Migration toolkit for applications
This hub aggregates every CVE we track for Migration toolkit for applications, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
32
CVEs tracked
5
Critical
19
High
1
In CISA KEV
Severity distribution
HIGH19MEDIUM7CRITICAL5LOW1
Monthly trend
0
0
0
0
1
0
0
0
0
0
0
0
1
0
0
0
0
0
0
1
2
6
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Migration toolkit for applications.
- CVE-2026-32281Inefficient policy validation in crypto/x5097.5
- CVE-2026-32280Unexpected work during chain building in crypto/x5097.5
- CVE-2026-32283Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls7.5
- CVE-2026-32288Unbounded allocation for old GNU sparse in archive/tar5.5
- CVE-2026-33810Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x5098.2
- CVE-2026-32289JsBraceDepth Context Tracking Bugs (XSS) in html/template6.1
- CVE-2026-33748BuildKit Git URL subdir component can cause access to restricted files7.5
- CVE-2026-33747BuildKit vulnerable to malicious frontend causing file escape outside of storage root8.4
- CVE-2026-27903minimatch has a ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments7.5
- CVE-2025-53547Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution8.5
- CVE-2023-4639Undertow: cookie smuggling/spoofing7.4
- CVE-2024-24790Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip9.8
- CVE-2023-6717Keycloak: xss via assertion consumer service url in saml post-binding flow6.0
- CVE-2024-1132Keycloak: path transversal in redirection validation8.1
- CVE-2023-6291Keycloak: redirect_uri validation bypass7.1
Product normalization is registry-driven with AI assist and human review. How it works