4389 matches found
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @any-code/agent (>=0.0.1 <=0.0.16) +125 more potentially affected by CVE-2026-22817 via hono (>=4.0.0 <=4.11.3)
hono NPM version =4.0.0, =0.1.8-fix.3, =0.0.1, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =1.0.2, =1.0.0, =4.0.0-alpha.28, =0.4.6, =1.1.54, =1.1.54, =1.1.55 and more Source cves: CVE-2026-22817 Source advisory: SNYK:JS-HONO-14927374...
n8n Workflow Expression Remote Code Execution
This module exploits a critical remote code execution vulnerability CVE-2025-68613 in the n8n workflow automation platform. The vulnerability exists in the workflow expression evaluation system where user-supplied expressions enclosed in are evaluated in an execution context that is not...
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior due to a flaw in error handling when asynchooks or AsyncLocalStorage is enabled. Normally, a "Maximum call stack size exceeded" error stack overflow is catchable by...
PT-2026-3317
Name of the Vulnerable Software and Affected Versions Node.js version 25 Description A flaw in the permission model allows Unix Domain Socket UDS connections to bypass network restrictions when --permission is enabled. Even without --allow-net, attacker-controlled inputs, such as URLs or socketPa...
MiracleLinux 8 : nodejs:18 (AXSA:2025-9678:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9678:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 Tenable h...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9681:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9681:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...
MiracleLinux 8 : nodejs:20 (AXSA:2025-9674:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9674:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...
MiracleLinux 8 : nodejs:20 (AXSA:2025-9918:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9918:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 Tenable has extracted the preceding description block directly from the MiracleLinux securi...
MiracleLinux 9 : nodejs:22 (AXSA:2025-10526:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10526:01 advisory. nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 9 : nodejs:20 (AXSA:2025-9682:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9682:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...
MiracleLinux 9 : nodejs:18 (AXSA:2025-9685:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9685:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: GOAWAY HTTP/2 frames cause memory leak outside heap CVE-2025-23085 Tenable h...
MiracleLinux 8 : nodejs:22 (AXSA:2025-10653:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10653:01 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 8 : nodejs:22 (AXSA:2025-9926:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9926:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the precedi...
MiracleLinux 9 : nodejs:22 (AXSA:2025-9686:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9686:01 advisory. undici: Undici Uses Insufficiently Random Values CVE-2025-22150 nodejs: Node.js Worker Thread Exposure via Diagnostics Channel CVE-2025-23083 nodejs...
MiracleLinux 9 : nodejs:22 (AXSA:2025-10673:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10673:01 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 9 : nodejs:20 (AXSA:2025-10523:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10523:01 advisory. nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 8 : nodejs:20 (AXSA:2025-10000:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10000:01 advisory. nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 8 : nodejs:22 (AXSA:2025-10001:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10001:01 advisory. nodejs: Remote Crash via SignTraits::DeriveBits in Node.js CVE-2025-23166 Tenable has extracted the preceding description block directly from the MiracleLin...
MiracleLinux 9 : nodejs:22 (AXSA:2025-10479:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10479:01 advisory. c-ares: c-ares has a use-after-free in readanswers CVE-2025-31498 SQLite: integer overflow in SQLite CVE-2025-3277 Tenable has extracted the...
CVE-2023-40340
Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask i.e., replace with asterisks credentials specified in the Npm config file in Pipeline build logs...