1zlab-emp-ide (=0.0.3), 1zlab-homepage (>=0.0.2 <=0.0.3) +11108 more potentially affected by CVE-2026-8404 via django (>=6.0.0 <=6.0.5)

django PYPI version =6.0.0, =0.0.2, =2.2.0, =0.1.0, =0.1.0.1, =0.1.1, =0.2.0, =0.0.4a0, =0.0.7, =0.1.10 and more Source cves: CVE-2026-8404 Source advisory: SNYK:PYTHON-DJANGO-17151726...

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +360 more potentially affected by CVE-2026-6657 via jupyter-server (>=1.13.2 <=2.17.0)

jupyter-server PYPI version =1.13.2, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2026-6657 Source advisory: SNYK:PYTHON-JUPYTERSERVER-17220130...

ai.h2o:sparkling-water-core_2.11 (>=3.46.0.1-1-2.3 <=3.46.0.6-1-2.4), ai.h2o:sparkling-water-core_2.12 (>=3.46.0.1-1-3.0 <=3.46.0.6-1-3.5) +761 more potentially affected by CVE-2026-47065 via org.apache.mina:mina-core (>=2.2.0 <=2.2.7)

org.apache.mina:mina-core MAVEN version =2.2.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =3.46.0.1-1-2.3, =3.46.0.1-1-3.0, =1.5.4.RELEASE, =0.0.2, =3.0.0, =1.0.9, =1.6.9, =1.2.5, =1.1.7, =1.2.8 and more Source cves: CVE-2026-47065 Sourc...

au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), be.mogo.iam:mogo-provisioning (>=1.0.1.RELEASE <=1.1.7.RELEASE) +1174 more potentially affected by CVE-2026-47065 via org.apache.mina:mina-core (>=2.0.0-M1 <=2.0.28)

org.apache.mina:mina-core MAVEN version =2.0.0-M1, =37.v0d3157c4aef8, =1.0.1.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =2.7.4.0, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.2.RELEASE, =1.0.3.RELEASE - cn.javaboot:nacos-address =1.4.1 - cn.javaboot:nacos-console =1.4.1 -...

databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +18 more potentially affected by CVE-2026-4035 via mlflow (>=3.0.0rc2 <=3.10.1)

mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =7.1.1, =0.2.0, =3.10.1, =1.0.1, =1.0.1, =3.0.15, =0.2.0.dev0, =0.6.7, =0.1.19, =0.1.0, =0.1.8 and more Source cves: CVE-2026-4035 Source advisory: SNYK:PYTHON-MLFLOW-17135851...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper dependency checks in the work queue WQMEMRECLAIM, potentially leading to warnings...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the regulator core module not correctly holding the regulatorlistmutex lock in the wrong path of...

@accounter/client (>=0.0.3 <=0.0.11-alpha-20260404002702-9340365def1af08a5cdbbf734a87d1d4839bdaff), @asamanvay/auth-service (>=0.0.2 <=0.0.4) +151 more potentially affected by CVE-2026-34077 via react-router (>=7.0.0 <=7.14.0-pre.0)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =3.5.2, =1.1.0, =1.0.1-MON-198808-web-js-deps-batch-1.0, =0.0.1, =3.4.9, =0.1.9, =0.3.1, =7.13.1-depup.0, =7.13.2-depup.0 and more Source cves: CVE-2026-34077 Source advisory: SNYK:JS-REACTROUTER-17138883...

@accounter/client (>=0.0.3 <=0.0.12-alpha-20260421081155-bb6cc4c0b0b59fff41df172e2f4212eca6906193), @appigram/react-code-split-ssr (=1.3.7) +157 more potentially affected by CVE-2026-40181 via react-router (>=7.0.0 <=7.14.0)

react-router NPM version =7.0.0, =0.0.3, =0.0.2, =3.5.2, =1.1.0, =1.0.1-MON-198808-web-js-deps-batch-1.0, =0.0.1, =3.4.9, =0.1.9, =0.3.1, =0.5.1 and more Source cves: CVE-2026-40181 Source advisory: SNYK:JS-REACTROUTER-17138887...

autotel-cli (>=0.8.10 <=0.8.11) potentially affected by unknown CVE via autotel-mcp (>=0.1.10 <=0.1.11)

autotel-mcp NPM version =0.1.10, =0.8.10, =0.8.11 Source cves: unknown CVE Source advisory: SNYK:JS-AUTOTELMCP-17146470...

autotel-adapters (>=0.2.10 <=0.3.1), autotel-audit (>=0.1.2 <=0.1.11) +8 more potentially affected by unknown CVE via autotel (>=3.0.0 <=3.3.1)

autotel NPM version =3.0.0, =0.2.10, =0.1.2, =0.12.10, =2.12.10, =0.0.10, =0.4.10, =0.4.16, =0.19.10, =1.13.11, =0.4.10, =0.4.22 Source cves: unknown CVE Source advisory: SNYK:JS-AUTOTEL-17146458...

@easbot/ollama-sdk (=0.1.0) potentially affected by unknown CVE via ai-sdk-ollama (=2.2.0)

ai-sdk-ollama NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ai-sdk-ollama and may be impacted: - @easbot/ollama-sdk =0.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

@byside/llm (>=0.1.0 <=0.1.1), agentic-control (=1.1.0) potentially affected by unknown CVE via ai-sdk-ollama (=1.1.0)

ai-sdk-ollama NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on ai-sdk-ollama and may be impacted: - @byside/llm =0.1.0, =0.1.1 - agentic-control =1.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

CVE-2026-43965

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

EUVD-2026-33926

Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to paths.buildpackagespackage, whi...

EEF-CVE-2026-43965 Path Traversal in build/packages/packages.toml Allows Arbitrary Directory Deletion

Summary Path traversal vulnerability in Gleam's dependency management allows arbitrary directory deletion via malicious build/packages/packages.toml content. Package keys read from build/packages/packages.toml by LocalPackages::readfromdisc are passed without validation to...

CVE-2026-43965

Gleam path traversal vulnerability CVE-2026-43965 allows arbitrary directory deletion via malicious build/packages/packages.toml content. During deps download, package keys read from build/packages/packages.toml are passed to path construction without validation, enabling absolute or relative tra...

ai.chronon:online_2.11 (>=0.0.25 <=revert-391-thread-0.0.24), ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +1514 more potentially affected by CVE-2026-46718 via org.apache.calcite:calcite-core (>=1.0.0-incubating <=1.41.0)

org.apache.calcite:calcite-core MAVEN version =1.0.0-incubating, =0.0.25, =0.0.86, =0.0.1, =0.0.1, =0.2.7, =1.0.1, =1.1.0, =1.7.0, =1.7.0, =1.0.0, =0.0.12, =1.0.0, =1.0.0, =1.0.0, =1.13.3, =2.14.0 and more Source cves: CVE-2026-46718 Source advisory: SNYK:JAVA-ORGAPACHECALCITE-17151967...