477 matches found
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0726react (=0.1.1) +28795 more potentially affected by CVE-2026-9277 via shell-quote (>=1.3.3 <=1.8.3)
shell-quote NPM version =1.3.3, =1.0.1, =1.1.0 - 0726react =0.1.1 - 0x0.icu.anima =0.1.0 - 0xcorde-pac =1.0.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...
bsign-ui (>=0.0.3 <=0.0.5), gc-nimbus-ui (>=3.0.0 <=3.0.12) potentially affected by CVE-2026-47759 via tinymce (>=8.0.2 <=8.2.2)
tinymce NPM version =8.0.2, =0.0.3, =3.0.0, =3.0.12 Source cves: CVE-2026-47759 Source advisory: OSV:GHSA-Q742-QVGC-GC2F...
@0xshogun/sdk (>=1.0.3 <=1.1.6), @1771technologies/oneplay (>=0.0.1 <=0.0.6) +912 more potentially affected by CVE-2026-47429 via vitest (>=3.0.2 <=3.2.4)
vitest NPM version =3.0.2, =1.0.3, =0.0.1, =0.2.4, =0.8.0, =0.12.0, =3.0.0, =0.14.0, =5.8.5, =4.10.0, =1.0.0, =1.1.0 and more Source cves: CVE-2026-47429 Source advisory: SNYK:JS-VITEST-17120326...
a2a-sigstore (=0.4.0), aiogithubapi (>=23.9.0 <=23.11.0) +68 more potentially affected by unknown CVE via tuf (>=1.0.0 <=6.0.0)
tuf PYPI version =1.0.0, =23.9.0, =0.2.0, =0.14.0, =0.0.1, =0.1.0, =0.1.9, =0.1.9, =0.1.9, =0.1.20 - floe-catalog-glue =0.1.0a1 - floe-catalog-polaris =0.1.0a1 - floe-compute-duckdb =0.1.0a1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-QP9X-WP8F-QGJJ...
@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46695 via @boxlite-ai/boxlite (=0.8.2)
@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46695 Source advisory: OSV:GHSA-G6WW-W5J2-R7X3...
@bloggrify/bento (>=3.0.0 <=3.0.1), @bloggrify/core (>=3.0.0 <=3.1.2) +22 more potentially affected by CVE-2026-45669 via nuxt (>=4.0.0-rc.0 <=4.4.4)
nuxt NPM version =4.0.0-rc.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.3, =10.0.2, =1.1.11, =1.0.4, =0.4.5, =0.0.0, =0.0.1, =1.0.0, =1.1.0, =2.0.1 and more Source cves: CVE-2026-45669 Source advisory: OSV:GHSA-FX6J-W5W5-H468...
1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +261 more potentially affected by unknown CVE via @antv/g-canvas (>=2.0.0 <=2.2.0)
@antv/g-canvas NPM version =2.0.0, =1.7.1, =1.0.0, =1.1.43, =5.0.48, =1.0.1, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =1.1.0, =1.1.0, =2.0.0, =2.1.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGCANVAS-16754493...
1byte-react-design (>=1.7.1 <=1.14.0), @2nova/wu-ui (>=1.1.0 <=1.3.12) +1769 more potentially affected by unknown CVE via @antv/coord (>=0.0.3 <=0.4.7)
@antv/coord NPM version =0.0.3, =1.7.1, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.0.1, =0.1.0, =0.5.0-alpha.0, =0.1.0, =0.5.0-alpha.0, =0.5.0-alpha.0, =0.1.0, =0.5.0-alpha.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVCOORD-16754904...
5htp-airtable (>=0.0.1 <=0.1.2-3), @a-cube-io/ereceipts-js-sdk (=1.1.0) +146 more potentially affected by CVE-2025-57282 via ngrok (=5.0.0-beta.2)
ngrok NPM version =5.0.0-beta.2 is affected by a known vulnerability. The following packages have a transitive dependency on ngrok and may be impacted: - 5htp-airtable =0.0.1, =1.0.0, =5.0.0, =1.0.0, =3.1.6, =1.4.4, =1.0.0, =1.3.2, =1.0.31, =1.0.0, =1.0.26, =1.0.2, =1.1.0 and more Source cves:...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +17 more potentially affected by CVE-2026-40092 via nimiq-keys (>=0.1.0 <=0.2.0)
nimiq-keys CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-40092 Source advisory: OSV:GHSA-27W2-87XV-37C6...
CVE-2025-38715
creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10...
@squawk/mcp (>=0.4.1 <=0.8.1) potentially affected by unknown CVE via @squawk/airway-data (>=0.3.3 <=0.4.2)
@squawk/airway-data NPM version =0.3.3, =0.4.1, =0.8.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRWAYDATA-16640895...
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/fixes (>=0.1.4 <=0.3.1)
@squawk/fixes NPM version =0.1.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFIXES-16640881...
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/procedures (>=0.2.4 <=0.5.1)
@squawk/procedures NPM version =0.2.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKPROCEDURES-16640885...
0perator (>=0.1.0 <=0.3.0), 0pflow (>=0.1.0 <=0.1.0-dev.f5622ac) +1462 more potentially affected by CVE-2026-44902 via @opentelemetry/auto-instrumentations-node (>=0.16.0 <=0.74.0)
@opentelemetry/auto-instrumentations-node NPM version =0.16.0, =0.1.0, =0.1.0, =0.0.1, =0.8.0, =1.0.5, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.2.0, =0.2.0, =0.0.1, =0.3.4, =0.1.0, =0.4.0, =0.4.0, =0.4.0, =5.0.1-staging.f17326334 and more Source cves: CVE-2026-44902...
voice-agent-tequity (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-44209 via banks (=2.2.0)
banks PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on banks and may be impacted: - voice-agent-tequity =0.1.0, =0.1.1 Source cves: CVE-2026-44209 Source advisory: OSV:GHSA-GPHH-9Q3H-JGPP...
aoh (>=1.0.1 <=1.1.0), beratools (=0.2.2) +25 more potentially affected by CVE-2026-8086 via gdal (>=3.0.1 <=3.12.1)
gdal PYPI version =3.0.1, =1.0.1, =0.1.1, =0.0.7, =2.0.1, =0.4.0, =0.2.92, =0.9.2, =0.10.3, =0.4.5, =2.6.0, =2.7.0 - hyp3lib =4.0.1 and more Source cves: CVE-2026-8086 Source advisory: SNYK:PYTHON-GDAL-16535527...
ai.spice:spiceai (=0.6.0), cn.isqing.icloud:icloud-common-utils (>=4.0.3-M1 <=4.0.3.1) +373 more potentially affected by CVE-2026-44248 via io.netty:netty-codec-mqtt (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-mqtt MAVEN version =4.2.0.Alpha1, =4.0.3-M1, =1.21.9, =3.4.7, =25.4.1, =26.2.1, =7.9.0, =5.1.0, =5.1.0, =6.80, =0.2.2, =0.2.4 and more Source cves: CVE-2026-44248 Source advisory: OSV:GHSA-JFG9-48MV-9QGX...
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +537 more potentially affected by CVE-2026-44456 via hono (>=0.5.10 <=4.12.15)
hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.4, =2026.4.4, =1.0.2, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =1.3.0 and more Source cves: CVE-2026-44456 Source advisory: OSV:GHSA-9VQF-7F2P-GF9V...
ldap3_cli (>=0.3.1 <=0.6.1), ldap3_client (>=0.1.0 <=0.6.1) potentially affected by unknown CVE via ldap3_proto (>=0.2.3 <=0.6.1)
ldap3proto CARGO version =0.2.3, =0.3.1, =0.1.0, =0.6.1 Source cves: unknown CVE Source advisory: OSV:GHSA-QCXQ-75WR-5CM8...