dbgate-api
npm2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting dbgate-apipage 1 of 1
- CVE-2026-47670CRITICALCVSS 0.0EG 0.0✓ Fixed in 7.1.92026-06-05
Authenticated Remote Code Execution via loadReader functionName code injection in DbGate ### Summary DbGate is vulnerable to authenticated Remote Code Execution (RCE). Any user with valid DbGate credentials can execute arbitrary OS comma…
- CVE-2026-48017HIGHCVSS 8.8EG 8.8✓ Fixed in 7.1.92026-06-05
DbGate is cross-platform database manager. In versions 7.1.8 and prior, the POST /runners/load-reader endpoint in DbGate accepts a functionName parameter that is directly interpolated into a JavaScript code template without any sanitizatio…
Check whether dbgate-api is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for dbgate-api CVEs against the assets you own.
Start Free Scan →