@squawk/airports (>=0.3.1 <=0.6.1), @squawk/airspace (>=0.2.3 <=0.8.0) +4 more potentially affected by unknown CVE via @squawk/geo (>=0.2.1 <=0.4.3)

@squawk/geo NPM version =0.2.1, =0.3.1, =0.2.3, =0.1.3, =0.3.1, =0.2.0, =0.2.3, =0.4.1 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKGEO-16640893...

aoh (>=1.0.1 <=1.1.0), beratools (=0.2.2) +25 more potentially affected by CVE-2026-8212 via gdal (>=3.0.1 <=3.12.1)

gdal PYPI version =3.0.1, =1.0.1, =0.1.1, =0.0.7, =2.0.1, =0.4.0, =0.2.92, =0.9.2, =0.10.3, =0.4.5, =2.6.0, =2.7.0 - hyp3lib =4.0.1 and more Source cves: CVE-2026-8212 Source advisory: SNYK:PYTHON-GDAL-16624512...

@de-otio/trellis (>=0.4.0 <=0.7.1), @fedify/amqp (>=0.1.0 <=0.2.0-dev.11) +6 more potentially affected by CVE-2026-34148 via @fedify/fedify (>=1.10.0 <=1.10.10)

@fedify/fedify NPM version =1.10.0, =0.4.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.2.0, =0.0.1, =0.1.0, =1.1.20 Source cves: CVE-2026-34148 Source advisory: SNYK:JS-FEDIFYFEDIFY-15928876...

sfx (=0.1.0) potentially affected by CVE-2026-34380 via openexr (=3.2.4)

openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2026-34380 Source advisory: SNYK:PYTHON-OPENEXR-15993236...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +12 more potentially affected by CVE-2026-35663 via openclaw (>=0.0.1 <=2026.3.24)

openclaw NPM version =0.0.1, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =3.3.2, =3.3.7 Source cves: CVE-2026-35663 Source advisory: OSV:GHSA-9HJH-FR4F-GXC4...

@tinacms/app (>=0.0.0-0b7103c-20251216023146 <=2.3.25), @tinacms/cli (>=0.0.0-0b7103c-20251216023146 <=2.1.6) +4 more potentially affected by CVE-2026-28791 via @tinacms/graphql (>=2.0.0 <=2.1.2)

@tinacms/graphql NPM version =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =2.0.0, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =0.0.0-0b7103c-20251216023146, =3.5.0 Source cves: CVE-2026-28791 Source advisory: SNYK:JS-TINACMSGRAPHQL-15518326...

01os (=0.0.14), 10xscale-agentflow-cli (>=0.3.0 <=0.3.1) +11560 more potentially affected by CVE-2025-69534 via markdown (>=2.1.1 <=3.8.0)

markdown PYPI version =2.1.1, =0.3.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.4.80, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 and more Source cves: CVE-2025-69534 Source advisory: OSV:GHSA-5WMX-573V-2QWQ...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Linux Distros Unpatched Vulnerability : CVE-2025-39755

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix cb7210 pcmcia Oops The pcmciadriver struct was still only using the old...

Linux Distros Unpatched Vulnerability : CVE-2025-38458

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - atm: clip: Fix NULL pointer dereference in vccsendmsg atmarpddevops does not implement the send method, which may cause crash as bellow. BUG: kernel NULL pointe...

Linux Distros Unpatched Vulnerability : CVE-2025-38057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - espintcp: fix skb leaks A few error paths are missing a kfreeskb. CVE-2025-38057 Note that Nessus relies on the presence of the package as reported by the vendo...

Linux Distros Unpatched Vulnerability : CVE-2025-21974

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is...

Linux Distros Unpatched Vulnerability : CVE-2021-47468

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isdn: mISDN: Fix sleeping function called from invalid context The driver can call card-isac.release function from an atomic context. Fix this by calling this...

Linux Distros Unpatched Vulnerability : CVE-2025-22115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix block group refcount race in btrfscreatependingblockgroups Block group creation is done in two phases, which results in a slightly unintuitive...

Linux Distros Unpatched Vulnerability : CVE-2025-38071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/mm: Check return value from memblockphysallocrange At least with CONFIGPHYSICALSTART=0x100000, if there is 4 MiB of contiguous free memory available at this...

Linux Distros Unpatched Vulnerability : CVE-2025-22014

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pdr: Fix the potential deadlock When some client process A call pdraddlookup to...

Linux Distros Unpatched Vulnerability : CVE-2024-49972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails Why When DC state create DML memo...

Linux Distros Unpatched Vulnerability : CVE-2024-50071

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35pinctrldtnodetomapfunc 'newmap' is allocated usin...

Linux Distros Unpatched Vulnerability : CVE-2025-21746

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Input: synaptics - fix crash when enabling pass-through port When enabling a pass-through po...

Linux Distros Unpatched Vulnerability : CVE-2025-21723

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsgsetupqueue fails, the bsgqueue is assigned a non-NULL value. Consequently, in mpi3mrbsgexit, th...