CVE database

Searchable catalogue of CVEs RepoWarden patches automatically. Track recent vulnerabilities in npm, PyPI, and other ecosystems — with plain-English explanations, detection commands, and fix guidance.

Related CVE coverage

highCVE-2024-21538|cross-spawn (npm)|November 8, 2024

Regular expression denial of service (ReDoS) in cross-spawn — a transitive dependency in millions of npm projects.

CVSS 7.5npmredosdenial-of-servicetransitive-dependency

highCVE-2024-39338|axios (npm)|August 12, 2024

Server-side request forgery (SSRF) in axios via protocol-relative URLs in path-relative requests.

CVSS 7.5npmssrfaxioshttp-client

criticalCVE-2024-37032|ollama (github)|June 24, 2024

Path traversal in Ollama (\"Probllama\") allowing remote code execution via crafted model manifests.

CVSS 9.8ollamapath-traversalrceai

mediumREADME| ()