@antv/dipper (>=0.0.3 <=0.0.4), @antv/dipper-widgets (>=0.0.2 <=0.0.4) potentially affected by unknown CVE via @antv/dipper-component (>=0.0.2 <=0.0.4)

@antv/dipper-component NPM version =0.0.2, =0.0.3, =0.0.2, =0.0.4 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVDIPPERCOMPONENT-16754388...

CVE-2026-22645

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components...

Security Bulletin: WebSphere Application Server Liberty is could provide weaker than expected security due to crypto.js

Summary WebSphere Application Server Liberty is could provide weaker than expected security due to crypto.jsCVE-2020-36732 Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an...

EUVD-2015-9345

Malware in sbrugna...

EUVD-2019-1071

Malware in sbrugna...

EUVD-2025-22930

Malicious code in bioql PyPI...

EUVD-2022-3342

Malicious code in bioql PyPI...

CVE-2025-36146

IBM Lakehouse watsonx.data 2.2 could allow an authenticated user to obtain sensitive server component version information which could aid in further attacks against the system...