Package impact
COMPOSER / snipe/snipe-it
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-37709 | critical | 9.8 | 9.8 | 20d ago | Snipe-IT has insecure permissions in file uploads | |||
| CVE-2026-44831 | medium | 5.4 | 5.4 | 20d ago | Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0) |