FixVibe

// holofote de vulnerabilidades

Cada check que o FixVibe roda,
explicado.

164+ classes de vulnerabilidades que vêm com o FixVibe. Cada item roda até 35 sub-checks por scan e detalha como o bug funciona, o que um atacante ganha com isso, como testamos e o que é preciso para se defender.

01 / 07

HTTP & superfície

02 / 07

Segredos

03 / 07

Backend-as-a-Service

04 / 07

DNS

05 / 07

Descoberta

crítico· CWE-122

Arcserve UDP Heap Overflow Advisory

Backup management consoles should not expose affected UDP versions.

Ler o holofote

crítico· CWE-754 / CWE-294

Schneider Modicon M221 Firmware Advisory

PLC firmware evidence should drive patch and segmentation review, not reboot or authentication replay tests.

Ler o holofote

alto· CWE-1395

Cruzamento com CVE

Versão detectada + base pública de CVE = uma lista de ataques já documentados.

Ler o holofote

alto· CWE-489

Endpoints de debug e admin

/debug, /admin, /server-status — caminhos que nunca deveriam ser alcançáveis pela internet.

Ler o holofote

alto· CWE-538

Arquivos e diretórios de backup expostos

.env, .git, .DS_Store, backup.sql — arquivos que nunca deveriam ser públicos, são por acidente.

Ler o holofote

alto· CWE-20

Rockwell MicroLogix 1100 DoS Advisory

An exposed PLC fingerprint is an operations risk, not something to crash-test.

Ler o holofote

alto· CWE-20

SPIP Template RCE Version Exposure

Public SPIP version banners can reveal an RCE-class patch gap.

Ler o holofote

médio

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Checking Apache ActiveMQ Artemis for CVE-2023-50780

Ler o holofote

médio

Checking Apache Airflow for CVE-2024-45498

Checking Apache Airflow for CVE-2024-45498

Ler o holofote

médio

Checking Apache Tomcat for CVE-2020-11996

Checking Apache Tomcat for CVE-2020-11996

Ler o holofote

médio

Checking Claude Code GitHub Action workflow permissions

Checking Claude Code GitHub Action workflow permissions

Ler o holofote

médio

Checking codexui-android for token-stealing package versions

Checking codexui-android for token-stealing package versions

Ler o holofote

médio

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Checking cordova-plugin-inappbrowser for CVE-2019-0219

Ler o holofote

médio

Checking DICOM files for executable preambles

Checking DICOM files for executable preambles

Ler o holofote

médio

Checking Django for CVE-2011-0696

Checking Django for CVE-2011-0696

Ler o holofote

médio

Checking Drupal Core for CVE-2026-9082

Checking Drupal Core for CVE-2026-9082

Ler o holofote

médio

Checking easy-day-js for Mastra npm incident package evidence

Checking easy-day-js for Mastra npm incident package evidence

Ler o holofote

médio

Checking Keras for CVE-2025-1550

Checking Keras for CVE-2025-1550

Ler o holofote

médio

Checking Langflow CORS exposure for CVE-2025-34291

Checking Langflow CORS exposure for CVE-2025-34291

Ler o holofote

médio

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Checking Log4j 1.2 JDBCAppender for CVE-2022-23305

Ler o holofote

médio

Checking MindsDB version exposure for CVE-2026-27483

Checking MindsDB version exposure for CVE-2026-27483

Ler o holofote

médio

Checking MISP STIX import source for CVE-2018-19908

Checking MISP STIX import source for CVE-2018-19908

Ler o holofote

médio

Checking Moby/Docker Go modules for CVE-2026-34040

Checking Moby/Docker Go modules for CVE-2026-34040

Ler o holofote

médio

Checking NGINX rewrite configurations for CVE-2026-42945

Checking NGINX rewrite configurations for CVE-2026-42945

Ler o holofote

médio

Checking NiceGUI upload source for CVE-2026-25732

Checking NiceGUI upload source for CVE-2026-25732

Ler o holofote

médio

Checking Nokogiri for CVE-2019-18197

Checking Nokogiri for CVE-2019-18197

Ler o holofote

médio

Checking npm lockfiles for known typosquat package versions

Checking npm lockfiles for known typosquat package versions

Ler o holofote

médio

Checking ONNX for CVE-2024-5187

Checking ONNX for CVE-2024-5187

Ler o holofote

médio

Checking Paramiko for CVE-2018-7750

Checking Paramiko for CVE-2018-7750

Ler o holofote

médio

Checking proxy npm package for CVE-2023-2968

Checking proxy npm package for CVE-2023-2968

Ler o holofote

médio

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Checking Spring Data Commons and XMLBeam for CVE-2018-1259

Ler o holofote

médio

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Checking SQLitePCLRaw native SQLite packages for CVE-2025-6965

Ler o holofote

médio

Checking vLLM for CVE-2024-9053

Checking vLLM for CVE-2024-9053

Ler o holofote

médio

Checking WordPress REST API user exposure

Checking WordPress REST API user exposure

Ler o holofote

médio

Checking YOURLS for CVE-2019-14537

Checking YOURLS for CVE-2019-14537

Ler o holofote

médio· CWE-693

Postura de origem e proxy da Cloudflare

Se seu IP de origem é descobrível, o WAF da Cloudflare é contornável.

Ler o holofote

médio· CWE-200

Introspection do GraphQL exposto

Introspection em produção entrega ao atacante todo o seu sistema de tipos.

Ler o holofote

médio· CWE-693

Cruzamento com threat intel

Spamhaus DBL, URLhaus — a reputação do seu domínio vista de fora.

Ler o holofote

baixo· CWE-200

Documentação de API exposta

/swagger.json, /openapi.json, /docs — mapas públicos de API para você e para o atacante.

Ler o holofote

baixo· CWE-200

Exposição específica da Netlify

URLs de deploy preview da Netlify, headers x-nf-*, erros em _redirects.

Ler o holofote

baixo· CWE-281

Marcadores de conformidade de privacidade e cookies

Páginas exigidas pela LGPD/GDPR — presentes e linkadas, ou você corre risco de denúncia.

Ler o holofote

baixo· CWE-200

Fingerprinting de tecnologia

Conhecer seu stack é metade do reconhecimento — frameworks desatualizados completam a outra metade.

Ler o holofote

baixo· CWE-200

Exposição específica da Vercel

_next/static, headers x-vercel-*, URLs de preview — peculiaridades da Vercel que vazam mais do que deveriam.

Ler o holofote

06 / 07

Sondagens ativas

crítico· CWE-78

AVideo Command Injection Advisory

An outdated AVideo Composer dependency can expose video-link import paths to command execution risk.

Ler o holofote

crítico· CWE-639

Vazamentos de dados entre tenants

SaaS multi-tenant sem enforcement de tenant ID vaza dados de clientes entre orgs.

Ler o holofote

crítico· CWE-89

GeniXCMS Author SQL Injection Exposure

A legacy CMS author filter should not turn one parameter into SQL syntax.

Ler o holofote

crítico· CWE-345

JWT alg=none Acceptance

A decoded token is not an authenticated identity.

Ler o holofote

crítico· CWE-918

MagicMirror /cors SSRF Exposure

A smart-mirror helper endpoint should not become a network proxy.

Ler o holofote

crítico· CWE-119 / CWE-120 / CWE-287 / CWE-306 / CWE-307

Moxa NPort Firmware Advisory

A public device-server firmware banner should drive an upgrade, not a crash test.

Ler o holofote

crítico· CWE-78

Injeção de comando do SO

Quando a entrada do usuário vira parte de um comando shell, o shell executa o que o atacante escrever.

Ler o holofote

crítico· CWE-306

rclone RC Authentication Exposure

A public rclone Remote Control API should not answer unauthenticated fsinfo requests.

Ler o holofote

crítico· CWE-94

Injeção de Templates no Servidor (SSTI)

Se o motor de template trata a entrada do usuário como template, o servidor a trata como código.

Ler o holofote

crítico· CWE-798 / CWE-287

SiteOmat BOS Authentication Advisory

Fuel-station management software needs version and exposure review, not password guessing.

Ler o holofote

crítico· CWE-119 / CWE-121

SiteOmat CGI Buffer Overflow Advisory

Fuel-station controller CGI risk needs patch and exposure review, not exploit probes.

Ler o holofote

crítico· CWE-89

SiteOmat Login SQL Injection Advisory

Fuel-station login risk needs patch and exposure review, not authentication-bypass probes.

Ler o holofote

crítico· CWE-89

Injeção SQL

Quando a entrada do usuário vira parte de uma query, o banco deixa de ser seu.

Ler o holofote

alto· CWE-287

Defeitos no fluxo de auth

Login, signup, reset de senha — é onde a maioria dos sequestros de conta de fato acontece.

Ler o holofote

alto· CWE-918

SSRF cego (out-of-band)

Se o servidor busca URLs fornecidas pelo usuário, o usuário pode fazer ele buscar serviços internos.

Ler o holofote

alto· CWE-89

CKAN DataStore SQL Authorization Bypass

Public DataStore SQL access can turn open data APIs into private data exposure.

Ler o holofote

alto· CWE-942

Configuração errada de CORS

Access-Control-Allow-Origin permissivo mais credenciais significa que sua API é a API de todo mundo.

Ler o holofote

alto· CWE-79

XSS baseado em DOM via fragmento de URL

SPAs modernas leem location.hash e escrevem no DOM — payloads do atacante vão junto.

Ler o holofote

alto· CWE-434

Validação de upload de arquivos

Arquivos enviados por usuários são bytes arbitrários — aceitá-los como 'imagens' sem checar é pedir RCE.

Ler o holofote

alto· CWE-321

FUXA Hardcoded JWT Fallback Secret

Default token-signing secrets can turn an HMI login into a weak boundary.

Ler o holofote

alto· CWE-74 / CWE-77

GL.iNet GL-MT3000 Firmware Advisory

A router firmware match should drive an upgrade, not a command-execution test.

Ler o holofote

alto· CWE-770

Bombardeio de profundidade e bypass de batch em GraphQL

A flexibilidade do GraphQL é também sua vulnerabilidade — bombas de profundidade, alias batching, vazamentos de field-suggestion.

Ler o holofote

alto· CWE-444

HTTP Request Smuggling

Proxy front e backend discordam de onde uma requisição termina — o atacante cavalga a costura.

Ler o holofote

alto· CWE-639

IDOR / BOLA

Se sua API confia no cliente pra mandar o ID certo, o cliente pode mandar qualquer ID.

Ler o holofote

alto· CWE-200

IIS TRACK Method Information Disclosure

Legacy HTTP method echo behavior should be disabled before it can expose request headers.

Ler o holofote

alto· CWE-264

Liferay Portal Template RCE Advisory

Legacy Liferay Portal version evidence should trigger patch verification.

Ler o holofote

alto· CWE-77

Injeção de prompt em LLM

Se sua feature de IA confia na entrada do usuário como instrução, o usuário pode reescrever o prompt do sistema.

Ler o holofote

alto· CWE-943

Injeção de operadores NoSQL

Operadores estilo MongoDB em JSON controlado pelo usuário transformam sua query num wildcard.

Ler o holofote

alto· CWE-79

Cross-Site Scripting Refletido (XSS)

O sequestro silencioso: quando um único parâmetro não sanitizado executa código do atacante nos navegadores dos seus usuários.

Ler o holofote

alto· CWE-307

Rockwell MicroLogix 1100 Authentication Advisory

Firmware evidence should drive an update and exposure review, not password-guessing tests.

Ler o holofote

alto· CWE-611

Entidade Externa XML (XXE)

Se seu parser XML resolve entidades externas, seu servidor lê arquivos pro atacante.

Ler o holofote

alto· CWE-200

ZoneMinder Directory Listing Exposure

A camera management UI should not publish its web root index.

Ler o holofote

médio· CWE-203

Enumeração de contas

Se seu login responde diferente quando o e-mail existe, atacantes podem montar uma lista de clientes.

Ler o holofote

médio

Checking gemini-mcp-tool for CVE-2026-0755

Checking gemini-mcp-tool for CVE-2026-0755

Ler o holofote

médio

Checking Label Studio upload-example XSS exposure

Checking Label Studio upload-example XSS exposure

Ler o holofote

médio

Checking Langflow version exposure for CVE-2026-33017

Checking Langflow version exposure for CVE-2026-33017

Ler o holofote

médio

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Checking PowerLogic EGX exposure for CVE-2021-22765/CVE-2021-22767/CVE-2021-22768

Ler o holofote

médio

Checking TLS endpoints for RC4 support

Checking TLS endpoints for RC4 support

Ler o holofote

médio

Checking TLS endpoints for Sweet32 DES/3DES support

Checking TLS endpoints for Sweet32 DES/3DES support

Ler o holofote

médio

Confirming Glances REST API unauthenticated exposure

Confirming Glances REST API unauthenticated exposure

Ler o holofote

médio

Confirming Next.js middleware bypass exposure

Confirming Next.js middleware bypass exposure

Ler o holofote

médio

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Confirming SillyTavern SearXNG external-fetch SSRF exposure

Ler o holofote

médio

Confirming TMT Lockcell login SQL injection exposure

Confirming TMT Lockcell login SQL injection exposure

Ler o holofote

médio· CWE-113

CRLF / Divisão de resposta

Se a entrada do usuário cair num header de resposta, quebras de linha permitem ao atacante escrever os próprios headers.

Ler o holofote

médio· CWE-352

Proteção CSRF

Se seus endpoints que mudam estado não exigem token CSRF, sites de terceiros podem agir como seus usuários.

Ler o holofote

médio· CWE-307

Falta de rate limiting

Sem rate limits em endpoints de auth, o atacante pode fazer credential stuffing na velocidade da linha.

Ler o holofote

médio· CWE-693

Next.js Header Configuration Drift

Headers set on `/` do not always protect nested routes.

Ler o holofote

médio· CWE-601

Open Redirect

Seu /redirect?url=… que não valida o destino é um kit de phishing.

Ler o holofote

médio· CWE-79

SPIP valider_xml XSS Exposure

A legacy SPIP utility page should not reflect URL input into HTML.

Ler o holofote

07 / 07

Código fonte

crítico· CWE-1321

deephas Prototype-Pollution Advisory

A vulnerable deephas dependency can put deep-path object handling on a prototype-pollution path.

Ler o holofote

crítico· CWE-89

Ghost Content API SQL Injection Advisory

A vulnerable Ghost dependency can put public content APIs on the database boundary.

Ler o holofote

crítico· CWE-78

LibreNMS Command Injection Advisory

A vulnerable monitoring stack can become an execution path inside the network.

Ler o holofote

crítico· CWE-89

LiteLLM SQL Injection Advisory

A vulnerable LiteLLM Proxy version can turn API-key verification into database exposure.

Ler o holofote

crítico· CWE-94

NLTK Zip Slip Code Execution Advisory

A vulnerable NLTK downloader can turn compromised package archives into filesystem writes and code-execution risk.

Ler o holofote

crítico· CWE-78

openDCIM Command Injection Source Advisory

A database-controlled Graphviz path should not become a shell command.

Ler o holofote

crítico· CWE-506

TanStack ArkType Adapter Malware Advisory

Known malicious npm package versions can put CI and developer secrets at install-time risk.

Ler o holofote

crítico· CWE-913

vm2 Sandbox Breakout Advisory

A vulnerable JavaScript sandbox dependency can put untrusted-code boundaries at risk.

Ler o holofote

alto· CWE-404

Apache Tomcat Coyote Resource-Shutdown Advisory

An affected Tomcat HTTP/2 runtime can turn reset behavior into resource exhaustion.

Ler o holofote

alto· CWE-311

Apache Tomcat EncryptInterceptor Advisory

Exact affected Tomcat releases need an upgrade before cluster encryption assumptions are trusted.

Ler o holofote

alto· CWE-200

Apache Tomcat h2c Request Mix-Up Advisory

Affected Tomcat h2c handling can put request data on the wrong response path.

Ler o holofote

alto· CWE-502

Apache Tomcat Session-Persistence Advisory

Affected Tomcat runtimes become riskier when FileStore session persistence is enabled.

Ler o holofote

alto· CWE-798

Committed AI-Generated Secrets

AI snippets should not ship provider keys into git.

Ler o holofote

alto· CWE-506

Compromised codfish GitHub Action

Release workflows should not keep pointing at compromised Action refs.

Ler o holofote

alto· CWE-77

electerm Install-Script Command Injection Advisory

A vulnerable terminal-client dependency can put build or developer hosts at install-time risk.

Ler o holofote

alto· CWE-78 / CWE-306

electerm Unauthorized Command Execution Advisory

A stale electerm package can matter when the vulnerable service is packaged and running.

Ler o holofote

alto· CWE-22

Gogs Directory Traversal Dependency Advisory

An affected Gogs runtime can put file-upload path handling on a traversal boundary.

Ler o holofote

alto· CWE-22

Gradio Windows Python Path Traversal Advisory

A vulnerable Gradio dependency becomes a stronger signal when repo config points to Windows with Python 3.13+.

Ler o holofote

alto· CWE-120

Mbed TLS Buffer-Overflow Advisory

Affected Mbed TLS 3.x source evidence deserves an upgrade, not exploit reproduction.

Ler o holofote

alto· CWE-415

Mbed TLS Double-Free Advisory

Legacy Mbed TLS version evidence deserves branch-aware remediation.

Ler o holofote

alto· CWE-457

Microsoft ATL MS09-035 Source Advisory

Legacy ATL build metadata deserves rebuild proof, not exploit reproduction.

Ler o holofote

alto· CWE-611

OpenCms XXE Information-Disclosure Advisory

A vulnerable OpenCms dependency can put XML-processing routes on a file-read boundary.

Ler o holofote

alto· CWE-787

OpenSSL CMS Message-Parsing Advisory

Affected OpenSSL branch evidence deserves a branch-aware runtime upgrade.

Ler o holofote

alto· CWE-754

PDF.js JavaScript Execution Advisory

A vulnerable PDF viewer can turn a malicious document into script execution.

Ler o holofote

alto· CWE-755

PickleScan ZIP CRC Bypass Advisory

A vulnerable PickleScan dependency can miss malicious model archives when scans fail open.

Ler o holofote

alto· CWE-78

pyLoad /flashgot RCE Advisory

A vulnerable pyLoad dependency is patch-triage evidence, not proof of live RCE.

Ler o holofote

alto· CWE-94

Padrões de código fonte arriscados

eval(), dangerouslySetInnerHTML, segredos hard-coded — os padrões que o SAST pega há 25 anos.

Ler o holofote

alto· CWE-22

SaltStack Salt Directory Traversal Advisory

A vulnerable Salt package can weaken Salt master authentication boundaries.

Ler o holofote

alto· CWE-78

SAP Cloud SDK for AI Python Advisory

A vulnerable SAP Python SDK dependency is patch-triage evidence, not proof of live command execution.

Ler o holofote

alto· CWE-770

Spring Data Commons Resource-Exhaustion Advisory

Affected Spring Data Commons dependencies can put property-path parsing on a DoS path.

Ler o holofote

alto· CWE-284

Supabase RLS in Migrations

A public table without RLS is a future data leak.

Ler o holofote

alto· CWE-91

veraPDF XSLT Injection Dependency Advisory

Affected veraPDF policy-file processing can put XSLT execution boundaries at risk.

Ler o holofote

alto· CWE-1395

Dependências vulneráveis

Seu package-lock.json inclui milhares de pacotes. Alguns têm CVEs conhecidos.

Ler o holofote

alto· CWE-345

Verificação de assinatura de webhook

Se seu handler de webhook não verifica a assinatura, qualquer um pode forjar eventos.

Ler o holofote

alto· CWE-476

ws Excessive-Header DoS Advisory

Affected ws server runtimes can crash when upgrade requests carry too many headers.

Ler o holofote

médio· CWE-693

AI-Generated Code Guardrails

Fast AI-assisted changes need repo-level security rails.

Ler o holofote

médio

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Checking @andrei-tatar/nora-firebase-common for CVE-2024-30564

Ler o holofote

médio

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Checking Apache ActiveMQ Artemis for CVE-2026-27446

Ler o holofote

médio

Checking Apache Spark for CVE-2022-33891

Checking Apache Spark for CVE-2022-33891

Ler o holofote

médio

Checking Cargo files for the malicious onering crate

Checking Cargo files for the malicious onering crate

Ler o holofote

médio

Checking http4k-format-xml for CVE-2024-55875

Checking http4k-format-xml for CVE-2024-55875

Ler o holofote

médio

Checking kill-port-process for CVE-2019-15609

Checking kill-port-process for CVE-2019-15609

Ler o holofote

médio

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Checking Log4j 1.2 JMSAppender for CVE-2021-4104

Ler o holofote

médio

Checking Note Mark backend for CVE-2026-44522

Checking Note Mark backend for CVE-2026-44522

Ler o holofote

médio

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Checking npm package versions and binding.gyp for the Phantom Gyp worm

Ler o holofote

médio

Checking OpenSSL PowerPC builds for CVE-2023-6129

Checking OpenSSL PowerPC builds for CVE-2023-6129

Ler o holofote

médio

Checking Perl GD for CVE-2026-11526

Checking Perl GD for CVE-2026-11526

Ler o holofote

médio

Checking Red Hat npm package versions for the worm campaign

Checking Red Hat npm package versions for the worm campaign

Ler o holofote

médio

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Checking WebdriverIO BrowserStack service for CVE-2026-25244

Ler o holofote

médio· CWE-283

Kubernetes Service ExternalIPs Advisory

ExternalIPs in Service manifests deserve RBAC and admission-policy review.

Ler o holofote

médio· CWE-295

Mbed TLS Certificate-Validation Advisory

Affected Mbed TLS 3.x evidence deserves upgrade and client-auth review.

Ler o holofote

médio· CWE-1325

OpenSSL TLSv1.3 Session Memory-Growth Advisory

A vulnerable OpenSSL runtime plus no-ticket TLSv1.3 session handling can create DoS risk.

Ler o holofote

médio· CWE-400

Oracle Java SE / GraalVM Runtime Advisory

Affected Oracle runtime metadata deserves an update, not DoS reproduction.

Ler o holofote

médio· CWE-1357

Higiene de segurança do repositório

Proteção de branch, action pinning, higiene de segredos — como seu repo é tocado importa mais que o código.

Ler o holofote

médio

Reviewing repo code against web app risk patterns

Reviewing repo code against web app risk patterns

Ler o holofote

Continuamos pesquisando as vulnerabilidades, checks e fixes mais recentes para você publicar com tranquilidade.

Rodar um scan
Catálogo de vulnerabilidades — FixVibe · FixVibe