11 matches found
ROOT-APP-NPM-CVE-2026-33671 CVE-2026-33671 in @rootio/picomatch - Patched by Root
Root has patched CVE-2026-33671 in the @rootio/picomatch package for Root:npm. Multiple fixed versions available...
Security Bulletin: SPSS Collaboration and Deployment Services is affected by vulnerabilities in Picomatch (CVE-2026-33671, CVE-2026-33672)
Summary SPSS Collaboration and Deployment Services is affected by vulnerabilities in Picomatch CVE-2026-33671, CVE-2026-33672. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in picomatch-2.3.1.tgz
Summary IBM Watson Discovery Cartridge affected by vulnerabilities in picomatch-2.3.1.tgz Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service ReDoS...
Security Bulletin: IBM Edge Data Collector uses picomatch-2.3.1.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672.
Summary IBM Edge Data Collector uses picomatch-2.3.1.tgz which is vulnerable to CVE-2026-33671, CVE-2026-33672. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-33671 DESCRIPTION: Picomatch is a glob matcher written JavaScript. Versions prior t...
CVE-2026-33671 affecting package nodejs24 for versions less than 24.14.1-2
CVE-2026-33671 affecting package nodejs24 for versions less than 24.14.1-2. A patched version of the package is available...
CVE-2026-33671 vulnerabilities
Vulnerabilities for packages: node-gyp, kubeflow-katib, opensearch-dashboards, argo-workflows, ts-patch, nextcloud-server, npm, prism, saf, pulumi, code-server, sqlpad, renovate, vitess, rancher-api-ui, kubeflow-pipelines, vite, tileserver-gl, lerna...
CVE-2026-33671 vulnerabilities
Vulnerabilities for packages: node-gyp, ts-patch, argo-workflows, kubeflow-pipelines, saf, gitlab-rails-ce-fips, prism, rancher-api-ui, npm, tileserver-gl-fips, graalvm, renovate, langfuse-fips, vitess, sqlpad, tileserver-gl, code-server, drupal, nextcloud-server, kibana, langfuse, kubeflow-katib...
org.webjars.npm:angular-devkit__architect (=0.1902.8), org.webjars.npm:angular-devkit__core (=19.2.8) +2 more potentially affected by CVE-2026-33671 via org.webjars.npm:picomatch (=4.0.2)
org.webjars.npm:picomatch MAVEN version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:picomatch and may be impacted: - org.webjars.npm:angular-devkitarchitect =0.1902.8 - org.webjars.npm:angular-devkitcore =19.2.8 -...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @4itech/schematics (>=11.7.1 <=11.7.6) +977 more potentially affected by CVE-2026-33671 via picomatch (>=4.0.1 <=4.0.3)
picomatch NPM version =4.0.1, =11.7.1, =1.2.0, =8.3.0, =1.0.25, =0.0.47, =10.0.0, =10.0.0, =13.0.0, =10.0.0, =0.0.1-development, =0.0.1, =2.0.0, =1.0.57, =1.0.100 and more Source cves: CVE-2026-33671 Source advisory: OSV:GHSA-C2C7-RCM5-VVQJ...
4itech-schematics (>=11.0.0 <=11.3.0-1), @142vip/midway (>=0.1.6-alpha.2 <=0.1.6-alpha.12) +570 more potentially affected by CVE-2026-33671 via picomatch (>=2.1.1 <=2.3.1)
picomatch NPM version =2.1.1, =11.0.0, =0.1.6-alpha.2, =7.4.1, =0.0.1, =1.0.1, =0.0.2, =2.0.0, =9.0.0, =9.2.0-alpha.9, =9.2.0-alpha.9, =1.0.101, =1.1.0, =1.4.1 and more Source cves: CVE-2026-33671 Source advisory: SNYK:JS-PICOMATCH-15765511...
4itech-schematics (>=11.3.0 <=11.7.0-5), @4itech/schematics (=11.7.0) +71 more potentially affected by CVE-2026-33671 via picomatch (=3.0.1)
picomatch NPM version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on picomatch and may be impacted: - 4itech-schematics =11.3.0, =10.0.0-alpha.1, =10.0.0-alpha.1, =10.0.0-alpha.1, =0.1700.0, =0.1700.0, =17.0.0, =0.1700.0, =17.0.0, =17.0.0,...