@activepieces/piece-google-gemini (=0.1.6), @activepieces/piece-google-vertexai (=0.1.2) +9 more potentially affected by CVE-2026-33750 via brace-expansion (>=2.0.0 <=2.0.2)

brace-expansion NPM version =2.0.0, =0.2.1, =1.16.0, =1.0.1, =0.0.20, =15.0.0 - fluid-webdriver =1.1.2 - nx-cargo =1.0.0-alpha.2 Source cves: CVE-2026-33750 Source advisory: SNYK:JS-BRACEEXPANSION-15789759...

CVE-2026-0994 vulnerabilities

Vulnerabilities for packages: semgrep, mitmproxy, py3-vllm-cuda-12.4, tensorflow-cpu-jupyter, airflow, apache-beam-python-3.11-sdk, nemo, py3-cassandra-medusa, awx, metaflow-service, dbt-core, py3-protobuf, spamcheck, datadog-agent-fips, label-studio, litellm, open-webui, ghidra,...

Ubuntu: Security Advisory (USN-7966-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-9R64-3WMC-X8M8 Apache Airflow Providers Snowflake package allows for Special Element Injection via CopyFromExternalStageToSnowflakeOperator

Failure to Sanitize Special Elements into a Different Plane Special Element Injection vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added...