@firestormapps/utils (=1.4.0), @jgtb/shared-core-fns (=1.0.4) +5 more potentially affected by unknown CVE via creditcard.js (=3.0.59)

creditcard.js NPM version =3.0.59 is affected by a known vulnerability. The following packages have a transitive dependency on creditcard.js and may be impacted: - @firestormapps/utils =1.4.0 - @jgtb/shared-core-fns =1.0.4 - mollie-shopwarepwa =1.0.0, =0.0.5, =0.0.1, =0.0.2 - shared-core-fns =1.0...

bioimageio-engine (>=0.1.0 <=0.1.3), cmd2func (>=0.1.0 <=0.2.1) +12 more potentially affected by unknown CVE via funcdesc (=0.2.1)

funcdesc PYPI version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on funcdesc and may be impacted: - bioimageio-engine =0.1.0, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.3.0, =0.1.1, =0.5.0, =0.1.1, =0.1.2 Source cves: unknown C...

mrbios (=0.1.0) potentially affected by unknown CVE via executor-http (=0.1.2)

executor-http PYPI version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on executor-http and may be impacted: - mrbios =0.1.0 Source cves: unknown CVE Source advisory: SNYK:PYTHON-EXECUTORHTTP-17220138...

@poppies/egg-poppy-api-framework (=1.0.2), egg-poppy-customized-framework (>=1.0.1 <=1.0.5) +2 more potentially affected by unknown CVE via creditcard.js (=2.1.6)

creditcard.js NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on creditcard.js and may be impacted: - @poppies/egg-poppy-api-framework =1.0.2 - egg-poppy-customized-framework =1.0.1, =1.0.2, =1.0.1, =1.0.2 Source cves: unknown CVE Sourc...

pantheon-cli (>=0.1.1 <=0.1.4rc1), uprobe (>=0.1.1 <=0.1.2) potentially affected by unknown CVE via pantheon-agents (=0.6.0)

pantheon-agents PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on pantheon-agents and may be impacted: - pantheon-cli =0.1.1, =0.1.1, =0.1.2 Source cves: unknown CVE Source advisory: SNYK:PYTHON-PANTHEONAGENTS-17220146...

ate (>=0.1.0 <=0.8.0), ate-auth (>=1.1.0 <=1.6.0) +73 more potentially affected by unknown CVE via pqcrypto-traits (>=0.1.1 <=0.3.5)

pqcrypto-traits CARGO version =0.1.1, =0.1.0, =1.1.0, =1.0.0, =1.1.0, =2.0.0, =0.1.2-alpha, =0.1.4, =0.1.1, =0.1.0, =0.1.1, =0.1.0, =0.1.2 - envencryptiontool =0.9.17 - ever-crypto =0.1.0 - hanzo-agentic =1.1.21 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0162...

crypt_guard (=0.1.4), env_encryption_tool (=0.9.17) +5 more potentially affected by unknown CVE via pqcrypto-hqc (>=0.0.4 <=0.2.2)

pqcrypto-hqc CARGO version =0.0.4, =0.12.2, =0.1.0, =0.1.0, =0.5.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0168...

autotel-adapters (>=0.2.10 <=0.3.1), autotel-audit (>=0.1.2 <=0.1.11) +8 more potentially affected by unknown CVE via autotel (>=3.0.0 <=3.3.1)

autotel NPM version =3.0.0, =0.2.10, =0.1.2, =0.12.10, =2.12.10, =0.0.10, =0.4.10, =0.4.16, =0.19.10, =1.13.11, =0.4.10, =0.4.22 Source cves: unknown CVE Source advisory: SNYK:JS-AUTOTEL-17146458...

@activepieces/piece-vapi (>=0.0.1 <=0.0.2), @keyman500/voice-ai-sdk (>=0.1.0 <=1.1.0) +2 more potentially affected by unknown CVE via @vapi-ai/server-sdk (>=0.10.2 <=0.11.0)

@vapi-ai/server-sdk NPM version =0.10.2, =0.0.1, =0.1.0, =1.0.0, =1.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-VAPIAISERVERSDK-17146457...

@easbot/ollama-sdk (=0.1.0) potentially affected by unknown CVE via ai-sdk-ollama (=2.2.0)

ai-sdk-ollama NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ai-sdk-ollama and may be impacted: - @easbot/ollama-sdk =0.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

@byside/llm (>=0.1.0 <=0.1.1), agentic-control (=1.1.0) potentially affected by unknown CVE via ai-sdk-ollama (=1.1.0)

ai-sdk-ollama NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ai-sdk-ollama and may be impacted: - @byside/llm =0.1.0, =0.1.1 - agentic-control =1.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

@redhat-cloud-services/access-requests-frontend (>=1.2.0 <=1.2.11), @redhat-cloud-services/frontend-components-advisor-components (>=1.0.0 <=3.8.1) +11 more potentially affected by unknown CVE via @redhat-cloud-services/frontend-components (=7.7.1)

@redhat-cloud-services/frontend-components NPM version =7.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on @redhat-cloud-services/frontend-components and may be impacted: - @redhat-cloud-services/access-requests-frontend =1.2.0, =1.0.0, =0.0.1,...

a2a-sigstore (=0.4.0), aiogithubapi (>=23.9.0 <=23.11.0) +68 more potentially affected by unknown CVE via tuf (>=1.0.0 <=6.0.0)

tuf PYPI version =1.0.0, =23.9.0, =0.2.0, =0.14.0, =0.0.1, =0.1.0, =0.1.9, =0.1.9, =0.1.9, =0.1.20 - floe-catalog-glue =0.1.0a1 - floe-catalog-polaris =0.1.0a1 - floe-compute-duckdb =0.1.0a1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-QP9X-WP8F-QGJJ...

es-intquery (=1.1.5) potentially affected by unknown CVE via msc-terminal (=3.2.0)

msc-terminal NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on msc-terminal and may be impacted: - es-intquery =1.1.5 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4823...

blog-coeur (>=0.0.12 <=0.0.19), chat-portal (>=0.1.0 <=0.2.1) +8 more potentially affected by unknown CVE via instagrapi (>=2.0.0 <=2.6.6)

instagrapi PYPI version =2.0.0, =0.0.12, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =1.3.7, =0.1.0, =0.1.0, =2.2.0, =1.0.2, =2.8.50 Source cves: unknown CVE Source advisory: OSV:GHSA-GGXF-37HM-9WQF...

@hulumi/platform-patterns (=0.0.0-bootstrap.0) potentially affected by unknown CVE via @hulumi/baseline (=1.3.1)

@hulumi/baseline NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @hulumi/baseline and may be impacted: - @hulumi/platform-patterns =0.0.0-bootstrap.0 Source cves: unknown CVE Source advisory: OSV:GHSA-GFP8-MP24-5VXG...

parley-core (=0.2.0), pqc-combo (=0.1.0) +2 more potentially affected by unknown CVE via libcrux-ml-dsa (>=0.0.4 <=0.0.8)

libcrux-ml-dsa CARGO version =0.0.4, =0.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - parley-core =0.2.0 - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory:...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by unknown CVE via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2VX9-7WPG-88JQ...

@antv/gi-assets-xlab (>=0.1.0 <=0.1.30) potentially affected by unknown CVE via @antv/gi-assets-basic (=2.4.40)

@antv/gi-assets-basic NPM version =2.4.40 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/gi-assets-basic and may be impacted: - @antv/gi-assets-xlab =0.1.0, =0.1.30 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGIASSETSBASIC-16754358...

@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +59 more potentially affected by unknown CVE via @antv/x6-plugin-minimap (>=2.0.5 <=2.0.7)

@antv/x6-plugin-minimap NPM version =2.0.5, =1.0.0, =2.0.1, =0.0.1, =0.0.4, =0.6.0, =2.0.4, =3.0.0, =3.5.1-alpha.3, =0.0.3, =0.2.2, =0.2.1, =1.0.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVX6PLUGINMINIMAP-16755067...