@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +21 more potentially affected by CVE-2026-40037 via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-40037 Source advisory: SNYK:JS-OPENCLAW-15949297...

@asherng/storybook (>=1.0.6 <=1.0.15), @asng/storybook (>=0.0.0-AddSnapshotPipeline-20240326102812 <=0.0.10) +30 more potentially affected by CVE-2025-68429 via storybook (>=8.0.10 <=8.6.14)

storybook NPM version =8.0.10, =1.0.6, =0.0.0-AddSnapshotPipeline-20240326102812, =1.5.1-canary.0, =0.4.2, =0.1.3, =1.0.0-canary.12734, =0.11.4, =0.12.4, =0.0.1-3d99df6-20260330104634, =1.0.12, =3.32.0-rc.2, =9.0.0-next.47, =7.33.6-qa-airteam-7.35.1.0, =0.0.3, =1.1.1, =2.0.0-beta.2 and more Sourc...

Understand your software’s supply chain with GitHub’s dependency graph

What if you could spot the weakest link in your software supply chain before it breaks? With GitHub's dependency graph, you can. By providing a clear, complete view of the external packages your code depends on, both directly and indirectly, it allows you to understand, secure, and manage your...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-23559 via tensorflow-cpu (>=1.15.0 <=2.4.4)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-23559 Source advisory: OSV:PYSEC-2022-68...

01os (>=0.0.3 <=0.0.14), 102218077-topsis (=0.0.1) +9926 more potentially affected by CVE-2019-15939 via opencv-python (>=3.4.10.35 <=4.1.0.25)

opencv-python PYPI version =3.4.10.35, =0.0.3, =0.0.1, =0.1.0, =0.0.2, =2.13.0, =0.1.0, =0.1.0, =0.10.0, =0.13.0 - a-cv-sift-detection =0.10.0 - a-cv2-calculate-difference =0.10.0 and more Source cves: CVE-2019-15939 Source advisory: OSV:GHSA-HXFW-JM98-V4MQ...

com.treelogic-swe:aws-mock (=1.0), com.treelogic-swe:cxf-stub (=ec2-2013-02-01) potentially affected by CVE-2019-12406 via org.apache.cxf:apache-cxf (=2.7.5)

org.apache.cxf:apache-cxf MAVEN version =2.7.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:apache-cxf and may be impacted: - com.treelogic-swe:aws-mock =1.0 - com.treelogic-swe:cxf-stub =ec2-2013-02-01 Source cves: CVE-2019-12406...