Package impact
npm / dbgate-web
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-6216 | low | 3.5 | 3.5 | 1mo ago | DbGate has cross site scripting via the SVG Icon String Handler component | |
| CVE-2026-34725 | unknown | — | — | 2mo ago | dbgate-web: Stored XSS in applicationIcon leads to potential RCE in Electron due to unsafe renderer configuration |