@cooperco/nuxt-layer-quasar (=1.0.5), @imaginario27/air-ui-utils (>=1.0.4 <=1.0.7) +7 more potentially affected by CVE-2026-45669 via nuxt (>=4.0.0-rc.0 <=4.2.0)

nuxt NPM version =4.0.0-rc.0, =1.0.4, =0.0.1, =1.0.0, =1.1.0, =0.5.0, =0.1.8, =0.1.15 Source cves: CVE-2026-45669 Source advisory: OSV:GHSA-FX6J-W5W5-H468...

@antv/gi-assets-advance (>=1.0.0 <=2.5.22), @antv/gi-assets-algorithm (>=2.0.1 <=2.3.19) +12 more potentially affected by unknown CVE via @antv/gi-common-components (>=1.1.1 <=1.3.9)

@antv/gi-common-components NPM version =1.1.1, =1.0.0, =2.0.1, =1.0.0, =1.1.1, =2.0.5, =1.0.1, =1.0.1, =2.0.1, =2.0.1, =2.0.2, =0.1.0, =0.1.0, =2.0.1, =0.6.30, =0.6.43 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4012...

@action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5), @agentlab/ldkg-ui-charts (>=0.1.4 <=0.1.7) +171 more potentially affected by unknown CVE via @antv/xflow-hook (>=1.0.0 <=1.1.52)

@antv/xflow-hook NPM version =1.0.0, =0.1.1, =0.1.4, =1.1.15, =0.1.0, =1.3.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =0.0.0, =1.0.0, =1.0.0, =0.2.0, =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4122...

@antv/g-canvas (>=2.0.0 <=2.0.52), @antv/g-canvaskit (>=1.0.0 <=1.0.51) +11 more potentially affected by unknown CVE via @antv/g-plugin-dom-interaction (>=2.0.0 <=2.1.9)

@antv/g-plugin-dom-interaction NPM version =2.0.0, =2.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.56 - @antv/g6 =5.0.46 - @antv/g6-extension-3d =0.1.20 - @antv/s2 =2.4.12-alpha.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3942...

@0fan/designable-flow (>=0.0.5 <=0.1.2), @171h/x6 (=2.12.0) +191 more potentially affected by unknown CVE via @antv/x6-common (>=2.0.17 <=2.0.6-beta.18)

@antv/x6-common NPM version =2.0.17, =0.0.5, =1.0.0, =2.0.0, =2.0.2-beta.0, =2.0.1-beta.5, =2.0.1, =0.0.1, =0.0.1, =0.0.3, =0.6.1, =1.0.0, =0.0.2, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-4099...

9gen (>=0.0.23 <=0.1.1), @1sat/connect (>=0.0.15 <=0.0.58) +720 more potentially affected by unknown CVE via better-auth (>=1.0.0-canary.10 <=1.6.10)

better-auth NPM version =1.0.0-canary.10, =0.0.23, =0.0.15, =0.0.16, =0.0.1, =0.260505.5, =1.0.0, =0.6.1, =0.0.13, =0.3.3, =0.2.0, =0.0.110, =0.0.110, =0.1.41, =0.0.110, =2.0.0-beta.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-BETTERAUTH-16722768...

openwebui-token-tracking (>=0.1.7 <=0.1.10), sillikalm (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-45351 via open-webui (>=0.6.0 <=0.8.8)

open-webui PYPI version =0.6.0, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-45351 Source advisory: SNYK:PYTHON-OPENWEBUI-16725387...

@tanstack/react-start (>=1.142.11 <=1.161.3), @tanstack/react-start-client (>=1.142.11 <=1.161.3) +11 more potentially affected by unknown CVE via @tanstack/start-fn-stubs (>=1.142.9 <=1.154.7)

@tanstack/start-fn-stubs NPM version =1.142.9, =1.142.11, =1.142.11, =1.142.11, =1.142.11, =1.142.9, =1.142.11, =1.142.9, =1.142.11, =1.142.11, =1.142.10, =1.142.11, =1.142.9, =1.142.11, =1.161.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3488...

@dxs-ts/eveli-ide (>=0.0.114 <=0.0.115), @genesisailab/admin-package (=0.0.1) +6 more potentially affected by CVE-2026-45321 via @tanstack/router-vite-plugin (=1.166.50)

@tanstack/router-vite-plugin NPM version =1.166.50 is affected by a known vulnerability. The following packages have a transitive dependency on @tanstack/router-vite-plugin and may be impacted: - @dxs-ts/eveli-ide =0.0.114, =0.0.1, =0.19.0, =0.22.13, =1.39.1, =1.39.3 - ezux-showcase =1.1.15 -...

@better-auth/cli (>=1.5.0-beta.10 <=1.5.0-beta.13), @onmax/nuxt-better-auth (>=0.0.2-alpha.14 <=0.0.2-alpha.31) +2 more potentially affected by CVE-2026-45364 via better-auth (>=1.5.0-beta.10 <=1.5.0-beta.20)

better-auth NPM version =1.5.0-beta.10, =1.5.0-beta.10, =0.0.2-alpha.14, =1.5.0-beta.15, =0.0.2-beta.19, =0.0.10-beta.25 Source cves: CVE-2026-45364 Source advisory: SNYK:JS-BETTERAUTH-16722787...

openwebui-token-tracking (>=0.1.7 <=0.1.10), sillikalm (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-44560 via open-webui (>=0.6.0 <=0.8.8)

open-webui PYPI version =0.6.0, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-44560 Source advisory: SNYK:PYTHON-OPENWEBUI-16599160...

openwebui-token-tracking (>=0.1.7 <=0.1.10), sillikalm (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-44561 via open-webui (>=0.6.0 <=0.8.8)

open-webui PYPI version =0.6.0, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-44561 Source advisory: SNYK:PYTHON-OPENWEBUI-16599161...

279map-backend-common (>=0.1.2 <=0.33.1), @112dev/phunt-cli (>=1.0.0-beta.0 <=1.0.0-beta.2) +102 more potentially affected by CVE-2026-8814 via exifreader (>=4.13.2 <=4.38.1)

exifreader NPM version =4.13.2, =0.1.2, =1.0.0-beta.0, =1.0.0-beta.0, =0.0.5, =0.1.0, =1.0.1, =0.1.0, =0.10.0, =1.18.1, =1.0.2, =2.0.0, =0.1.0, =0.1.0-rc2 and more Source cves: CVE-2026-8814 Source advisory: SNYK:JS-EXIFREADER-16689340...

@3kles/3kles-coremongodb (>=1.2.3 <=1.3.1), @3kles/storagebox-common (=1.0.3) +213 more potentially affected by CVE-2026-42334 via mongoose (>=6.0.1 <=6.13.8)

mongoose NPM version =6.0.1, =1.2.3, =0.0.1, =0.0.1, =0.1.0, =0.1.0, =0.0.5, =1.12.3, =0.5.0, =0.6.1 - @bonio-tw/casbin-mongoose-adapter =1.0.13-rc2 - @brontosaurus/db =3.24.0 - @brontosaurus/init =1.0.0 and more Source cves: CVE-2026-42334 Source advisory: SNYK:JS-MONGOOSE-16425765...

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-42230 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-42230 Source advisory: OSV:GHSA-F6X8-65Q6-J9M9...

companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3), corporateai (=2026.328.0-canary.0) +3 more potentially affected by unknown CVE via @paperclipai/server (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/server NPM version =2026.318.0-canary.0, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: unknown CVE Source advisory: SNYK:JS-PAPERCLIPAISERVER-16421450...

airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +37 more potentially affected by CVE-2026-31987 via apache-airflow-core (>=3.0.0 <=3.2.0b1)

apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0a1, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =3.12.0rc1 and more Source cves: CVE-2026-31987 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-16094667...

weblate-fedora-messaging (>=0.1.0 <=0.12.0), wlhosted (>=2024.11.0 <=2025.1.0) potentially affected by CVE-2026-39845 via weblate (>=5.12.2 <=5.16.2)

weblate PYPI version =5.12.2, =0.1.0, =2024.11.0, =2025.1.0 Source cves: CVE-2026-39845 Source advisory: OSV:PYSEC-2026-156...

weblate-fedora-messaging (>=0.1.0 <=0.12.0), wlhosted (>=2024.11.0 <=2025.1.0) potentially affected by CVE-2026-33214 via weblate (>=5.12.2 <=5.16.2)

weblate PYPI version =5.12.2, =0.1.0, =2024.11.0, =2025.1.0 Source cves: CVE-2026-33214 Source advisory: OSV:PYSEC-2026-152...

org.bouncycastle:bcjmail-debug-jdk15to18 (>=1.81 <=1.83), org.bouncycastle:bcmail-debug-jdk15to18 (>=1.81 <=1.83) +4 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk15to18 (>=1.81 <=1.83)

org.bouncycastle:bcprov-debug-jdk15to18 MAVEN version =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075262...