@afd-software/angular-ng-autocomplete (=14.0.0), @angularexpert/my-workspace (=0.0.0) +146 more potentially affected by CVE-2026-46417 via @angular/platform-server (>=0.0.0-0 <=18.2.14)

@angular/platform-server NPM version =0.0.0-0, =5.0.0, =1.0.0, =0.0.1, =2.0.0, =0.0.6, =19.3.0, =1.5.0, =1.4.1, =1.5.2 - @nani-creative-labs/app-builder =1.0.0 - @nger/angular =1.0.3 and more Source cves: CVE-2026-46417 Source advisory: OSV:GHSA-RFH7-FXQC-Q52V...

alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +87 more potentially affected by CVE-2026-46374 via sqlfluff (>=0.11.2 <=4.1.0)

sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.3.8, =1.1.5, =0.1.5, =0.1.2, =0.1.0, =0.1.2, =0.0.0, =0.2.0, =0.0.1, =0.1.0, =0.5.9 and more Source cves: CVE-2026-46374 Source advisory: OSV:GHSA-73JC-5MRQ-PRW7...

alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +48 more potentially affected by CVE-2026-46373 via sqlfluff (>=0.11.2 <=4.0.4a1)

sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.4.6, =1.1.5, =0.1.2, =0.1.2, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.4.0, =0.1.0, =0.19.1a7, =1.3.3, =1.10.0 and more Source cves: CVE-2026-46373 Source advisory: OSV:GHSA-WMHF-FQC8-VXHH...

@budibase/cli (>=0.0.1 <=3.38.0), @budibase/pro (>=0.0.1 <=3.38.0) +4 more potentially affected by CVE-2026-46424 via @budibase/backend-core (>=0.0.1 <=3.38.0)

@budibase/backend-core NPM version =0.0.1, =0.0.1, =0.0.1, =0.0.0, =0.0.1, =3.38.0 - @devlego/server =1.1.29-alpha.1 - @devlego/worker =1.1.29-alpha.1 Source cves: CVE-2026-46424 Source advisory: OSV:GHSA-6VP2-6R7M-2JVX...

@0l00000l/auth (>=1.0.0 <=1.0.8), @0xchain/telemetry (>=1.1.0-beta.8 <=1.1.0-beta.18) +991 more potentially affected by CVE-2026-45740 via protobufjs (>=8.0.0 <=8.0.3)

protobufjs NPM version =8.0.0, =1.0.0, =1.1.0-beta.8, =0.8.0, =1.0.0, =1.1.4, =2.1.4, =0.3.1, =0.3.1, =0.7.1, =0.9.0 - @access-mcp/software-discovery =0.8.0 and more Source cves: CVE-2026-45740 Source advisory: OSV:GHSA-JGGG-4JG4-V7C6...

@jacobgardos/vuxtify (>=1.0.2 <=1.0.3) potentially affected by CVE-2026-45670 via @nuxt/webpack-builder (=3.21.5)

@nuxt/webpack-builder NPM version =3.21.5 is affected by a known vulnerability. The following packages have a transitive dependency on @nuxt/webpack-builder and may be impacted: - @jacobgardos/vuxtify =1.0.2, =1.0.3 Source cves: CVE-2026-45670 Source advisory: OSV:GHSA-6M52-M754-PW2G...

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @dragonforce2010/openclaw-cn (>=0.1.7 <=0.1.7-fix7) +6 more potentially affected by unknown CVE via @openclaw-cn/libsignal (=2.0.1)

@openclaw-cn/libsignal NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @openclaw-cn/libsignal and may be impacted: - @3onedata/alsatian =0.1.8-fix.3, =0.1.7, =0.1.8-fix.3, =0.1.4, =0.1.0, =0.1.7, =2026.2.28, =2026.2.29 Source cves:...

@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +76 more potentially affected by unknown CVE via @antv/x6-plugin-clipboard (=2.1.6)

@antv/x6-plugin-clipboard NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6-plugin-clipboard and may be impacted: - @aidps/canvas-flow =1.0.0, =2.0.1, =0.0.1, =0.0.2, =1.0.0-beta.46, =0.0.4, =0.0.3, =2.0.4, =0.0.27, =3.0.0,...

@antv/xflow (>=2.0.1 <=2.2.4), @antv/xflow-diff (=1.0.0) +42 more potentially affected by unknown CVE via @antv/x6-plugin-export (=2.1.6)

@antv/x6-plugin-export NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6-plugin-export and may be impacted: - @antv/xflow =2.0.1, =0.0.1, =0.0.1, =0.0.3, =0.6.1, =0.1.27, =0.1.1, =0.0.4, =2.0.4, =0.0.27, =3.0.0, =0.0.3, =0.3.2...

1byte-react-design (>=1.7.1 <=1.14.0), 1g6table (=0.1.0) +1587 more potentially affected by unknown CVE via @antv/event-emitter (=0.1.3)

@antv/event-emitter NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/event-emitter and may be impacted: - 1byte-react-design =1.7.1, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.0.9, =0.1.2, =1.1.43, =0.9.1, =5.0.48, =1.0.1, =1.1....

@als-tp/als-react-ts-ui (>=0.10.1 <=0.15.4), @axiom-lattice/react-sdk (>=2.1.17 <=2.1.66) +10 more potentially affected by unknown CVE via @antv/infographic (>=0.2.16 <=0.2.2)

@antv/infographic NPM version =0.2.16, =0.10.1, =2.1.17, =0.1.1, =0.3.2, =0.1.0, =0.0.1, =0.1.0, =1.0.1, =1.0.0, =1.0.0, =1.3.0, =2.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4028...

1byte-react-design (>=1.7.1 <=1.14.0), @agentscope-ai/chat (>=1.1.43 <=1.1.63-beta.1778041790294) +234 more potentially affected by unknown CVE via @antv/g-plugin-dragndrop (>=2.0.0 <=2.1.1)

@antv/g-plugin-dragndrop NPM version =2.0.0, =1.7.1, =1.1.43, =5.0.48, =1.0.1, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =1.0.0, =1.0.0, =1.0.0, =5.1.5, =5.4.8 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3943...

@antv/gpt-vis (>=0.6.0 <=0.6.1), @antv/gpt-vis-ssr (>=0.3.4 <=0.3.7) +17 more potentially affected by unknown CVE via @antv/s2 (>=2.0.0-next.25 <=2.7.0)

@antv/s2 NPM version =2.0.0-next.25, =0.6.0, =0.3.4, =0.0.1, =1.0.0-alpha18, =0.5.63, =0.5.66, =0.0.1, =0.1.1, =0.0.21, =1.0.5, =0.0.1-alpha.0, =0.0.1-beta.3 - qbi-charts =1.0.17 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4077...

@antv/ava-react (>=3.0.0 <=3.3.2-beta.1), @antv/g2 (>=5.1.5 <=5.1.6-beta.1) +12 more potentially affected by unknown CVE via @antv/ava (>=3.0.0-alpha.0 <=3.4.1)

@antv/ava NPM version =3.0.0-alpha.0, =3.0.0, =5.1.5, =0.1.0, =1.0.0, =0.0.1-lb, =0.0.30, =0.0.0, =0.1.1, =1.1.1, =0.0.4, =0.0.1, =0.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3853...

@antv/gpt-vis-ssr (>=0.1.9 <=0.3.7), @jsr2npm/yao__gpt-vis-mcp (>=0.1.0 <=0.1.2-beta.1) +5 more potentially affected by unknown CVE via @antv/g-plugin-rough-canvas-renderer (=2.1.1)

@antv/g-plugin-rough-canvas-renderer NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/g-plugin-rough-canvas-renderer and may be impacted: - @antv/gpt-vis-ssr =0.1.9, =0.1.0, =0.0.1, =0.2.1, =1.0.0, =1.0.0, =1.0.2 Source cves:...

1byte-react-design (>=1.7.1 <=1.14.0), @agentscope-ai/chat (>=1.1.43 <=1.1.63-beta.1778041790294) +300 more potentially affected by unknown CVE via @antv/g-lite (>=2.0.0 <=2.7.0)

@antv/g-lite NPM version =2.0.0, =1.7.1, =1.1.43, =5.0.48, =1.0.1, =1.0.4, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =2.0.0, =0.5.6, =6.0.0, =2.0.0, =2.0.45 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3921...

1byte-react-design (>=1.7.1 <=1.14.0), @ant-design/charts (>=2.0.3 <=2.6.7) +99 more potentially affected by unknown CVE via @antv/g2-extension-plot (>=0.1.2 <=0.2.2)

@antv/g2-extension-plot NPM version =0.1.2, =1.7.1, =2.0.3, =1.0.0, =2.0.8, =0.0.1, =0.1.0, =1.0.0, =1.0.1, =2.0.2, =1.2.0, =4.1.13, =1.0.1, =3.0.28 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3977...

1byte-react-design (>=1.7.1 <=1.14.0), @agentscope-ai/chat (>=1.1.43 <=1.1.63-beta.1778041790294) +249 more potentially affected by unknown CVE via @antv/g-canvas (>=2.0.0 <=2.2.0)

@antv/g-canvas NPM version =2.0.0, =1.7.1, =1.1.43, =5.0.48, =1.0.1, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =1.1.0, =1.1.0, =2.0.0, =2.0.0, =2.1.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3911...

1g6table (=0.1.0), 7qb (=0.0.17) +1349 more potentially affected by unknown CVE via @antv/matrix-util (>=3.0.4 <=3.1.0-beta.3)

@antv/matrix-util NPM version =3.0.4, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =0.9.1, =1.0.0, =0.2.0, =1.1.15, =1.0.4, =2.1.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4067...

@2nova/wu-ui (>=1.1.0 <=1.3.12), @action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5) +1678 more potentially affected by unknown CVE via @antv/attr (>=0.0.7 <=0.3.5)

@antv/attr NPM version =0.0.7, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =0.1.0, =0.5.0-alpha.0, =0.1.0, =0.5.0-alpha.0, =0.5.0-alpha.0, =0.1.0, =0.1.0, =0.1.0, =0.5.0-alpha.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3852...