597895 matches found
ROOT-APP-PYPI-CVE-2024-23829 CVE-2024-23829 in rootio-aiohttp - Patched by Root
Root has patched CVE-2024-23829 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-47265 CVE-2026-47265 in rootio-aiohttp - Patched by Root
Root has patched CVE-2026-47265 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-42583 CVE-2026-42583 in io.root.io.netty:netty-codec - Patched by Root
Root has patched CVE-2026-42583 in the io.root.io.netty:netty-codec package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-48043 CVE-2026-48043 in io.root.io.netty:netty-codec-http2 - Patched by Root
Root has patched CVE-2026-48043 in the io.root.io.netty:netty-codec-http2 package for Root:Maven. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-34517 CVE-2026-34517 in rootio-aiohttp - Patched by Root
Root has patched CVE-2026-34517 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-OS-DEBIAN-12-CVE-2023-31484 CVE-2023-31484 in rootio-perl - Patched by Root
Root has patched CVE-2023-31484 in the rootio-perl package for Root:Debian:12. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-41182 CVE-2026-41182 in rootio-langsmith - Patched by Root
Root has patched CVE-2026-41182 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-45134 CVE-2026-45134 in rootio-langsmith - Patched by Root
Root has patched CVE-2026-45134 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-GHSA-F4XH-W4CJ-QXQ8 GHSA-f4xh-w4cj-qxq8 in rootio-langsmith - Patched by Root
Root has patched GHSA-f4xh-w4cj-qxq8 in the rootio-langsmith package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2021-23358 CVE-2021-23358 in @rootio/underscore - Patched by Root
Root has patched CVE-2021-23358 in the @rootio/underscore package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-45736 CVE-2026-45736 in @rootio/ws - Patched by Root
Root has patched CVE-2026-45736 in the @rootio/ws package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-35213 CVE-2026-35213 in @rootio/hapi__content - Patched by Root
Root has patched CVE-2026-35213 in the @rootio/hapicontent package for Root:npm. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-44271 CVE-2023-44271 in rootio-pillow - Patched by Root
Root has patched CVE-2023-44271 in the rootio-pillow package for Root:PyPI. Multiple fixed versions available...
Malicious code in react-next-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a7b3360c09fca3400981d3d0d4c5e8a72c8193e0841c5d2eceb193a08fc440e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6825 Malicious code in react-next-dom (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a7b3360c09fca3400981d3d0d4c5e8a72c8193e0841c5d2eceb193a08fc440e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6797 Malicious code in mongoose-lean-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51f21ca8cb459221a26134e631f974e5a26cb292386a957c75da31b538119c61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
ROOT-APP-NUGET-CVE-2026-40894 CVE-2026-40894 in Rootio.OpenTelemetry.Api - Patched by Root
Root has patched CVE-2026-40894 in the Rootio.OpenTelemetry.Api package for Root:NuGet. Multiple fixed versions available...
CVE-2026-59196 pnpm: hoisted install imports lockfile alias outside node_modules
pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a crafted lockfile alias could be joined directly under a hoisted nodemodules directory. Traversal aliases could escape that directory, while reserved aliases such as .bin or .pnpm could overwrite pnpm-owned layout. This vulnerability is fix...
CVE-2026-55699
A flaw was found in pnpm, a package manager. When a malicious package with specially crafted manifest bin object keys such as "." or ".." is installed globally, subsequent package management operations like removal, update, or replacement could lead to the deletion of critical directories. This...
CVE-2026-55697
A flaw was found in pnpm, a package manager. A remote attacker could exploit this vulnerability by crafting a malicious repository that declares a configDependency in its pnpm-workspace.yaml file. When a user installs packages from this repository, pnpm improperly treats the declared dependency a...