V
Vexday
by TrueHacking
›
PT
ES
EN
Overview
CVEs
Technologies
Vendors
Weakness types
Threats
Briefing
Live
Home
/
Technologies
/
vendurehq
Vulnerabilities in
vendurehq
2 results
CVE-2026-40887
CRITICAL
@vendure/core has a SQL Injection vulnerability
EPSS
1.8%
CVE-2026-25050
LOW
Vendure vulnerable to timing attack that enables user enumeration in NativeAuthenticationStrategy
EPSS
0.4%