33 matches found
@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +10 more potentially affected by unknown CVE via @lint-md/parser (>=0.0.11 <=0.0.9)
@lint-md/parser NPM version =0.0.11, =0.3.0, =0.1.0, =2.0.0, =2.0.0, =2.1.4, =2.1.4, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDPARSER-16754919...
com.datasqrl.flinkrunner:stdlib-json (>=0.9.0 <=0.10.1), com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4) +17 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (=2.2.0)
org.apache.flink:flink-table-runtime MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-runtime and may be impacted: - com.datasqrl.flinkrunner:stdlib-json =0.9.0, =0.9.0, =0.9.0, =0.9.0, =2.2.0-EXNESS-0.1...
@mastra/auth-workos (>=0.0.0-a2a-vnext-20260424123427 <=1.5.1-alpha.0), @workos/authkit-sveltekit (>=0.0.1-alpha.0 <=0.2.0) +1 more potentially affected by CVE-2026-42565 via @workos/authkit-session (>=0.0.1-alpha.3 <=0.4.0)
@workos/authkit-session NPM version =0.0.1-alpha.3, =0.0.0-a2a-vnext-20260424123427, =0.0.1-alpha.0, =0.1.0, =0.6.0 Source cves: CVE-2026-42565 Source advisory: SNYK:JS-WORKOSAUTHKITSESSION-16425670...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-42237 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-42237 Source advisory: OSV:GHSA-HP3C-VFPM-Q4F7...
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +163 more potentially affected by CVE-2026-30912 via apache-airflow (>=1.8.2 <=3.1.8)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =1.6.0 and more Source cves: CVE-2026-30912 Source advisory: OSV:PYSEC-2026-18...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30966 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30966 Source advisory: OSV:GHSA-5F92-JRQ3-28RC...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +937 more potentially affected by CVE-2026-28208 via com.github.junrar:junrar (>=0.7 <=7.5.7)
com.github.junrar:junrar MAVEN version =0.7, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.4, =1.2.0, =1.3.1 and more Source cves: CVE-2026-28208 Source advisory: OSV:GHSA-J273-M5QQ-6825...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-27577 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-27577 Source advisory: OSV:GHSA-VPCF-GVG4-6QWR...
apache-airflow (>=3.1.0b1 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0rc1 <=1.7.3rc1) +14 more potentially affected by CVE-2026-22922 via apache-airflow-core (>=3.1.0b1 <=3.1.7)
apache-airflow-core PYPI version =3.1.0b1, =3.1.0b1, =1.6.0rc1, =1.5.3rc1, =1.26.0rc1, =2.0.2rc1, =0.4.0rc1, =1.1.0b1, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-22922 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15267374...
aws-manager (>=0.0.1 <=0.21.2), aws-sdk-manager (>=0.0.0 <=0.0.10) +2 more potentially affected by unknown CVE via aws-sdk-cloudwatchlogs (>=0.10.1 <=0.31.2)
aws-sdk-cloudwatchlogs CARGO version =0.10.1, =0.0.1, =0.0.0, =1.0.0, =1.0.4 - tracing-cloudwatch =0.1.4 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...
@pakasa/duuka-airtel-money-pay (>=0.0.12 <=0.0.16), @pakasa/duuka-checkout (>=0.0.1 <=0.0.9) +9 more potentially affected by CVE-2025-67419 via @evershop/evershop (>=1.0.0-rc.5 <=1.2.2)
@evershop/evershop NPM version =1.0.0-rc.5, =0.0.12, =0.0.1, =0.0.5, =0.0.1, =1.0.0, =0.0.2, =0.0.2, =0.0.4, =0.1.2, =1.1.0 Source cves: CVE-2025-67419 Source advisory: OSV:GHSA-M2Q5-XHQG-92R2...
balify (=0.0.2), cognee (>=0.1.15 <=0.5.2.dev0) +45 more potentially affected by CVE-2025-68481 via fastapi-users (>=10.2.1 <=14.0.2)
fastapi-users PYPI version =10.2.1, =0.1.15, =0.1.2, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.2.1 - cognee-community-vector-adapter-redis =0.1.0 - cognee-community-vector-adapter-valkey =0.1.1 - cognee-community-vector-adapter-weaviate =0.1.0 and more Source cves: CVE-2025-68481 Source advisory...
@asyncapi-actions-test/trusted-publishing-test_asyncapi-cli (>=4.1.3 <=5.4.0), @asyncapi/cli (>=5.0.1 <=6.0.2) +2 more potentially affected by unknown CVE via @asyncapi/modelina-cli (=5.10.1)
@asyncapi/modelina-cli NPM version =5.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/modelina-cli and may be impacted: - @asyncapi-actions-test/trusted-publishing-testasyncapi-cli =4.1.3, =5.0.1, =1.4.14, =1.4.50 -...
Ubuntu: Security Advisory (USN-7874-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
org.apache.inlong:manager-client (>=1.3.0 <=2.1.0), org.apache.inlong:manager-client-examples (>=1.3.0 <=2.1.0) +2 more potentially affected by CVE-2025-27522 via org.apache.inlong:manager-pojo (>=1.13.0 <=2.1.0)
org.apache.inlong:manager-pojo MAVEN version =1.13.0, =1.3.0, =1.3.0, =1.3.0, =1.13.0, =2.1.0 Source cves: CVE-2025-27522 Source advisory: OSV:GHSA-R324-VGR5-73C9...
ansible (>=10.0.0a1 <=10.7.0), ansible-playbook-grapher (>=2.3.0 <=2.5.0) +26 more potentially affected by CVE-2024-11079 via ansible-core (>=2.17.14 <=2.17.7)
ansible-core PYPI version =2.17.14, =10.0.0a1, =2.3.0, =0.2.1, =2.1.1b1, =4.1.0, =0.1.0, =10.0.0, =0.1.0, =1.3.3, =17.0.0, =0.1.0a0, =19.0.0, =20.5.1, =21.2.7 and more Source cves: CVE-2024-11079 Source advisory: OSV:GHSA-99W6-3XPH-CX78...
llm-toys (=0.1.1), tcbench (>=0.0.20 <=0.0.22) +1 more potentially affected by CVE-2024-6578 via aim (>=3.17.4 <=3.19.3)
aim PYPI version =3.17.4, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-6578 Source advisory: OSV:GHSA-P9F2-JG9W-CX69...
Security Bulletin: There are vulnerabilities in Golang related packages that are shipped with IBM CICS TX Advanced (CVE-2023-45285 and CVE-2023-39326).
Summary There are vulnerabilities in Golang related packages that are shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2023-39326 DESCRIPTION: Golang Go could allow a remote attacker to obtain...
org.apache.pulsar:pulsar-broker-auth-athenz (>=3.1.0 <=3.1.2), org.apache.pulsar:pulsar-broker-auth-sasl (>=3.1.0 <=3.1.2) +2 more potentially affected by CVE-2024-28098 via org.apache.pulsar:pulsar-broker (>=3.1.0 <=3.1.2)
org.apache.pulsar:pulsar-broker MAVEN version =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.2 Source cves: CVE-2024-28098 Source advisory: OSV:GHSA-G627-R579-RW35...
edu.gemini:gsp-graphql-circe_native0.4_2.13 (>=0.13.0 <=0.14.0), edu.gemini:gsp-graphql-generic_native0.4_2.13 (>=0.13.0 <=0.14.0) +2 more potentially affected by CVE-2023-50730 via edu.gemini:gsp-graphql-core_native0.4_2.13 (>=0.13.0 <=0.14.0)
edu.gemini:gsp-graphql-corenative0.42.13 MAVEN version =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.13.0, =0.14.0 Source cves: CVE-2023-50730 Source advisory: OSV:GHSA-G56X-7J6W-G8R8...