haiku-rag (>=0.19.2 <=0.33.0), iatoolkit (>=1.40.0 <=1.42.0) +19 more potentially affected by CVE-2026-31247 via docling (>=2.10.0 <=2.73.1)

docling PYPI version =2.10.0, =0.19.2, =1.40.0, =0.1.0, =0.2.1, =0.6.1, =1.0.1, =0.4.0, =1.0.0, =0.1.29, =0.3.1, =0.10.0, =0.11.2 and more Source cves: CVE-2026-31247 Source advisory: SNYK:PYTHON-DOCLING-16757962...

@convergence/jointjs-utils (>=0.1.0 <=0.4.0), @davidyaha/graphql-birdseye (>=1.0.7 <=1.0.8) +33 more potentially affected by CVE-2020-28480 via jointjs (>=0.9.10 <=3.2.0)

jointjs NPM version =0.9.10, =0.1.0, =1.0.7, =0.1.0, =0.1.3, =0.8.2, =1.5.30, =1.0.1, =1.0.0-alpha.1, =1.0.0, =0.0.3, =0.1.0, =1.0.6, =1.3.0 and more Source cves: CVE-2020-28480 Source advisory: OSV:GHSA-QWP9-52H8-XGG8...

Updated ruby-rails and associated packages fix multiple vulnerabilities

Updated ruby-activerecord and ruby-actionpack packages fix security vulnerabilities: There is a data injection vulnerability in Active Record. Specially crafted strings can be used to save data in PostgreSQL array columns that may not be intended CVE-2014-0080. There is an XSS vulnerability in th...