Package impact
npm / dbgate-web
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-6216 | low | 3.5 | 3.5 | 2mo ago | DbGate has cross site scripting via the SVG Icon String Handler component | |||
| CVE-2026-34725 | unknown | — | — | 2mo ago | dbgate-web: Stored XSS in applicationIcon leads to potential RCE in Electron due to unsafe renderer configuration |