Known Vulnerabilities for Hexpm by Hex
Listed below are 5 of the newest known vulnerabilities associated with "Hexpm" by "Hex".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-23940 | Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Publishing an oversized pac... | Not Provided | 2026-03-13 | 2026-04-06 |
| CVE-2026-23939 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in hexpm hexpm/hexpm ('Elixir.He... | Not Provided | 2026-02-26 | 2026-04-06 |
| CVE-2026-21622 | Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Accounts.PasswordReset' module) allows Acco... | Not Provided | 2026-03-05 | 2026-04-06 |
| CVE-2026-21621 | Incorrect Authorization vulnerability in hexpm hexpm/hexpm ('Elixir.HexpmWeb.API.OAuthController' module) allows Privilege Es... | Not Provided | 2026-03-05 | 2026-04-06 |
| CVE-2026-21619 | Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hex_core (hex_api modules), hexpm... | Not Provided | 2026-02-27 | 2026-04-06 |
| CVE-2026-21618 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in hexpm hexpm/hexp... | Not Provided | 2026-01-19 | 2026-04-06 |