adopt-a-doodle (>=0.0.1 <=0.0.3), bark-simulator (>=0.0.1 <=0.1.0) +105 more potentially affected by CVE-2026-22190 via panda3d (>=1.10.10 <=1.10.9)

panda3d PYPI version =1.10.10, =0.0.1, =0.0.1, =0.0.2, =0.1.0, =0.1.1, =0.0.3, =0.1.0, =21.2.0, =22.4.0, =20.12.0, =1.0.0, =0.0.1, =1.0.6, =0.0.2, =0.8.5, =0.8.10 and more Source cves: CVE-2026-22190 Source advisory: SNYK:PYTHON-PANDA3D-14931131...

CVE-2026-22190 Panda3D <= 1.10.16 egg-mkfont Format String Information Disclosure

The egg-mkfont utility in Panda3D versions up to and including 1.10.16 contains an uncontrolled format string vulnerability. The -gp glyph pattern command-line option is used directly as the format string for sprintf with only a single argument supplied. If an attacker provides additional format...