FixVibe

// vulnerability spotlight

Jeder Check, den FixVibe ausführt,
erklärt.

164+ Schwachstellenklassen, die FixVibe abdeckt. Jeder Eintrag führt bis zu 35 Sub-Checks pro Scan aus und erklärt, wie der Bug funktioniert, was ein Angreifer bekommt, wie wir testen und was zur Verteidigung nötig ist.

01 / 07

HTTP & Oberfläche

02 / 07

Secrets

03 / 07

Backend-as-a-Service

04 / 07

DNS

05 / 07

Discovery

kritisch· CWE-122

Arcserve UDP Heap Overflow Advisory

Backup management consoles should not expose affected UDP versions.

Spotlight lesen

kritisch· CWE-754 / CWE-294

Schneider Modicon M221 Firmware Advisory

PLC firmware evidence should drive patch and segmentation review, not reboot or authentication replay tests.

Spotlight lesen

hoch· CWE-1395

CVE-Abgleich

Erkannte Version + öffentliche CVE-Datenbank = eine Liste bereits dokumentierter Angriffe.

Spotlight lesen

hoch· CWE-489

Debug- & Admin-Endpunkte

/debug, /admin, /server-status — Pfade, die niemals aus dem Internet erreichbar sein sollten.

Spotlight lesen

hoch· CWE-538

Offen liegende Dateien & Backup-Verzeichnisse

.env, .git, .DS_Store, backup.sql — Dateien, die niemals öffentlich sein sollten, sind es versehentlich.

Spotlight lesen

hoch· CWE-20

Rockwell MicroLogix 1100 DoS Advisory

An exposed PLC fingerprint is an operations risk, not something to crash-test.

Spotlight lesen

hoch· CWE-20

SPIP Template RCE Version Exposure

Public SPIP version banners can reveal an RCE-class patch gap.

Spotlight lesen

mittel

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Spotlight lesen

mittel

Checking Apache Airflow for CVE-2024-45498

Checking Apache Airflow for CVE-2024-45498

Spotlight lesen

mittel

Checking Apache Tomcat for CVE-2020-11996

Checking Apache Tomcat for CVE-2020-11996

Spotlight lesen

mittel

Checking Claude Code GitHub Action workflow permissions

Checking Claude Code GitHub Action workflow permissions

Spotlight lesen

mittel

Checking codexui-android for token-stealing package versions

Checking codexui-android for token-stealing package versions

Spotlight lesen

mittel

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Spotlight lesen

mittel

Checking DICOM files for executable preambles

Checking DICOM files for executable preambles

Spotlight lesen

mittel

Checking Django for CVE-2011-0696

Checking Django for CVE-2011-0696

Spotlight lesen

mittel

Checking Drupal Core for CVE-2026-9082

Checking Drupal Core for CVE-2026-9082

Spotlight lesen

mittel

Checking easy-day-js for Mastra npm incident package evidence

Checking easy-day-js for Mastra npm incident package evidence

Spotlight lesen

mittel

Checking Keras for CVE-2025-1550

Checking Keras for CVE-2025-1550

Spotlight lesen

mittel

Checking Langflow CORS exposure for CVE-2025-34291

Checking Langflow CORS exposure for CVE-2025-34291

Spotlight lesen

mittel

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Spotlight lesen

mittel

Checking MindsDB version exposure for CVE-2026-27483

Checking MindsDB version exposure for CVE-2026-27483

Spotlight lesen

mittel

Checking MISP STIX import source for CVE-2018-19908

Checking MISP STIX import source for CVE-2018-19908

Spotlight lesen

mittel

Checking Moby/Docker Go modules for CVE-2026-34040

Checking Moby/Docker Go modules for CVE-2026-34040

Spotlight lesen

mittel

Checking NGINX rewrite configurations for CVE-2026-42945

Checking NGINX rewrite configurations for CVE-2026-42945

Spotlight lesen

mittel

Checking NiceGUI upload source for CVE-2026-25732

Checking NiceGUI upload source for CVE-2026-25732

Spotlight lesen

mittel

Checking Nokogiri for CVE-2019-18197

Checking Nokogiri for CVE-2019-18197

Spotlight lesen

mittel

Checking npm lockfiles for known typosquat package versions

Checking npm lockfiles for known typosquat package versions

Spotlight lesen

mittel

Checking ONNX for CVE-2024-5187

Checking ONNX for CVE-2024-5187

Spotlight lesen

mittel

Checking Paramiko for CVE-2018-7750

Checking Paramiko for CVE-2018-7750

Spotlight lesen

mittel

Checking proxy npm package for CVE-2023-2968

Checking proxy npm package for CVE-2023-2968

Spotlight lesen

mittel

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Spotlight lesen

mittel

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Spotlight lesen

mittel

Checking vLLM for CVE-2024-9053

Checking vLLM for CVE-2024-9053

Spotlight lesen

mittel

Checking WordPress REST API user exposure

Checking WordPress REST API user exposure

Spotlight lesen

mittel

Checking YOURLS for CVE-2019-14537

Checking YOURLS for CVE-2019-14537

Spotlight lesen

mittel· CWE-693

Cloudflare Origin- & Proxy-Posture

Wenn deine Origin-IP auffindbar ist, ist die Cloudflare-WAF umgehbar.

Spotlight lesen

mittel· CWE-200

GraphQL-Introspection offen liegend

Introspection in Production reicht dem Angreifer dein komplettes Typsystem.

Spotlight lesen

mittel· CWE-693

Threat-Intel-Abgleich

Spamhaus DBL, URLhaus — der Ruf deiner Domain von außen gesehen.

Spotlight lesen

niedrig· CWE-200

Offen liegende API-Dokumentation

/swagger.json, /openapi.json, /docs — öffentliche API-Karten für dich und den Angreifer.

Spotlight lesen

niedrig· CWE-200

Netlify-spezifische Exposure

Netlify-Deploy-Preview-URLs, x-nf-* Header, _redirects-Fehler.

Spotlight lesen

niedrig· CWE-281

Privacy- & Cookie-Compliance-Marker

DSGVO-Pflichtseiten — vorhanden und verlinkt, sonst riskierst du eine Beschwerde.

Spotlight lesen

niedrig· CWE-200

Technologie-Fingerprinting

Deinen Stack zu kennen ist die halbe Aufklärung — veraltete Frameworks füllen die andere Hälfte.

Spotlight lesen

niedrig· CWE-200

Vercel-spezifische Exposure

_next/static, x-vercel-* Header, Preview-URLs — Vercel-Eigenheiten, die mehr leaken als sie sollten.

Spotlight lesen

06 / 07

Aktive Probes

kritisch· CWE-78

AVideo Command Injection Advisory

An outdated AVideo Composer dependency can expose video-link import paths to command execution risk.

Spotlight lesen

kritisch· CWE-639

Cross-Tenant-Datenleaks

Multi-Tenant-SaaS ohne Tenant-ID-Enforcement leakt Kundendaten zwischen Orgs.

Spotlight lesen

kritisch· CWE-89

GeniXCMS Author SQL Injection Exposure

A legacy CMS author filter should not turn one parameter into SQL syntax.

Spotlight lesen

kritisch· CWE-345

JWT alg=none Acceptance

A decoded token is not an authenticated identity.

Spotlight lesen

kritisch· CWE-918

MagicMirror /cors SSRF Exposure

A smart-mirror helper endpoint should not become a network proxy.

Spotlight lesen

kritisch· CWE-119 / CWE-120 / CWE-287 / CWE-306 / CWE-307

Moxa NPort Firmware Advisory

A public device-server firmware banner should drive an upgrade, not a crash test.

Spotlight lesen

kritisch· CWE-78

OS-Command-Injection

Wenn Nutzereingaben Teil eines Shell-Befehls werden, führt die Shell aus, was der Angreifer schreibt.

Spotlight lesen

kritisch· CWE-306

rclone RC Authentication Exposure

A public rclone Remote Control API should not answer unauthenticated fsinfo requests.

Spotlight lesen

kritisch· CWE-94

Server-Side Template Injection (SSTI)

Behandelt die Template-Engine Nutzereingaben als Template, behandelt der Server sie als Code.

Spotlight lesen

kritisch· CWE-798 / CWE-287

SiteOmat BOS Authentication Advisory

Fuel-station management software needs version and exposure review, not password guessing.

Spotlight lesen

kritisch· CWE-119 / CWE-121

SiteOmat CGI Buffer Overflow Advisory

Fuel-station controller CGI risk needs patch and exposure review, not exploit probes.

Spotlight lesen

kritisch· CWE-89

SiteOmat Login SQL Injection Advisory

Fuel-station login risk needs patch and exposure review, not authentication-bypass probes.

Spotlight lesen

kritisch· CWE-89

SQL-Injection

Sobald Nutzereingaben Teil einer Query werden, gehört die Datenbank nicht mehr dir.

Spotlight lesen

hoch· CWE-287

Auth-Flow-Defekte

Login, Signup, Passwort-Reset — hier passieren die meisten Account-Übernahmen tatsächlich.

Spotlight lesen

hoch· CWE-918

Blindes SSRF (Out-of-Band)

Holt der Server vom Nutzer übergebene URLs, kann der Nutzer ihn interne Services holen lassen.

Spotlight lesen

hoch· CWE-89

CKAN DataStore SQL Authorization Bypass

Public DataStore SQL access can turn open data APIs into private data exposure.

Spotlight lesen

hoch· CWE-942

CORS-Fehlkonfiguration

Permissives Access-Control-Allow-Origin plus Credentials heißt: deine API ist die API von allen.

Spotlight lesen

hoch· CWE-79

DOM-basiertes XSS via URL-Fragment

Moderne SPAs lesen location.hash und schreiben es ins DOM — Angreifer-Payloads reisen mit.

Spotlight lesen

hoch· CWE-434

Datei-Upload-Validierung

Hochgeladene Dateien sind beliebige Bytes — sie ungeprüft als „Bilder" zu akzeptieren bittet um RCE.

Spotlight lesen

hoch· CWE-321

FUXA Hardcoded JWT Fallback Secret

Default token-signing secrets can turn an HMI login into a weak boundary.

Spotlight lesen

hoch· CWE-74 / CWE-77

GL.iNet GL-MT3000 Firmware Advisory

A router firmware match should drive an upgrade, not a command-execution test.

Spotlight lesen

hoch· CWE-770

GraphQL Depth-Bombing & Batch-Bypass

GraphQLs Flexibilität ist auch sein Verwundbarkeitsvektor — Tiefen-Bomben, Alias-Batching, Field-Suggestion-Leaks.

Spotlight lesen

hoch· CWE-444

HTTP-Request-Smuggling

Front-Proxy und Backend sind sich nicht einig, wo ein Request endet — der Angreifer reitet die Naht.

Spotlight lesen

hoch· CWE-639

IDOR / BOLA

Vertraut deine API darauf, dass der Client die korrekte ID sendet, kann der Client jede ID senden.

Spotlight lesen

hoch· CWE-200

IIS TRACK Method Information Disclosure

Legacy HTTP method echo behavior should be disabled before it can expose request headers.

Spotlight lesen

hoch· CWE-264

Liferay Portal Template RCE Advisory

Legacy Liferay Portal version evidence should trigger patch verification.

Spotlight lesen

hoch· CWE-77

LLM-Prompt-Injection

Vertraut dein KI-Feature Nutzereingaben als Anweisung, kann der Nutzer den System-Prompt umschreiben.

Spotlight lesen

hoch· CWE-943

NoSQL-Operator-Injection

MongoDB-Operatoren in nutzerkontrolliertem JSON machen aus deiner Query einen Wildcard.

Spotlight lesen

hoch· CWE-79

Reflected Cross-Site Scripting (XSS)

Die stille Übernahme: wenn ein einziger ungefilterter Parameter Angreifer-Code in den Browsern deiner Nutzer ausführt.

Spotlight lesen

hoch· CWE-307

Rockwell MicroLogix 1100 Authentication Advisory

Firmware evidence should drive an update and exposure review, not password-guessing tests.

Spotlight lesen

hoch· CWE-611

XML External Entity (XXE)

Resolvt dein XML-Parser externe Entities, liest dein Server Dateien für den Angreifer.

Spotlight lesen

hoch· CWE-200

ZoneMinder Directory Listing Exposure

A camera management UI should not publish its web root index.

Spotlight lesen

mittel· CWE-203

Account-Enumeration

Reagiert dein Login bei existierenden vs. nicht existierenden Mails unterschiedlich, baut sich der Angreifer eine Kundenliste.

Spotlight lesen

mittel

Checking gemini-mcp-tool for CVE-2026-0755

Checking gemini-mcp-tool for CVE-2026-0755

Spotlight lesen

mittel

Checking Label Studio upload-example XSS exposure

Checking Label Studio upload-example XSS exposure

Spotlight lesen

mittel

Checking Langflow version exposure for CVE-2026-33017

Checking Langflow version exposure for CVE-2026-33017

Spotlight lesen

mittel

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Spotlight lesen

mittel

Checking TLS endpoints for RC4 support

Checking TLS endpoints for RC4 support

Spotlight lesen

mittel

Checking TLS endpoints for Sweet32 DES/3DES support

Checking TLS endpoints for Sweet32 DES/3DES support

Spotlight lesen

mittel

Confirming Glances REST API unauthenticated exposure

Confirming Glances REST API unauthenticated exposure

Spotlight lesen

mittel

Confirming Next.js middleware bypass exposure

Confirming Next.js middleware bypass exposure

Spotlight lesen

mittel

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Spotlight lesen

mittel

Confirming TMT Lockcell login SQL injection exposure

Confirming TMT Lockcell login SQL injection exposure

Spotlight lesen

mittel· CWE-113

CRLF / Response Splitting

Landet Nutzereingabe in einem Response-Header, kann der Angreifer mit Zeilenumbrüchen eigene Header setzen.

Spotlight lesen

mittel· CWE-352

CSRF-Schutz

Verlangen deine state-ändernden Endpunkte kein CSRF-Token, können Drittseiten als deine Nutzer agieren.

Spotlight lesen

mittel· CWE-307

Fehlendes Rate-Limiting

Ohne Rate-Limits auf Auth-Endpunkten kann der Angreifer Credential-Stuffing in Leitungsgeschwindigkeit fahren.

Spotlight lesen

mittel· CWE-693

Next.js Header Configuration Drift

Headers set on `/` do not always protect nested routes.

Spotlight lesen

mittel· CWE-601

Open Redirect

Dein /redirect?url=… ohne Zielprüfung ist ein fertiges Phishing-Kit.

Spotlight lesen

mittel· CWE-79

SPIP valider_xml XSS Exposure

A legacy SPIP utility page should not reflect URL input into HTML.

Spotlight lesen

07 / 07

Quellcode

kritisch· CWE-1321

deephas Prototype-Pollution Advisory

A vulnerable deephas dependency can put deep-path object handling on a prototype-pollution path.

Spotlight lesen

kritisch· CWE-89

Ghost Content API SQL Injection Advisory

A vulnerable Ghost dependency can put public content APIs on the database boundary.

Spotlight lesen

kritisch· CWE-78

LibreNMS Command Injection Advisory

A vulnerable monitoring stack can become an execution path inside the network.

Spotlight lesen

kritisch· CWE-89

LiteLLM SQL Injection Advisory

A vulnerable LiteLLM Proxy version can turn API-key verification into database exposure.

Spotlight lesen

kritisch· CWE-94

NLTK Zip Slip Code Execution Advisory

A vulnerable NLTK downloader can turn compromised package archives into filesystem writes and code-execution risk.

Spotlight lesen

kritisch· CWE-78

openDCIM Command Injection Source Advisory

A database-controlled Graphviz path should not become a shell command.

Spotlight lesen

kritisch· CWE-506

TanStack ArkType Adapter Malware Advisory

Known malicious npm package versions can put CI and developer secrets at install-time risk.

Spotlight lesen

kritisch· CWE-913

vm2 Sandbox Breakout Advisory

A vulnerable JavaScript sandbox dependency can put untrusted-code boundaries at risk.

Spotlight lesen

hoch· CWE-404

Apache Tomcat Coyote Resource-Shutdown Advisory

An affected Tomcat HTTP/2 runtime can turn reset behavior into resource exhaustion.

Spotlight lesen

hoch· CWE-311

Apache Tomcat EncryptInterceptor Advisory

Exact affected Tomcat releases need an upgrade before cluster encryption assumptions are trusted.

Spotlight lesen

hoch· CWE-200

Apache Tomcat h2c Request Mix-Up Advisory

Affected Tomcat h2c handling can put request data on the wrong response path.

Spotlight lesen

hoch· CWE-502

Apache Tomcat Session-Persistence Advisory

Affected Tomcat runtimes become riskier when FileStore session persistence is enabled.

Spotlight lesen

hoch· CWE-798

Committed AI-Generated Secrets

AI snippets should not ship provider keys into git.

Spotlight lesen

hoch· CWE-506

Compromised codfish GitHub Action

Release workflows should not keep pointing at compromised Action refs.

Spotlight lesen

hoch· CWE-77

electerm Install-Script Command Injection Advisory

A vulnerable terminal-client dependency can put build or developer hosts at install-time risk.

Spotlight lesen

hoch· CWE-78 / CWE-306

electerm Unauthorized Command Execution Advisory

A stale electerm package can matter when the vulnerable service is packaged and running.

Spotlight lesen

hoch· CWE-22

Gogs Directory Traversal Dependency Advisory

An affected Gogs runtime can put file-upload path handling on a traversal boundary.

Spotlight lesen

hoch· CWE-22

Gradio Windows Python Path Traversal Advisory

A vulnerable Gradio dependency becomes a stronger signal when repo config points to Windows with Python 3.13+.

Spotlight lesen

hoch· CWE-120

Mbed TLS Buffer-Overflow Advisory

Affected Mbed TLS 3.x source evidence deserves an upgrade, not exploit reproduction.

Spotlight lesen

hoch· CWE-415

Mbed TLS Double-Free Advisory

Legacy Mbed TLS version evidence deserves branch-aware remediation.

Spotlight lesen

hoch· CWE-457

Microsoft ATL MS09-035 Source Advisory

Legacy ATL build metadata deserves rebuild proof, not exploit reproduction.

Spotlight lesen

hoch· CWE-611

OpenCms XXE Information-Disclosure Advisory

A vulnerable OpenCms dependency can put XML-processing routes on a file-read boundary.

Spotlight lesen

hoch· CWE-787

OpenSSL CMS Message-Parsing Advisory

Affected OpenSSL branch evidence deserves a branch-aware runtime upgrade.

Spotlight lesen

hoch· CWE-754

PDF.js JavaScript Execution Advisory

A vulnerable PDF viewer can turn a malicious document into script execution.

Spotlight lesen

hoch· CWE-755

PickleScan ZIP CRC Bypass Advisory

A vulnerable PickleScan dependency can miss malicious model archives when scans fail open.

Spotlight lesen

hoch· CWE-78

pyLoad /flashgot RCE Advisory

A vulnerable pyLoad dependency is patch-triage evidence, not proof of live RCE.

Spotlight lesen

hoch· CWE-94

Riskante Source-Code-Muster

eval(), dangerouslySetInnerHTML, hartkodierte Secrets — die Muster, die SAST seit 25 Jahren findet.

Spotlight lesen

hoch· CWE-22

SaltStack Salt Directory Traversal Advisory

A vulnerable Salt package can weaken Salt master authentication boundaries.

Spotlight lesen

hoch· CWE-78

SAP Cloud SDK for AI Python Advisory

A vulnerable SAP Python SDK dependency is patch-triage evidence, not proof of live command execution.

Spotlight lesen

hoch· CWE-770

Spring Data Commons Resource-Exhaustion Advisory

Affected Spring Data Commons dependencies can put property-path parsing on a DoS path.

Spotlight lesen

hoch· CWE-284

Supabase RLS in Migrations

A public table without RLS is a future data leak.

Spotlight lesen

hoch· CWE-91

veraPDF XSLT Injection Dependency Advisory

Affected veraPDF policy-file processing can put XSLT execution boundaries at risk.

Spotlight lesen

hoch· CWE-1395

Verwundbare Dependencies

Deine package-lock.json enthält Tausende Pakete. Einige haben bekannte CVEs.

Spotlight lesen

hoch· CWE-345

Webhook-Signatur-Verifikation

Verifiziert dein Webhook-Handler die Signatur nicht, kann jeder Events fälschen.

Spotlight lesen

hoch· CWE-476

ws Excessive-Header DoS Advisory

Affected ws server runtimes can crash when upgrade requests carry too many headers.

Spotlight lesen

mittel· CWE-693

AI-Generated Code Guardrails

Fast AI-assisted changes need repo-level security rails.

Spotlight lesen

mittel

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Spotlight lesen

mittel

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Spotlight lesen

mittel

Checking Apache Spark for CVE-2022-33891

Checking Apache Spark for CVE-2022-33891

Spotlight lesen

mittel

Checking Cargo files for the malicious onering crate

Checking Cargo files for the malicious onering crate

Spotlight lesen

mittel

Checking http4k-format-xml for CVE-2024-55875

Checking http4k-format-xml for CVE-2024-55875

Spotlight lesen

mittel

Checking kill-port-process for CVE-2019-15609

Checking kill-port-process for CVE-2019-15609

Spotlight lesen

mittel

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Spotlight lesen

mittel

Checking Note Mark backend for CVE-2026-44522

Checking Note Mark backend for CVE-2026-44522

Spotlight lesen

mittel

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Spotlight lesen

mittel

Checking OpenSSL PowerPC builds for CVE-2023-6129

Checking OpenSSL PowerPC builds for CVE-2023-6129

Spotlight lesen

mittel

Checking Perl GD for CVE-2026-11526

Checking Perl GD for CVE-2026-11526

Spotlight lesen

mittel

Checking Red Hat npm package versions for the worm campaign

Checking Red Hat npm package versions for the worm campaign

Spotlight lesen

mittel

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Spotlight lesen

mittel· CWE-283

Kubernetes Service ExternalIPs Advisory

ExternalIPs in Service manifests deserve RBAC and admission-policy review.

Spotlight lesen

mittel· CWE-295

Mbed TLS Certificate-Validation Advisory

Affected Mbed TLS 3.x evidence deserves upgrade and client-auth review.

Spotlight lesen

mittel· CWE-1325

OpenSSL TLSv1.3 Session Memory-Growth Advisory

A vulnerable OpenSSL runtime plus no-ticket TLSv1.3 session handling can create DoS risk.

Spotlight lesen

mittel· CWE-400

Oracle Java SE / GraalVM Runtime Advisory

Affected Oracle runtime metadata deserves an update, not DoS reproduction.

Spotlight lesen

mittel· CWE-1357

Repo-Security-Hygiene

Branch-Protection, Action-Pinning, Secret-Hygiene — wie dein Repo geführt wird zählt mehr als der Code.

Spotlight lesen

mittel

Reviewing repo code against web app risk patterns

Reviewing repo code against web app risk patterns

Spotlight lesen

Wir recherchieren laufend die neuesten Schwachstellen-Checks und Fixes, damit du mit Ruhe shippen kannst.

Scan starten
Schwachstellen-Katalog — FixVibe · FixVibe