FixVibe

// vulnerability spotlight

Setiap check yang dijalankan FixVibe,
explained.

164+ kelas kerentanan yang dibawa FixVibe. Tiap entri menjalankan hingga 35 sub-check per scan dan membedah cara bug bekerja, apa yang didapat penyerang darinya, bagaimana kami mengujinya, dan apa yang dibutuhkan untuk bertahan.

01 / 07

HTTP & Permukaan

02 / 07

Secrets

03 / 07

Backend-as-a-Service

04 / 07

DNS

05 / 07

Discovery

criticalยท CWE-122

Arcserve UDP Heap Overflow Advisory

Backup management consoles should not expose affected UDP versions.

Baca spotlight โ†’

criticalยท CWE-754 / CWE-294

Schneider Modicon M221 Firmware Advisory

PLC firmware evidence should drive patch and segmentation review, not reboot or authentication replay tests.

Baca spotlight โ†’

highยท CWE-1395

CVE Cross-Reference

Detected version + public CVE database = a list of attacks already documented.

Baca spotlight โ†’

highยท CWE-489

Debug & Admin Endpoints

/debug, /admin, /server-status โ€” paths that should never be reachable from the internet.

Baca spotlight โ†’

highยท CWE-538

Exposed Files & Backup Directories

.env, .git, .DS_Store, backup.sql โ€” files that should never be public, accidentally are.

Baca spotlight โ†’

highยท CWE-20

Rockwell MicroLogix 1100 DoS Advisory

An exposed PLC fingerprint is an operations risk, not something to crash-test.

Baca spotlight โ†’

highยท CWE-20

SPIP Template RCE Version Exposure

Public SPIP version banners can reveal an RCE-class patch gap.

Baca spotlight โ†’

medium

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Baca spotlight โ†’

medium

Checking Apache Airflow for CVE-2024-45498

Checking Apache Airflow for CVE-2024-45498

Baca spotlight โ†’

medium

Checking Apache Tomcat for CVE-2020-11996

Checking Apache Tomcat for CVE-2020-11996

Baca spotlight โ†’

medium

Checking Claude Code GitHub Action workflow permissions

Checking Claude Code GitHub Action workflow permissions

Baca spotlight โ†’

medium

Checking codexui-android for token-stealing package versions

Checking codexui-android for token-stealing package versions

Baca spotlight โ†’

medium

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Baca spotlight โ†’

medium

Checking DICOM files for executable preambles

Checking DICOM files for executable preambles

Baca spotlight โ†’

medium

Checking Django for CVE-2011-0696

Checking Django for CVE-2011-0696

Baca spotlight โ†’

medium

Checking Drupal Core for CVE-2026-9082

Checking Drupal Core for CVE-2026-9082

Baca spotlight โ†’

medium

Checking easy-day-js for Mastra npm incident package evidence

Checking easy-day-js for Mastra npm incident package evidence

Baca spotlight โ†’

medium

Checking Keras for CVE-2025-1550

Checking Keras for CVE-2025-1550

Baca spotlight โ†’

medium

Checking Langflow CORS exposure for CVE-2025-34291

Checking Langflow CORS exposure for CVE-2025-34291

Baca spotlight โ†’

medium

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Baca spotlight โ†’

medium

Checking MindsDB version exposure for CVE-2026-27483

Checking MindsDB version exposure for CVE-2026-27483

Baca spotlight โ†’

medium

Checking MISP STIX import source for CVE-2018-19908

Checking MISP STIX import source for CVE-2018-19908

Baca spotlight โ†’

medium

Checking Moby/Docker Go modules for CVE-2026-34040

Checking Moby/Docker Go modules for CVE-2026-34040

Baca spotlight โ†’

medium

Checking NGINX rewrite configurations for CVE-2026-42945

Checking NGINX rewrite configurations for CVE-2026-42945

Baca spotlight โ†’

medium

Checking NiceGUI upload source for CVE-2026-25732

Checking NiceGUI upload source for CVE-2026-25732

Baca spotlight โ†’

medium

Checking Nokogiri for CVE-2019-18197

Checking Nokogiri for CVE-2019-18197

Baca spotlight โ†’

medium

Checking npm lockfiles for known typosquat package versions

Checking npm lockfiles for known typosquat package versions

Baca spotlight โ†’

medium

Checking ONNX for CVE-2024-5187

Checking ONNX for CVE-2024-5187

Baca spotlight โ†’

medium

Checking Paramiko for CVE-2018-7750

Checking Paramiko for CVE-2018-7750

Baca spotlight โ†’

medium

Checking proxy npm package for CVE-2023-2968

Checking proxy npm package for CVE-2023-2968

Baca spotlight โ†’

medium

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Baca spotlight โ†’

medium

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Baca spotlight โ†’

medium

Checking vLLM for CVE-2024-9053

Checking vLLM for CVE-2024-9053

Baca spotlight โ†’

medium

Checking WordPress REST API user exposure

Checking WordPress REST API user exposure

Baca spotlight โ†’

medium

Checking YOURLS for CVE-2019-14537

Checking YOURLS for CVE-2019-14537

Baca spotlight โ†’

mediumยท CWE-693

Cloudflare Origin & Proxy Posture

If your origin IP is discoverable, Cloudflare's WAF is bypassable.

Baca spotlight โ†’

mediumยท CWE-200

GraphQL Introspection Exposed

Introspection in production hands the attacker your full type system.

Baca spotlight โ†’

mediumยท CWE-693

Threat-Intel Cross-Reference

Spamhaus DBL, URLhaus โ€” your domain's reputation, externally seen.

Baca spotlight โ†’

lowยท CWE-200

Exposed API Documentation

/swagger.json, /openapi.json, /docs โ€” public API maps for both you and the attacker.

Baca spotlight โ†’

lowยท CWE-200

Netlify-Specific Exposure

Netlify deploy preview URLs, x-nf-* headers, _redirects mistakes.

Baca spotlight โ†’

lowยท CWE-281

Privacy & Cookie Compliance Markers

GDPR-required pages โ€” present and linked, or you're at risk of a complaint.

Baca spotlight โ†’

lowยท CWE-200

Technology Fingerprinting

Knowing your stack is half the recon โ€” outdated frameworks turn that into the other half.

Baca spotlight โ†’

lowยท CWE-200

Vercel-Specific Exposure

_next/static, x-vercel-* headers, preview URLs โ€” Vercel-isms that leak more than they should.

Baca spotlight โ†’

06 / 07

Probe aktif

criticalยท CWE-78

AVideo Command Injection Advisory

An outdated AVideo Composer dependency can expose video-link import paths to command execution risk.

Baca spotlight โ†’

criticalยท CWE-639

Cross-Tenant Data Leaks

Multi-tenant SaaS without tenant ID enforcement leaks customer data across orgs.

Baca spotlight โ†’

criticalยท CWE-89

GeniXCMS Author SQL Injection Exposure

A legacy CMS author filter should not turn one parameter into SQL syntax.

Baca spotlight โ†’

criticalยท CWE-345

JWT alg=none Acceptance

A decoded token is not an authenticated identity.

Baca spotlight โ†’

criticalยท CWE-918

MagicMirror /cors SSRF Exposure

A smart-mirror helper endpoint should not become a network proxy.

Baca spotlight โ†’

criticalยท CWE-119 / CWE-120 / CWE-287 / CWE-306 / CWE-307

Moxa NPort Firmware Advisory

A public device-server firmware banner should drive an upgrade, not a crash test.

Baca spotlight โ†’

criticalยท CWE-78

OS Command Injection

When user input becomes part of a shell command, the shell runs whatever the attacker writes.

Baca spotlight โ†’

criticalยท CWE-306

rclone RC Authentication Exposure

A public rclone Remote Control API should not answer unauthenticated fsinfo requests.

Baca spotlight โ†’

criticalยท CWE-94

Server-Side Template Injection (SSTI)

When a template engine treats user input as a template, the server treats user input as code.

Baca spotlight โ†’

criticalยท CWE-798 / CWE-287

SiteOmat BOS Authentication Advisory

Fuel-station management software needs version and exposure review, not password guessing.

Baca spotlight โ†’

criticalยท CWE-119 / CWE-121

SiteOmat CGI Buffer Overflow Advisory

Fuel-station controller CGI risk needs patch and exposure review, not exploit probes.

Baca spotlight โ†’

criticalยท CWE-89

SiteOmat Login SQL Injection Advisory

Fuel-station login risk needs patch and exposure review, not authentication-bypass probes.

Baca spotlight โ†’

criticalยท CWE-89

SQL Injection

When user input becomes part of a query, the database stops being yours.

Baca spotlight โ†’

highยท CWE-287

Auth Flow Defects

Login, signup, and password reset are where most account takeovers actually happen.

Baca spotlight โ†’

highยท CWE-918

Blind SSRF (Out-of-Band)

If the server fetches user-supplied URLs, the user can make it fetch internal services.

Baca spotlight โ†’

highยท CWE-89

CKAN DataStore SQL Authorization Bypass

Public DataStore SQL access can turn open data APIs into private data exposure.

Baca spotlight โ†’

highยท CWE-942

CORS Misconfiguration

Permissive Access-Control-Allow-Origin plus credentials means your API is everyone's API.

Baca spotlight โ†’

highยท CWE-79

DOM-based XSS via URL Fragment

Modern SPAs read location.hash and write it into the DOM โ€” attacker payloads ride along.

Baca spotlight โ†’

highยท CWE-434

File Upload Validation

User-uploaded files are arbitrary bytes โ€” accepting them as 'images' without checking is asking for RCE.

Baca spotlight โ†’

highยท CWE-321

FUXA Hardcoded JWT Fallback Secret

Default token-signing secrets can turn an HMI login into a weak boundary.

Baca spotlight โ†’

highยท CWE-74 / CWE-77

GL.iNet GL-MT3000 Firmware Advisory

A router firmware match should drive an upgrade, not a command-execution test.

Baca spotlight โ†’

highยท CWE-770

GraphQL Depth Bombing & Batch Bypass

GraphQL's flexibility is also its vulnerability โ€” depth bombs, alias batching, and field-suggestion leaks.

Baca spotlight โ†’

highยท CWE-444

HTTP Request Smuggling

Front-end proxy and back-end disagree on where one request ends โ€” attacker rides the seam.

Baca spotlight โ†’

highยท CWE-639

IDOR / BOLA

If your API trusts the client to send the correct ID, the client can send any ID.

Baca spotlight โ†’

highยท CWE-200

IIS TRACK Method Information Disclosure

Legacy HTTP method echo behavior should be disabled before it can expose request headers.

Baca spotlight โ†’

highยท CWE-264

Liferay Portal Template RCE Advisory

Legacy Liferay Portal version evidence should trigger patch verification.

Baca spotlight โ†’

highยท CWE-77

LLM Prompt Injection

If your AI feature trusts user input as instruction, the user can rewrite the system prompt.

Baca spotlight โ†’

highยท CWE-943

NoSQL Operator Injection

MongoDB-style operators in user-controlled JSON turn your query into a wildcard.

Baca spotlight โ†’

highยท CWE-79

Reflected Cross-Site Scripting (XSS)

The silent hijack: when a single unsanitized parameter executes attacker code in your users' browsers.

Baca spotlight โ†’

highยท CWE-307

Rockwell MicroLogix 1100 Authentication Advisory

Firmware evidence should drive an update and exposure review, not password-guessing tests.

Baca spotlight โ†’

highยท CWE-611

XML External Entity (XXE)

If your XML parser resolves external entities, your server reads files for the attacker.

Baca spotlight โ†’

highยท CWE-200

ZoneMinder Directory Listing Exposure

A camera management UI should not publish its web root index.

Baca spotlight โ†’

mediumยท CWE-203

Account Enumeration

If your login responds differently when the email exists vs doesn't, attackers can build a customer list.

Baca spotlight โ†’

medium

Checking gemini-mcp-tool for CVE-2026-0755

Checking gemini-mcp-tool for CVE-2026-0755

Baca spotlight โ†’

medium

Checking Label Studio upload-example XSS exposure

Checking Label Studio upload-example XSS exposure

Baca spotlight โ†’

medium

Checking Langflow version exposure for CVE-2026-33017

Checking Langflow version exposure for CVE-2026-33017

Baca spotlight โ†’

medium

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Baca spotlight โ†’

medium

Checking TLS endpoints for RC4 support

Checking TLS endpoints for RC4 support

Baca spotlight โ†’

medium

Checking TLS endpoints for Sweet32 DES/3DES support

Checking TLS endpoints for Sweet32 DES/3DES support

Baca spotlight โ†’

medium

Confirming Glances REST API unauthenticated exposure

Confirming Glances REST API unauthenticated exposure

Baca spotlight โ†’

medium

Confirming Next.js middleware bypass exposure

Confirming Next.js middleware bypass exposure

Baca spotlight โ†’

medium

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Baca spotlight โ†’

medium

Confirming TMT Lockcell login SQL injection exposure

Confirming TMT Lockcell login SQL injection exposure

Baca spotlight โ†’

mediumยท CWE-113

CRLF / Response Splitting

If user input lands in a response header, line breaks let the attacker write their own headers.

Baca spotlight โ†’

mediumยท CWE-352

CSRF Protection

If your state-changing endpoints don't require a CSRF token, third-party sites can act as your users.

Baca spotlight โ†’

mediumยท CWE-307

Missing Rate Limiting

Without rate limits on auth endpoints, the attacker can credential-stuff at line speed.

Baca spotlight โ†’

mediumยท CWE-693

Next.js Header Configuration Drift

Headers set on `/` do not always protect nested routes.

Baca spotlight โ†’

mediumยท CWE-601

Open Redirect

Your /redirect?url=โ€ฆ that doesn't validate the destination is a phishing kit.

Baca spotlight โ†’

mediumยท CWE-79

SPIP valider_xml XSS Exposure

A legacy SPIP utility page should not reflect URL input into HTML.

Baca spotlight โ†’

07 / 07

Kode sumber

criticalยท CWE-1321

deephas Prototype-Pollution Advisory

A vulnerable deephas dependency can put deep-path object handling on a prototype-pollution path.

Baca spotlight โ†’

criticalยท CWE-89

Ghost Content API SQL Injection Advisory

A vulnerable Ghost dependency can put public content APIs on the database boundary.

Baca spotlight โ†’

criticalยท CWE-78

LibreNMS Command Injection Advisory

A vulnerable monitoring stack can become an execution path inside the network.

Baca spotlight โ†’

criticalยท CWE-89

LiteLLM SQL Injection Advisory

A vulnerable LiteLLM Proxy version can turn API-key verification into database exposure.

Baca spotlight โ†’

criticalยท CWE-94

NLTK Zip Slip Code Execution Advisory

A vulnerable NLTK downloader can turn compromised package archives into filesystem writes and code-execution risk.

Baca spotlight โ†’

criticalยท CWE-78

openDCIM Command Injection Source Advisory

A database-controlled Graphviz path should not become a shell command.

Baca spotlight โ†’

criticalยท CWE-506

TanStack ArkType Adapter Malware Advisory

Known malicious npm package versions can put CI and developer secrets at install-time risk.

Baca spotlight โ†’

criticalยท CWE-913

vm2 Sandbox Breakout Advisory

A vulnerable JavaScript sandbox dependency can put untrusted-code boundaries at risk.

Baca spotlight โ†’

highยท CWE-404

Apache Tomcat Coyote Resource-Shutdown Advisory

An affected Tomcat HTTP/2 runtime can turn reset behavior into resource exhaustion.

Baca spotlight โ†’

highยท CWE-311

Apache Tomcat EncryptInterceptor Advisory

Exact affected Tomcat releases need an upgrade before cluster encryption assumptions are trusted.

Baca spotlight โ†’

highยท CWE-200

Apache Tomcat h2c Request Mix-Up Advisory

Affected Tomcat h2c handling can put request data on the wrong response path.

Baca spotlight โ†’

highยท CWE-502

Apache Tomcat Session-Persistence Advisory

Affected Tomcat runtimes become riskier when FileStore session persistence is enabled.

Baca spotlight โ†’

highยท CWE-798

Committed AI-Generated Secrets

AI snippets should not ship provider keys into git.

Baca spotlight โ†’

highยท CWE-506

Compromised codfish GitHub Action

Release workflows should not keep pointing at compromised Action refs.

Baca spotlight โ†’

highยท CWE-77

electerm Install-Script Command Injection Advisory

A vulnerable terminal-client dependency can put build or developer hosts at install-time risk.

Baca spotlight โ†’

highยท CWE-78 / CWE-306

electerm Unauthorized Command Execution Advisory

A stale electerm package can matter when the vulnerable service is packaged and running.

Baca spotlight โ†’

highยท CWE-22

Gogs Directory Traversal Dependency Advisory

An affected Gogs runtime can put file-upload path handling on a traversal boundary.

Baca spotlight โ†’

highยท CWE-22

Gradio Windows Python Path Traversal Advisory

A vulnerable Gradio dependency becomes a stronger signal when repo config points to Windows with Python 3.13+.

Baca spotlight โ†’

highยท CWE-120

Mbed TLS Buffer-Overflow Advisory

Affected Mbed TLS 3.x source evidence deserves an upgrade, not exploit reproduction.

Baca spotlight โ†’

highยท CWE-415

Mbed TLS Double-Free Advisory

Legacy Mbed TLS version evidence deserves branch-aware remediation.

Baca spotlight โ†’

highยท CWE-457

Microsoft ATL MS09-035 Source Advisory

Legacy ATL build metadata deserves rebuild proof, not exploit reproduction.

Baca spotlight โ†’

highยท CWE-611

OpenCms XXE Information-Disclosure Advisory

A vulnerable OpenCms dependency can put XML-processing routes on a file-read boundary.

Baca spotlight โ†’

highยท CWE-787

OpenSSL CMS Message-Parsing Advisory

Affected OpenSSL branch evidence deserves a branch-aware runtime upgrade.

Baca spotlight โ†’

highยท CWE-754

PDF.js JavaScript Execution Advisory

A vulnerable PDF viewer can turn a malicious document into script execution.

Baca spotlight โ†’

highยท CWE-755

PickleScan ZIP CRC Bypass Advisory

A vulnerable PickleScan dependency can miss malicious model archives when scans fail open.

Baca spotlight โ†’

highยท CWE-78

pyLoad /flashgot RCE Advisory

A vulnerable pyLoad dependency is patch-triage evidence, not proof of live RCE.

Baca spotlight โ†’

highยท CWE-94

Risky Source-Code Patterns

eval(), dangerouslySetInnerHTML, hard-coded secrets โ€” the patterns SAST has been catching for 25 years.

Baca spotlight โ†’

highยท CWE-22

SaltStack Salt Directory Traversal Advisory

A vulnerable Salt package can weaken Salt master authentication boundaries.

Baca spotlight โ†’

highยท CWE-78

SAP Cloud SDK for AI Python Advisory

A vulnerable SAP Python SDK dependency is patch-triage evidence, not proof of live command execution.

Baca spotlight โ†’

highยท CWE-770

Spring Data Commons Resource-Exhaustion Advisory

Affected Spring Data Commons dependencies can put property-path parsing on a DoS path.

Baca spotlight โ†’

highยท CWE-284

Supabase RLS in Migrations

A public table without RLS is a future data leak.

Baca spotlight โ†’

highยท CWE-91

veraPDF XSLT Injection Dependency Advisory

Affected veraPDF policy-file processing can put XSLT execution boundaries at risk.

Baca spotlight โ†’

highยท CWE-1395

Vulnerable Dependencies

Your package-lock.json includes thousands of packages. Some have known CVEs.

Baca spotlight โ†’

highยท CWE-345

Webhook Signature Verification

If your webhook handler doesn't verify the signature, anyone can forge events.

Baca spotlight โ†’

highยท CWE-476

ws Excessive-Header DoS Advisory

Affected ws server runtimes can crash when upgrade requests carry too many headers.

Baca spotlight โ†’

mediumยท CWE-693

AI-Generated Code Guardrails

Fast AI-assisted changes need repo-level security rails.

Baca spotlight โ†’

medium

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Baca spotlight โ†’

medium

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Baca spotlight โ†’

medium

Checking Apache Spark for CVE-2022-33891

Checking Apache Spark for CVE-2022-33891

Baca spotlight โ†’

medium

Checking Cargo files for the malicious onering crate

Checking Cargo files for the malicious onering crate

Baca spotlight โ†’

medium

Checking http4k-format-xml for CVE-2024-55875

Checking http4k-format-xml for CVE-2024-55875

Baca spotlight โ†’

medium

Checking kill-port-process for CVE-2019-15609

Checking kill-port-process for CVE-2019-15609

Baca spotlight โ†’

medium

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Baca spotlight โ†’

medium

Checking Note Mark backend for CVE-2026-44522

Checking Note Mark backend for CVE-2026-44522

Baca spotlight โ†’

medium

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Baca spotlight โ†’

medium

Checking OpenSSL PowerPC builds for CVE-2023-6129

Checking OpenSSL PowerPC builds for CVE-2023-6129

Baca spotlight โ†’

medium

Checking Perl GD for CVE-2026-11526

Checking Perl GD for CVE-2026-11526

Baca spotlight โ†’

medium

Checking Red Hat npm package versions for the worm campaign

Checking Red Hat npm package versions for the worm campaign

Baca spotlight โ†’

medium

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Baca spotlight โ†’

mediumยท CWE-283

Kubernetes Service ExternalIPs Advisory

ExternalIPs in Service manifests deserve RBAC and admission-policy review.

Baca spotlight โ†’

mediumยท CWE-295

Mbed TLS Certificate-Validation Advisory

Affected Mbed TLS 3.x evidence deserves upgrade and client-auth review.

Baca spotlight โ†’

mediumยท CWE-1325

OpenSSL TLSv1.3 Session Memory-Growth Advisory

A vulnerable OpenSSL runtime plus no-ticket TLSv1.3 session handling can create DoS risk.

Baca spotlight โ†’

mediumยท CWE-400

Oracle Java SE / GraalVM Runtime Advisory

Affected Oracle runtime metadata deserves an update, not DoS reproduction.

Baca spotlight โ†’

mediumยท CWE-1357

Repo Security Hygiene

Branch protection, action pinning, secret hygiene โ€” how your repo is run matters more than the code.

Baca spotlight โ†’

medium

Reviewing repo code against web app risk patterns

Reviewing repo code against web app risk patterns

Baca spotlight โ†’

Riset kerentanan setiap hari. Check baru rilis secara berkala saat sebuah temuan relevan, aman untuk diuji, dan dapat dideteksi.

Jalankan pemindaian โ†’
Katalog kerentanan โ€” FixVibe ยท FixVibe