11092 matches found
NPM: Turbo: Unexpected local code execution during Yarn Berry detection
NPM: Turbo: Unexpected local code execution during Yarn Berry detection vulnerability discovered by ? in WordPress Npm turbo versions = 1.1.0, 2.9.14...
[SECURITY] Fedora 43 Update: perl-Net-CIDR-Lite-0.24-1.fc43
Faster alternative to Net::CIDR when merging a large number of CIDR address ranges. Works for IPv4 and IPv6 addresses...
CVE-2026-45442
Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a through 4.1.3...
PT-2026-42044
Name of the Vulnerable Software and Affected Versions dasel versions 3.0.0 through 3.3.1 Description The selector lexer contains a flaw that causes a process crash via a Go runtime panic when tokenizing a quoted string that ends with a trailing backslash. This occurs because the escape sequence...
VulnCheck KEV: CVE-2025-62481
Vulnerability in the Oracle Marketing product of Oracle E-Business Suite component: Marketing Administration. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Marketing...
PT-2026-41761
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The download agent fil...
Drupal core 跨站脚本漏洞
Drupal Core is a free, open-source content management system developed in PHP by the Drupal community. Drupal Core has a cross-site scripting vulnerability, which stems from improper input during the web page generation process, potentially leading to cross-site scripting attacks. The following...
CVE-2026-30950 AutoGPT has Authenticated Session Hijacking via IDOR
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated Session Hijacking via IDOR. If an authenticated attacker can determine the sessionid of another user's session,...
1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +314 more potentially affected by unknown CVE via @antv/g-math (>=3.0.0 <=3.1.0)
@antv/g-math NPM version =3.0.0, =1.7.1, =1.0.0, =1.1.43, =5.0.48, =1.0.1, =1.0.4, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =2.0.0, =0.5.6, =6.0.0, =6.3.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGMATH-16754933...
@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @agentlab/ldkg-ui-charts (>=0.1.4 <=0.1.7) +172 more potentially affected by unknown CVE via @antv/xflow-hook (>=1.0.0 <=1.1.52)
@antv/xflow-hook NPM version =1.0.0, =0.1.1, =0.1.4, =1.1.15, =0.1.0, =1.3.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.0.0, =1.0.0, =1.0.0, =0.2.0, =0.2.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVXFLOWHOOK-16754908...
1g6table (=0.1.0), 7qb (=0.0.17) +1363 more potentially affected by unknown CVE via @antv/matrix-util (>=3.0.4 <=3.1.0-beta.3)
@antv/matrix-util NPM version =3.0.4, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =0.9.1, =1.0.0, =0.2.0, =1.1.15, =1.0.4, =2.1.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVMATRIXUTIL-16754473...
4house-libts-places-autocomplete (=1.0.0), @77sol-ui/atoms (>=5.1.0 <=5.4.0) +278 more potentially affected by unknown CVE via jest-canvas-mock (>=2.0.0-beta.1 <=2.5.2)
jest-canvas-mock NPM version =2.0.0-beta.1, =5.1.0, =1.0.1, =1.0.0, =1.0.0, =0.0.0, =0.0.1-react-native, =2.1.0-alpha.0, =2.1.0-alpha.0, =2.1.0-alpha.0, =2.1.0-alpha.250, =2.1.0-alpha.250, =0.0.5, =0.0.6, =0.3.113, =0.5.0 and more Source cves: unknown CVE Source advisory:...
1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +312 more potentially affected by unknown CVE via @antv/g-lite (>=2.0.0 <=2.7.0)
@antv/g-lite NPM version =2.0.0, =1.7.1, =1.0.0, =1.1.43, =5.0.48, =1.0.1, =1.0.4, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =2.0.0, =0.5.6, =6.0.0, =6.3.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGLITE-16755025...
base-flow (=1.0.6), cmp-graph (>=0.0.1 <=0.0.5) +11 more potentially affected by unknown CVE via @antv/g6-editor (>=1.0.8 <=1.2.0)
@antv/g6-editor NPM version =1.0.8, =0.0.1, =1.0.13, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.1.0, =0.0.2, =0.2.5, =0.2.6 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVG6EDITOR-16755097...
@antv/g6 (>=4.1.0 <=4.1.16), @antv/g6-pc (>=0.0.1 <=0.1.3) +5 more potentially affected by unknown CVE via @antv/g6-element (>=0.0.1 <=0.0.9)
@antv/g6-element NPM version =0.0.1, =4.1.0, =0.0.1, =2.0.0, =2.0.6, =0.0.1, =0.0.1, =0.0.3 - motif-jupyter =0.0.1-beta.5 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVG6ELEMENT-16754863...
1g6table (=0.1.0), 7qb (=0.0.17) +1705 more potentially affected by unknown CVE via @antv/hierarchy (>=0.1.2 <=0.7.1)
@antv/hierarchy NPM version =0.1.2, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.1.43, =5.0.48, =0.1.0, =0.5.0-alpha.0, =0.5.1-alpha.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVHIERARCHY-16755057...
@antv/g-canvas (>=2.0.0 <=2.0.52), @antv/g-canvaskit (>=1.0.0 <=1.0.51) +7 more potentially affected by unknown CVE via @antv/g-plugin-canvas-renderer (>=2.0.0 <=2.5.1)
@antv/g-plugin-canvas-renderer NPM version =2.0.0, =2.0.0, =1.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.58 - @antv/g6 =5.0.46 - @antv/s2 =2.4.12-alpha.1 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGPLUGINCANVASRENDERER-16754430...
@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +4 more potentially affected by unknown CVE via ast-plugin (>=0.0.1 <=0.0.7)
ast-plugin NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-ASTPLUGIN-16754893...
@antv/g-canvas (>=2.0.0 <=2.0.52), @antv/g-canvaskit (>=1.0.0 <=1.0.51) +11 more potentially affected by unknown CVE via @antv/g-plugin-dom-interaction (>=2.0.0 <=2.1.9)
@antv/g-plugin-dom-interaction NPM version =2.0.0, =2.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.56 - @antv/g6 =5.0.46 - @antv/g6-extension-3d =0.1.20 - @antv/s2 =2.4.12-alpha.1 Source cves: unknown CVE Source advisory:...
ai-plays-jackbox (>=0.0.1 <=0.3.2), air-link (>=0.0.0 <=0.5.0) +74 more potentially affected by CVE-2026-45553 via nicegui (>=0.9.11 <=3.10.0)
nicegui PYPI version =0.9.11, =0.0.1, =0.0.0, =0.1.0, =1.1.3, =1.9.5, =0.3.0, =0.0.1, =0.6.7, =1.0.0, =1.2.0, =1.23.0 and more Source cves: CVE-2026-45553 Source advisory: OSV:GHSA-JFRM-RX66-G536...