@2nova/wu-ui (>=1.1.0 <=1.1.19), @ada-lc/fusion-materials (>=0.1.1 <=0.1.3) +481 more potentially affected by unknown CVE via @antv/data-set (>=0.10.1 <=0.11.8)

@antv/data-set NPM version =0.10.1, =1.1.0, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.0.0, =0.5.0-alpha.0, =0.1.16, =0.1.1, =1.0.4, =0.0.1, =1.0.2, =1.0.0-alpha.1, =1.0.3, =1.0.3-alpha.3 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3868...

@antv/g-webgpu (>=0.1.0-alpha.0 <=0.4.1), @antv/g-webgpu-core (>=0.1.0-alpha.0 <=0.4.1) +2 more potentially affected by unknown CVE via @antv/g-webgpu-compiler (>=0.1.2 <=0.6.0)

@antv/g-webgpu-compiler NPM version =0.1.2, =0.1.0-alpha.0, =0.1.0-alpha.0, =0.1.0-alpha.0, =0.5.0, =0.6.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3968...

@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airway-data (>=0.3.3 <=0.5.3)

@squawk/airway-data NPM version =0.3.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRWAYDATA-16640895...

jupyter-pgadmin-proxy (>=0.0.1 <=0.0.4) potentially affected by CVE-2026-7813 via pgadmin4 (=9.14.0)

pgadmin4 PYPI version =9.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on pgadmin4 and may be impacted: - jupyter-pgadmin-proxy =0.0.1, =0.0.4 Source cves: CVE-2026-7813 Source advisory: OSV:GHSA-H2X2-Q2MC-24GW...

ch.admin.bit.jeap:jeap-spring-boot-config-starter (>=17.16.0 <=18.5.0), ch.sbb:spring-cloud-stream-binder-solace (>=4.0.0 <=7.4.5) +896 more potentially affected by CVE-2026-40989 via org.springframework.cloud:spring-cloud-function-context (>=4.0.0 <=4.3.2)

org.springframework.cloud:spring-cloud-function-context MAVEN version =4.0.0, =17.16.0, =4.0.0, =1.0.0, =1.0.1, =0.14.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0, =0.15.0-RC2 and more Source cves: CVE-2026-40989 Source advisory:...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2758 more potentially affected by CVE-2026-42585 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-42585 Source advisory: OSV:GHSA-38F8-5428-X5CV...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2758 more potentially affected by CVE-2026-42581 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-42581 Source advisory: SNYK:JAVA-IONETTY-16438934...

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +267 more potentially affected by CVE-2026-42266 via jupyterlab (>=4.0.0 <=4.5.6)

jupyterlab PYPI version =4.0.0, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =4.33.0, =0.6.4, =0.8.0, =1.0.1, =0.1.0, =0.5.0 and more Source cves: CVE-2026-42266 Source advisory: SNYK:PYTHON-JUPYTERLAB-16425771...

tough-kms (>=0.2.0 <=0.5.0), tough-ssm (>=0.5.0 <=0.8.0) +1 more potentially affected by CVE-2026-6966 via tough (>=0.10.0 <=0.1.0)

tough CARGO version =0.10.0, =0.2.0, =0.5.0, =0.1.0, =0.9.0 Source cves: CVE-2026-6966 Source advisory: OSV:GHSA-8M7C-8M39-RV4X...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2758 more potentially affected by CVE-2026-41417 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.1 and more Source cves: CVE-2026-41417 Source advisory: SNYK:JAVA-IONETTY-16425695...

org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-inmemory (=2.0.0-milestone-01), org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend-mongodb (=2.0.0-milestone-01) +8 more potentially affected by CVE-2026-7411 via org.eclipse.digitaltwin.basyx:basyx.http (=2.0.0-milestone-01)

org.eclipse.digitaltwin.basyx:basyx.http MAVEN version =2.0.0-milestone-01 is affected by a known vulnerability. The following packages have a transitive dependency on org.eclipse.digitaltwin.basyx:basyx.http and may be impacted: -...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.10) +19 more potentially affected by CVE-2026-44112 via openclaw (>=2026.3.22 <=2026.4.21)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-44112 Source advisory: SNYK:JS-OPENCLAW-16417710...

@diplodoc/algolia (>=0.1.0 <=0.4.1), @diplodoc/algolia-extension (>=0.4.1 <=0.6.0) +1 more potentially affected by CVE-2026-40201 via @diplodoc/search-extension (=1.2.2)

@diplodoc/search-extension NPM version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on @diplodoc/search-extension and may be impacted: - @diplodoc/algolia =0.1.0, =0.4.1, =0.0.0-rc-add-filemeta-to-boost-testing-202410220924, =5.0.0-alpha-10 Sour...

@budibase/cli (>=3.0.0 <=3.2.26), @budibase/pro (>=3.0.0 <=3.2.26) +2 more potentially affected by CVE-2026-42239 via @budibase/backend-core (>=3.0.0 <=3.2.7)

@budibase/backend-core NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-42239 Source advisory: SNYK:JS-BUDIBASEBACKENDCORE-16318349...

article-extractor (=0.5.8), nscraper (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via justhtml (>=1.13.0 <=1.14.0)

justhtml PYPI version =1.13.0, =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: SNYK:PYTHON-JUSTHTML-16318347...

nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +15 more potentially affected by CVE-2026-34065 via nimiq-primitives (>=0.1.0 <=0.2.0)

nimiq-primitives CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-34065 Source advisory: OSV:GHSA-7C4J-2M43-2MGH...

@ainsleydev/payload-helper (>=0.0.1 <=0.0.2), @bsct/payload (=1.0.0) +97 more potentially affected by CVE-2026-41690 via i18next-http-middleware (>=1.0.4 <=3.9.2)

i18next-http-middleware NPM version =1.0.4, =0.0.1, =1.0.1, =0.0.1, =0.0.1, =0.0.1, =0.1.2, =0.1.1, =8.0.0, =3.0.0, =1.0.0, =1.0.6, =1.0.8 and more Source cves: CVE-2026-41690 Source advisory: OSV:GHSA-5FGG-JCPF-8JJW...

io.fabric8.funktion.connector:connector-infinispan (>=1.1.9 <=1.1.55), io.quarkus:quarkus-camel-infinispan (>=0.11.0 <=0.19.1) +18 more potentially affected by CVE-2026-6857 via org.apache.camel:camel-infinispan (>=2.18.0 <=4.1.0)

org.apache.camel:camel-infinispan MAVEN version =2.18.0, =1.1.9, =0.11.0, =0.13.0, =0.11.0, =0.1.0, =1.0.0, =1.0.0, =4.10.3, =0.0.2, =3.32.0, =3.32.0, =0.0.2, =0.0.2, =3.0.0-M1, =3.0.0-M1, =3.33.1 and more...

@saltcorn/admin-models (>=1.5.0 <=1.5.0-rc.2), @saltcorn/base-plugin (>=1.5.0 <=1.5.0-rc.2) +5 more potentially affected by unknown CVE via @saltcorn/data (>=1.5.0-beta.0 <=1.5.0)

@saltcorn/data NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0-rc.2 Source cves: unknown CVE Source advisory: OSV:GHSA-9237-RG5P-RHFW...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-43533 via openclaw (>=0.0.1 <=2026.4.1)

openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =3.3.2, =3.3.7 Source cves: CVE-2026-43533 Source advisory: OSV:GHSA-66R7-M7XM-V49H...