11703 matches found
Malicious code in cdktn-provider-datadog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ce930466b101c48ae641d7e4ad57f3d5169b9f14b1e041e4264e75cbfd965b Package name cdktn-provider-datadog is a single-character variant f→n of HashiCorp's widely-used cdktf-provider-datadog CDKTF provider. README and...
@afd-software/angular-ng-autocomplete (=14.0.0), @angularexpert/my-workspace (=0.0.0) +146 more potentially affected by CVE-2026-46417 via @angular/platform-server (>=0.0.0-0 <=18.2.14)
@angular/platform-server NPM version =0.0.0-0, =5.0.0, =1.0.0, =0.0.1, =2.0.0, =0.0.6, =19.3.0, =1.5.0, =1.4.1, =1.5.2 - @nani-creative-labs/app-builder =1.0.0 - @nger/angular =1.0.3 and more Source cves: CVE-2026-46417 Source advisory: OSV:GHSA-RFH7-FXQC-Q52V...
alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +87 more potentially affected by CVE-2026-46374 via sqlfluff (>=0.11.2 <=4.1.0)
sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.3.8, =1.1.5, =0.1.5, =0.1.2, =0.1.0, =0.1.2, =0.0.0, =0.2.0, =0.0.1, =0.1.0, =0.5.9 and more Source cves: CVE-2026-46374 Source advisory: OSV:GHSA-73JC-5MRQ-PRW7...
alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +48 more potentially affected by CVE-2026-46373 via sqlfluff (>=0.11.2 <=4.0.4a1)
sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.4.6, =1.1.5, =0.1.2, =0.1.2, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.4.0, =0.1.0, =0.19.1a7, =1.3.3, =1.10.0 and more Source cves: CVE-2026-46373 Source advisory: OSV:GHSA-WMHF-FQC8-VXHH...
@cooperco/nuxt-layer-quasar (=1.0.5), @imaginario27/air-ui-utils (>=1.0.4 <=1.0.7) +7 more potentially affected by CVE-2026-46342 via nuxt (>=4.0.0-rc.0 <=4.2.0)
nuxt NPM version =4.0.0-rc.0, =1.0.4, =0.0.1, =1.0.0, =1.1.0, =0.5.0, =0.1.8, =0.1.15 Source cves: CVE-2026-46342 Source advisory: OSV:GHSA-G8WJ-3CR3-6W7V...
IMAPServer (=0.2.0), IMAPServer-cli (=0.1.0) +368 more potentially affected by unknown CVE via diesel (>=0.10.1 <=2.3.4)
diesel CARGO version =0.10.1, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.4, =0.1.11, =0.1.0, =0.5.0, =0.1.0, =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-M9P2-FXP5-V3FP...
@0l00000l/auth (>=1.0.0 <=1.0.8), @0xchain/telemetry (>=1.1.0-beta.8 <=1.1.0-beta.18) +991 more potentially affected by CVE-2026-45740 via protobufjs (>=8.0.0 <=8.0.3)
protobufjs NPM version =8.0.0, =1.0.0, =1.1.0-beta.8, =0.8.0, =1.0.0, =1.1.4, =2.1.4, =0.3.1, =0.3.1, =0.7.1, =0.9.0 - @access-mcp/software-discovery =0.8.0 and more Source cves: CVE-2026-45740 Source advisory: OSV:GHSA-JGGG-4JG4-V7C6...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by unknown CVE via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2VX9-7WPG-88JQ...
@agentionai/agents (>=0.11.0 <=0.12.0-beta), @andreafspeziale/nestjs-search (>=2.0.0 <=2.0.1) +83 more potentially affected by unknown CVE via @opensearch-project/opensearch (>=3.2.0 <=3.6.0)
@opensearch-project/opensearch NPM version =3.2.0, =0.11.0, =2.0.0, =1.8.0, =3.0.17, =1.0.84, =0.1.0, =1.0.1, =0.1.0, =0.1.0, =0.0.0, =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-27F5-XJRR-Q9FF...
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @dragonforce2010/openclaw-cn (>=0.1.7 <=0.1.7-fix7) +6 more potentially affected by unknown CVE via @openclaw-cn/libsignal (=2.0.1)
@openclaw-cn/libsignal NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @openclaw-cn/libsignal and may be impacted: - @3onedata/alsatian =0.1.8-fix.3, =0.1.7, =0.1.8-fix.3, =0.1.4, =0.1.0, =0.1.7, =2026.2.28, =2026.2.29 Source cves:...
@antv/gi-assets-advance (>=1.0.0 <=2.5.22), @antv/gi-assets-basic (>=1.0.0 <=2.4.40) +15 more potentially affected by unknown CVE via @antv/graphin-icons (=1.0.0)
@antv/graphin-icons NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/graphin-icons and may be impacted: - @antv/gi-assets-advance =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.0.4, =0.0.1, =0.1.0, =1.0.4, =1.0.11, =0.2.6-beta.4,...
@antelopecloud/components (>=0.3.0 <=0.5.12), @baoxi/viser (=2.5.1) +327 more potentially affected by unknown CVE via @antv/g2-plugin-slider (>=2.0.0 <=2.1.1)
@antv/g2-plugin-slider NPM version =2.0.0, =0.3.0, =2.5.1, =2.6.0 - @bizcharts/area-percentage =0.0.2 - @bizcharts/area-range =0.0.2 - @bizcharts/area-stacked =0.0.2 - @bizcharts/area-with-negative =0.0.2 - @bizcharts/bar-basic =0.0.2 - @bizcharts/bar-basic-column =0.0.2 -...
@antv/graphin-graphscope (>=0.0.1 <=1.0.5), @graph-analysis/grapher-2d (>=0.0.1 <=0.0.2-beta.11) +22 more potentially affected by unknown CVE via @antv/graphin-components (>=2.0.0-beta.1 <=2.4.1)
@antv/graphin-components NPM version =2.0.0-beta.1, =0.0.1, =0.0.1, =0.9.42, =0.9.42, =0.9.42, =0.9.42, =0.10.5, =0.9.42, =0.9.42, =0.9.42, =0.9.42, =0.9.42, =0.9.42, =0.9.42, =0.11.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4023...
@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @agentlab/ldkg-ui-charts (>=0.1.4 <=0.1.7) +249 more potentially affected by unknown CVE via @antv/l7-renderer (>=2.10.0 <=2.25.4)
@antv/l7-renderer NPM version =2.10.0, =0.1.1, =0.1.4, =1.1.15, =0.1.0, =1.0.17-beta.1, =0.0.1-beta.2, =1.2.0-beta.0, =0.0.2, =0.0.2, =1.0.1, =0.0.2, =0.0.1, =0.0.4 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4049...
@antv/li-analysis-assets (>=1.0.0 <=1.9.1), @antv/li-core-assets (>=1.0.0 <=1.3.7) +3 more potentially affected by unknown CVE via @antv/li-sdk (=1.5.1)
@antv/li-sdk NPM version =1.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/li-sdk and may be impacted: - @antv/li-analysis-assets =1.0.0, =1.0.0, =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4065...
@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/ava (>=3.0.0 <=3.6.0-alpha.0) +18 more potentially affected by unknown CVE via @antv/color-schema (=0.2.3)
@antv/color-schema NPM version =0.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/color-schema and may be impacted: - @antv/auto-chart =2.0.0, =3.0.0, =3.0.0, =2.0.0, =5.1.5, =0.1.0, =2.0.4, =0.1.7, =1.0.0, =3.4.1-formant, =3.3.2-formant,...
@antv/xflow (>=2.0.1 <=2.2.4), @antv/xflow-diff (=1.0.0) +42 more potentially affected by unknown CVE via @antv/x6-plugin-export (=2.1.6)
@antv/x6-plugin-export NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6-plugin-export and may be impacted: - @antv/xflow =2.0.1, =0.0.1, =0.0.1, =0.0.3, =0.6.1, =0.1.27, =0.1.1, =0.0.4, =2.0.4, =0.0.27, =3.0.0, =0.0.3, =0.3.2...
@antv/g2 (>=3.2.0 <=3.2.8-beta.6), @bizcharts/other-datamarker_dataregion (>=0.0.1 <=0.1.4) +22 more potentially affected by unknown CVE via @antv/interaction (>=0.0.8 <=0.1.5)
@antv/interaction NPM version =0.0.8, =3.2.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =1.0.0, =1.0.4, =0.1.8, =1.0.4, =1.0.4, =0.1.4, =0.1.14, =0.1.5, =1.0.5, =3.0.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4030...
@ant-design/pro-editor (>=0.1.0 <=0.39.0), @antv/chart-advisor (>=1.0.0 <=1.1.7) +6 more potentially affected by unknown CVE via @antv/dw-random (=1.1.7)
@antv/dw-random NPM version =1.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/dw-random and may be impacted: - @ant-design/pro-editor =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.3.0-b2, =0.1.1-beta.1, =0.2.0-beta.1 Source cves: unknown CVE Source...
@drop-in-gaming/core (=0.1.7), demo-message (=1.0.0) +16 more potentially affected by unknown CVE via canvas-nest.js (>=2.0.3 <=2.0.4)
canvas-nest.js NPM version =2.0.3, =1.0.3, =1.0.0, =1.0.0, =1.0.18, =0.6.32, =0.4.17, =0.0.1, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4131...