1byte-react-design (>=1.7.1 <=1.14.0), @ant-design/charts (>=2.0.3 <=2.6.7) +99 more potentially affected by unknown CVE via @antv/g2-extension-plot (>=0.1.2 <=0.2.2)

@antv/g2-extension-plot NPM version =0.1.2, =1.7.1, =2.0.3, =1.0.0, =2.0.8, =0.0.1, =0.1.0, =1.0.0, =1.0.1, =2.0.2, =1.2.0, =4.1.13, =1.0.1, =3.0.28 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3977...

nautobot-app-intent-networking (>=2.0.9 <=2.0.11), nautobot-bgp-models (>=3.0.0a1 <=3.0.0a2) +13 more potentially affected by CVE-2026-44798 via nautobot (>=3.0.0rc2 <=3.1.1)

nautobot PYPI version =3.0.0rc2, =2.0.9, =3.0.0a1, =3.0.0rc1, =4.0.0a1, =3.0.0a1, =4.0.0a1, =4.0.0a2 - nautobot-ssot =4.0.0a1 - nautobot-welcome-wizard =3.0.0a1 Source cves: CVE-2026-44798 Source advisory: SNYK:PYTHON-NAUTOBOT-16691141...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/flightplan (>=0.3.3 <=0.5.1)

@squawk/flightplan NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKFLIGHTPLAN-16640877...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2475 more potentially affected by CVE-2026-42587 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-42587 Source advisory: SNYK:JAVA-IONETTY-16438929...

armature-diesel (=0.1.0), authzen-diesel (=0.1.0-alpha.0) +12 more potentially affected by unknown CVE via diesel-async (>=0.1.1 <=0.5.2)

diesel-async CARGO version =0.1.1, =0.1.0, =0.17.0, =0.17.0, =0.17.0, =0.11.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:GHSA-FF9Q-RM55-Q7QR...

AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +3944 more potentially affected by unknown CVE via rustls-webpki (>=0.100.3 <=0.102.8)

rustls-webpki CARGO version =0.100.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0104...

@alialf/cc-switch (>=1.0.0 <=1.0.1), codex-copilot-dx (>=0.1.0 <=0.1.3) potentially affected by CVE-2026-6662 via copilot-api (=0.7.0)

copilot-api NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on copilot-api and may be impacted: - @alialf/cc-switch =1.0.0, =0.1.0, =0.1.3 Source cves: CVE-2026-6662 Source advisory: SNYK:JS-COPILOTAPI-16636640...

com.digitalpebble.stormcrawler:storm-crawler-aws (>=2.0 <=2.11), com.digitalpebble.stormcrawler:storm-crawler-core (>=2.0 <=2.11) +77 more potentially affected by CVE-2026-35337 via org.apache.storm:storm-client (>=2.0.0 <=2.8.5)

org.apache.storm:storm-client MAVEN version =2.0.0, =2.0, =2.0, =2.0, =2.0, =2.0, =2.7, =2.0, =2.0, =2.0, =2.1, =2.6.3.1, =2.4.0, =2.4.0, =2.4.0, =2.0.0, =2.8.5 and more Source cves: CVE-2026-35337 Source advisory: SNYK:JAVA-ORGAPACHESTORM-16067036...

composio-praisonai (>=0.3.24 <=0.7.20), praisonai (>=0.0.34 <=4.6.37) +9 more potentially affected by unknown CVE via praisonaiagents (=1.6.37)

praisonaiagents PYPI version =1.6.37 is affected by a known vulnerability. The following packages have a transitive dependency on praisonaiagents and may be impacted: - composio-praisonai =0.3.24, =0.0.34, =0.1.1, =0.1.0, =0.1.0, =0.0.2, =0.1.5, =0.0.1, =0.1.1 - praisonaibench-python =0.1.0 -...

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1350 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-client (>=5.10.0 <=5.19.3)

org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7F...

auto-wasi (=0.1.0), candid-extractor (>=0.1.0 <=0.1.2) +106 more potentially affected by CVE-2026-34943 via wasmtime (>=0.10.0 <=1.0.2)

wasmtime CARGO version =0.10.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.0.0, =0.5.0, =0.0.1-alpha, =0.40.1, =0.45.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-34943 Source advisory: OSV:RUSTSEC-2026-0085...

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +37 more potentially affected by CVE-2026-34538 via apache-airflow-core (>=3.0.0rc2 <=3.2.0b2)

apache-airflow-core PYPI version =3.0.0rc2, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0a1, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0rc3, =1.6.0, =1.5.3, =1.25.0rc1, =3.12.0, =3.12.0rc1 and more Source cves: CVE-2026-34538 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15954288...

@fedify/botkit (>=0.4.0-dev.177 <=0.4.0-dev.181), @fedify/botkit-sqlite (>=0.4.0-dev.177 <=0.4.0-dev.181) potentially affected by CVE-2026-34148 via @fedify/fedify (=1.10.0)

@fedify/fedify NPM version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.4.0-dev.177, =0.4.0-dev.177, =0.4.0-dev.181 Source cves: CVE-2026-34148 Source advisory:...

0.app1 (=1.0.52), 0.edsql (>=1.0.49 <=1.0.50) +2487 more potentially affected by CVE-2026-34779 via electron (>=0.1.2 <=38.6.0)

electron NPM version =0.1.2, =1.0.49, =1.0.49, =1.0.49, =1.0.1, =0.0.10, =1.0.2, =1.1.11, =0.1.0, =3.0.5, =3.0.7 and more Source cves: CVE-2026-34779 Source advisory: OSV:GHSA-5RQW-R77C-JP79...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +10 more potentially affected by CVE-2026-35667 via openclaw (>=2026.3.22 <=2026.3.24)

openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 Source cves: CVE-2026-35667 Source advisory: SNYK:JS-OPENCLAW-15857087...

vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-26322 via openclaw (=0.0.1)

openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-26322 Source advisory: OSV:GHSA-G6Q9-8FVW-F7RF...

ca.dataedu:savro_2.12 (>=0.9.1 <=0.12.1), ca.dataedu:savro_2.13 (>=0.9.1 <=0.12.1) +94 more potentially affected by CVE-2025-33042 via org.apache.avro:avro-compiler (>=1.10.0 <=1.11.4)

org.apache.avro:avro-compiler MAVEN version =1.10.0, =0.9.1, =0.9.1, =1.0.0, =1.0.0, =0.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =3.4.3, =3.4.4 - com.github.thake.avro4k:avro4k-maven-plugin =0.5.0 and more Source cves: CVE-2025-33042 Source advisory: SNYK:JAVA-ORGAPACHEAVRO-15282783...

ai.houyi:dorado (>=0.0.1 <=0.0.8), ai.houyi:dorado-core (>=0.0.11 <=0.0.51) +3600 more potentially affected by CVE-2025-70974 via com.alibaba:fastjson (>=1.1.15 <=1.2.47)

com.alibaba:fastjson MAVEN version =1.1.15, =0.0.1, =0.0.11, =0.0.16, =0.0.1, =0.0.14, =0.0.47, =0.0.14, =0.3.0, =3.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2025-70974 Source advisory: OSV:GHSA-JM7W-5684-PVH8...

a-mailx (=0.1.0), almax-common (>=0.9.5 <=1.0.2.dev20240601170722) +68 more potentially affected by CVE-2025-53000 via nbconvert (>=7.0.0 <=7.16.6)

nbconvert PYPI version =7.0.0, =0.9.5, =1.0.1, =1.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.10, =0.0.15, =0.1.3, =3.0.0, =0.0.1, =0.0.2 - fashiontrendforecasting =0.1.0 and more Source cves: CVE-2025-53000 Source advisory: SNYK:PYTHON-NBCONVERT-14463457...

@achinet/nestjs-async (>=0.1.0 <=0.2.0), @aligov/clark-core (>=3.0.0 <=3.0.1) +35 more potentially affected by unknown CVE via @asyncapi/generator-react-sdk (>=1.1.2 <=1.1.3)

@asyncapi/generator-react-sdk NPM version =1.1.2, =0.1.0, =3.0.0, =4.1.3, =0.24.0, =1.10.14, =0.2.0, =0.1.0, =1.0.0, =0.2.2, =1.3.3, =2.0.0, =0.16.0, =0.16.23 - @asyncapi/template-dart-websocket-client =0.0.1 - @asyncapi/template-java-websocket-quarkus =0.0.1 -...