733 matches found
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +145 more potentially affected by CVE-2026-2575 via org.keycloak:keycloak-services (>=1.9.0.CR1 <=26.5.3)
org.keycloak:keycloak-services MAVEN version =1.9.0.CR1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-2575 Source advisory: SNYK:JAVA-ORGKEYCLOAK-15304465https://vulners.com/snyk/SNYK:JAVA-ORG...
@atom8n/ai-workflow-builder (>=1.2.1 <=1.5.8), @atom8n/backend-test-utils (>=1.2.2 <=1.5.8) +28 more potentially affected by CVE-2026-26019 via @langchain/core (>=1.0.1 <=1.1.13)
@langchain/core NPM version =1.0.1, =1.2.1, =1.2.2, =1.2.2, =2.2.2, =2.2.2, =2.2.2, =1.0.0, =1.9.7, =0.1.3, =0.0.22, =3.66.0, =3.66.0, =1.0.1, =1.0.14 and more Source cves: CVE-2026-26019 Source advisory: SNYK:JS-LANGCHAINCORE-15268429...
a-simple-llm-kit (>=0.3.0 <=0.4.2), a62-emotion (>=0.9.2 <=0.11.4) +3568 more potentially affected by CVE-2025-69872 via diskcache (>=2.4.1 <=5.6.3)
diskcache PYPI version =2.4.1, =0.3.0, =0.9.2, =0.1.0, =0.2.1, =0.1.1.dev1, =0.1.0, =0.3.4, =0.1.1, =0.3.3, =0.0.2, =1.13.4 - acai-swarm =0.1.0 - accern-xyme =0.2.5 and more Source cves: CVE-2025-69872 Source advisory: SNYK:PYTHON-DISKCACHE-15268422...
@codefresh-io/cubejs-backend-server-core (>=0.30.77 <=0.35.47-rc.bp.2), @cubejs-backend-json-clone/server (=1.0.0) +15 more potentially affected by CVE-2026-25958 via @cubejs-backend/api-gateway (>=0.27.53 <=1.0.12)
@cubejs-backend/api-gateway NPM version =0.27.53, =0.30.77, =0.3.1, =0.3.1, =0.3.1, =0.8.0, =0.8.0, =0.32.28, =0.29.4, =1.0.0, =0.27.30, =0.30.61, =0.32.0, =0.33.8 and more Source cves: CVE-2026-25958 Source advisory: SNYK:JS-CUBEJSBACKENDAPIGATEWAY-15265447...
agent-runtimes (=0.0.9), aws-ai-capacity (>=0.1.0 <=0.1.3) +12 more potentially affected by CVE-2026-25640 via pydantic-ai-slim (>=1.34.0 <=1.50.0)
pydantic-ai-slim PYPI version =1.34.0, =0.1.0, =1.3.0, =1.0.0, =0.4.3b0, =1.3.0, =1.3.0, =1.3.0, =0.7.0, =0.45.2, =2.0.0, =2.1.0 Source cves: CVE-2026-25640 Source advisory: OSV:GHSA-WJP5-868J-WQV7...
aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1287 via django (>=4.2.0 <=4.2.27)
django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1287 Source advisory: OSV:GHSA-GVG8-93H5-G6QQ...
Linux Distros Unpatched Vulnerability : CVE-2025-4097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allow...
@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +6 more potentially affected by CVE-2026-24040 via jspdf (=4.0.0)
jspdf NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jspdf and may be impacted: - @armco/armory-react-components =0.0.23, =0.1.2, =1.0.8, =1.4.0, =0.5.129, =4.4.0, =4.4.1 - svgedit =7.4.1 Source cves: CVE-2026-24040 Source advisory:...
@bindercli/core (>=0.1.0 <=0.1.7), @localess/cli (>=3.0.1 <=3.0.5-dev.20260428203008) +20 more potentially affected by CVE-2026-23947 +1 more via @orval/core (>=8.0.0-rc.0 <=8.1.0)
@orval/core NPM version =8.0.0-rc.0, =0.1.0, =3.0.1, =8.0.0, =8.0.0, =8.14.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =6.11.0-alpha, =8.0.0, =8.0.0, =8.0.0, =0.5.0, =0.6.1 and more Source cves: CVE-2026-23947, CVE-2026-25141 Source advisory: SNYK:JS-ORVALCORE-15166600...
@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @agimon-ai/browse-tool (>=0.2.0 <=0.5.5) +156 more potentially affected by CVE-2026-24771 via hono (>=4.0.0 <=4.11.6)
hono NPM version =4.0.0, =0.1.8-fix.3, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.0.1, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =1.0.1-beta.0, =1.0.2, =4.0.0-alpha.28, =4.0.0-alpha.56 and more Source cves: CVE-2026-24771 Source advisory: SNYK:JS-HONO-15123927...
@kcconfigs/commitlint (>=0.1.0-beta.2 <=0.2.0), @pnpm/cache.commands (>=1000.0.52 <=1000.0.54) +35 more potentially affected by CVE-2026-23888 via @pnpm/fetching.binary-fetcher (>=1005.0.0 <=1005.0.1)
@pnpm/fetching.binary-fetcher NPM version =1005.0.0, =0.1.0-beta.2, =1000.0.52, =1001.2.17, =1001.1.13, =1016.0.0, =1002.2.21, =1003.0.24, =1002.0.3, =1000.0.52, =1001.0.16, =1001.1.10, =1002.1.28, =1000.3.8, =1002.0.23, =1000.1.51, =1000.1.53 and more Source cves: CVE-2026-23888 Source advisory:...
a-mailx (=0.1.0), aaaai (>=0.1.3 <=0.3.0) +344 more potentially affected by CVE-2025-67221 via orjson (>=2.0.11 <=3.11.5)
orjson PYPI version =2.0.11, =0.1.3, =4.8.2, =0.1.3, =0.0.5, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.31, =0.0.1, =0.0.2, =0.0.4 and more Source cves: CVE-2025-67221 Source advisory: OSV:GHSA-HX9Q-6W63-J58V...
ayy (>=0.1.6 <=0.1.8), camel-database-agent (>=0.1.0 <=0.2.0) +19 more potentially affected by CVE-2026-26217 via crawl4ai (>=0.3.5 <=0.7.8)
crawl4ai PYPI version =0.3.5, =0.1.6, =0.1.0, =0.2.0, =0.0.38, =0.1.0, =0.1.0, =0.1.0, =0.1.7.4 and more Source cves: CVE-2026-26217 Source advisory: SNYK:PYTHON-CRAWL4AI-15033115...
Juniper Networks Junos OS code-related vulnerabilities
Juniper Networks Junos OS is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. Code vulnerabilities existed in versions prior to Junos OS 21.4R3-S12, all versions of Junos...
@cenk1cenk2/renovate-config (>=2.0.0 <=2.3.148), @jamietanna/patch-testing (>=0.1.0 <=0.2.28) +9 more potentially affected by unknown CVE via renovate (>=31.97.3 <=40.21.2)
renovate NPM version =31.97.3, =2.0.0, =0.1.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =1.1.130, =0.0.1, =0.19.0 - @zotero-chinese/renovate-config =1.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-3F44-XW83-3PMG...
EUVD-2026-2046
A command injection vulnerability in AOS-8 allows an authenticated privileged user to alter a package header to inject shell commands, potentially affecting the execution of internal operations. Successful exploit could allow an authenticated malicious actor to execute commands with the privilege...
CVE-2025-37165
CVE-2025-37165 concerns HPE Instant On Access Points. The issue is in router mode configuration that could disclose internal network configuration details to unintended interfaces by inspecting impacted packets. Affected component: router mode configuration; root cause: misconfiguration allowing ...
Microsoft Windows 后置链接漏洞
Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. Microsoft Windows suffers from a backlink vulnerability. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions...
4science_ng-dynamic-forms (>=19.0.0 <=19.0.3), @123samir/gonna-build-a-mountain-po-ts-lint (>=6.0.0 <=10.0.0-rc.1) +5259 more potentially affected by CVE-2026-22610 via @angular/core (>=0.0.0-0 <=18.2.14)
@angular/core NPM version =0.0.0-0, =19.0.0, =6.0.0, =0.0.0, =0.2.0, =3.0.2, =3.0.3 - @aakashsuryawanshi/ng-idle =1.0.0 - @aalsi/ap-lib-demo =0.0.3-SNAPSHOT - @abaza738/angular-editor =1.0.0 - @abdos/ngx-tinzert =0.0.0 - @abdullk00138/watch-list =1.0.0 - @abdullk00138/webui =1.0.2 -...
0.workspace (>=0.1.0 <=0.1.1), 18a58t9c-upload (>=1.0.0 <=1.0.3) +17966 more potentially affected by unknown CVE via aws-sdk (>=2.0.11 <=2.9.0)
aws-sdk NPM version =2.0.11, =0.1.0, =1.0.0, =0.21.0, =1.0.0, =1.0.0, =0.1.0, =3.6.0, =0.0.2, =0.3.0, =0.1.0, =0.5.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-J965-2QGJ-VJMQ...