Toolkit
This hub aggregates every CVE we track for Toolkit, a product in the devtools ci space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH3LOW1
Monthly trend
0
0
1
0
0
1
0
0
0
0
0
1
0
0
1
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Toolkit.
- CVE-2025-9267In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their...6.5
- CVE-2025-5890actions toolkit glob internal-pattern.ts globEscape redos4.3
- CVE-2024-7701Misuse of SHA256 to create an encryption key7.5
- CVE-2024-42471Arbitrary File Write via artifact extraction in actions/artifact7.3
- CVE-2022-35954Delimiter injection vulnerability in @actions/core exportVariable5.0
- CVE-2020-15228Environment Variable Injection in GitHub Actions3.5
- CVE-2015-1027The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server respon...5.9
- CVE-2014-2029The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP ...8.1
Product normalization is registry-driven with AI assist and human review. How it works