Lucene search
K

14 matches found

vulnersOsv
vulnersOsv
added 2026/06/08 10:59 p.m.5 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +1044 more potentially affected by CVE-2026-44894 via io.netty:netty-codec-classes-quic (>=4.2.10.Final <=4.2.14.Final)

io.netty:netty-codec-classes-quic MAVEN version =4.2.10.Final, =0.1.0, =0.1.0, =0.0.1-alfa, =0.0.1-demo, =6.0.1, =4.0.3-M1, =1.21.9, =1.0.5, =3.6.4, =1.0.1, =26.2.1, =26.6.1 and more Source cves: CVE-2026-44894 Source advisory: OSV:GHSA-CMM3-54F8-PX4J...

7.5CVSS5.7AI score0.00143EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/07 12:46 a.m.6 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2632 more potentially affected by CVE-2026-42587 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42587 Source advisory: SNYK:JAVA-IONETTY-16438929...

7.5CVSS6.7AI score0.00748EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/07 12:21 a.m.6 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2921 more potentially affected by CVE-2026-42584 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42584 Source advisory: OSV:GHSA-57RV-R2G8-2CJ3...

9.1CVSS6.7AI score0.00633EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/07 12:11 a.m.6 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2181 more potentially affected by CVE-2026-42578 via io.netty:netty-handler-proxy (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-handler-proxy MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42578 Source advisory: OSV:GHSA-45Q3-82M4-75JR...

7.5CVSS6.7AI score0.00667EPSS
Exploits1
Spring Security Advisories
Spring Security Advisories
added 2026/04/28 12:0 a.m.5 views

This Week in Spring - April 28th, 2026

Hi Spring fans! Welcome to another installment of This Week in Spring! As I write this, I'm on PTO in beautiful Santorini, Greece, catching up on some news and about to cruise the islands for some sightseeing. There's nothing quite like springtime in the Mediterranean! I couldn't dream of enjoyin...

5.4AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/30 5:26 p.m.9 views

ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +152 more potentially affected by CVE-2026-34237 via io.modelcontextprotocol.sdk:mcp-core (=1.1.0)

io.modelcontextprotocol.sdk:mcp-core MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.modelcontextprotocol.sdk:mcp-core and may be impacted: - ai.agentican:agentican-framework-core =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1,...

6.1CVSS7.2AI score0.00222EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/19 8:15 p.m.5 views

@any-code/agent (>=0.0.1 <=0.0.16), @aweto-agent/cli (>=1.7.2 <=1.8.0) +111 more potentially affected by unknown CVE via hono (>=4.0.0 <=4.11.1)

hono NPM version =4.0.0, =0.0.1, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =1.0.2, =4.0.0-alpha.28, =0.4.6, =1.1.54, =1.1.54, =0.1.0, =0.0.4, =2.0.4 and more Source cves: unknown CVE Source advisory: SNYK:JS-HONO-15322749...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/04 5:35 p.m.7 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3799 more potentially affected by CVE-2025-58056 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.4.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-58056 Source advisory: OSV:GHSA-FGHV-69VJ-QJ49...

7.5CVSS6.6AI score0.00631EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/13 7:6 p.m.8 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3352 more potentially affected by CVE-2025-55163 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.3.Final)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-55163 Source advisory: OSV:GHSA-PRJ3-CCX8-P6X4...

8.2CVSS6.9AI score0.00979EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/08/13 7:6 p.m.6 views

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +3352 more potentially affected by CVE-2025-55163 via io.netty:netty-codec-http2 (>=4.2.0.Alpha1 <=4.2.3.Final)

io.netty:netty-codec-http2 MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2025-55163 Source advisory: SNYK:JAVA-IONETTY-11799531...

8.2CVSS6.9AI score0.00979EPSS
Exploits1
Snyk
Snyk
added 2023/01/29 3:29 p.m.1 views

Malicious Package

Overview agent-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/01/10 11:36 a.m.1 views

Malicious code in agent-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dd87cf4d9e1e62b56ac8a65012bd4d49c2653e205f6eea7ef15b67deb469100 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/01/10 11:36 a.m.8 views

MAL-2023-83 Malicious code in agent-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dd87cf4d9e1e62b56ac8a65012bd4d49c2653e205f6eea7ef15b67deb469100 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/05/24 7:10 p.m.6 views

br.eti.clairton:ds-test (=0.4.0), com.bertoncelj.wildflysingletonservice:wildfly-singleton-service (>=1.1.0 <=1.2.1) +312 more potentially affected by CVE-2021-3642 via org.wildfly.security:wildfly-elytron (>=1.0.0.Alpha1 <=1.10.0.Final)

org.wildfly.security:wildfly-elytron MAVEN version =1.0.0.Alpha1, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0.Beta1, =1.0.0.Alpha4, =0.29.0.Final, =0.15.0.Final, =0.29.0.Final, =0.18.0.Final, =1.0.1.Final and more Source cves: CVE-2021-3642 Source advisory: OSV:GHSA-5499-QJVH-6...

5.3CVSS6.4AI score0.00846EPSS
Exploits0
Rows per page
Query Builder