service
>=2.10.0 <2.14.0
Jun 22, 2026
Exclamation icon
No results found

Please enter a valid Vulnerability ID number or Technology name.

Sign up for the latest vulnerability alerts
Rss feed icon
Subscribe via RSS
or

By submitting the form I acknowledge receipt of our Privacy Policy.

Thanks for signing up for our Newsletter! We look forward to connecting with you.
Oops! Something went wrong while submitting the form.