88 matches found
djanjucks (>=0.0.1 <=0.0.3) potentially affected by unknown CVE via slice.js (=1.1.1)
slice.js NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on slice.js and may be impacted: - djanjucks =0.0.1, =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4154...
1byte-react-design (>=1.7.1 <=1.14.0), @agentscope-ai/chat (>=1.1.43 <=1.1.63-beta.1778041790294) +249 more potentially affected by unknown CVE via @antv/g-canvas (>=2.0.0 <=2.2.0)
@antv/g-canvas NPM version =2.0.0, =1.7.1, =1.1.43, =5.0.48, =1.0.1, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =0.5.6, =1.1.0, =1.1.0, =2.0.0, =2.0.0, =2.1.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3911...
@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/ava (>=3.0.0 <=3.6.0-alpha.0) +17 more potentially affected by unknown CVE via @antv/smart-color (=0.2.1)
@antv/smart-color NPM version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/smart-color and may be impacted: - @antv/auto-chart =2.0.0, =3.0.0, =3.0.0, =2.0.0, =5.1.5, =0.1.0, =2.0.4, =1.0.0, =3.4.1-formant, =3.3.2-formant, =0.0.1-lb,...
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airspace-data (>=0.3.2 <=0.5.2)
@squawk/airspace-data NPM version =0.3.2, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3438...
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airspace (>=0.4.1 <=0.8.0)
@squawk/airspace NPM version =0.4.1, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKAIRSPACE-16640892...
@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +24 more potentially affected by unknown CVE via vm2 (>=1.0.1 <=3.10.5)
vm2 NPM version =1.0.1, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =0.7.0, =1.1.0, =0.2.0, =0.0.1, =0.1.64, =0.1.61, =0.1.65 and more Source cves: unknown CVE Source advisory: OSV:GHSA-2CM2-M3W5-GP2F...
endringer (>=0.1.0 <=0.7.1) potentially affected by unknown CVE via gix (=0.0.0)
gix CARGO version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gix and may be impacted: - endringer =0.1.0, =0.7.1 Source cves: unknown CVE Source advisory: OSV:GHSA-FR8X-3VFX-F45H...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +21 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.4.5)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15966965...
@b4uti4gd/tslash (>=1.0.0 <=1.0.1), @bitsnbobs/starch (>=1.4.0 <=2.0.4) +96 more potentially affected by unknown CVE via @chenglou/pretext (>=0.0.2 <=0.0.4)
@chenglou/pretext NPM version =0.0.2, =1.0.0, =1.4.0, =3.1.0, =3.1.0, =3.1.0, =1.3.1, =0.3.0, =1.17.0, =1.13.1, =0.1.0, =1.61.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-CHENGLOUPRETEXT-16321421...
4coders-commons (>=0.0.1 <=0.0.2), @1delta/aggregators (>=0.1.0 <=0.1.6) +2144 more potentially affected by unknown CVE via handlebars (>=4.6.0 <=4.7.8)
handlebars NPM version =4.6.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.0.0, =0.1.0-alpha.1, =3.1.2, =3.1.6, =0.0.1, =0.1.7 and more Source cves: unknown CVE Source advisory: SNYK:JS-HANDLEBARS-15813031...
2mxdev-gql-gateway (=1.0.0), 4m-node-server (>=0.0.1 <=0.0.8) +3178 more potentially affected by unknown CVE via apollo-server-core (>=1.3.2 <=3.9.0)
apollo-server-core NPM version =1.3.2, =0.0.1, =1.0.2, =0.0.80, =3.10.1, =1.2.0-pre.24, =1.0.1, =1.0.0, =1.0.0, =0.5.0, =1.0.0, =0.1.3, =0.0.1, =0.1.1, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: SNYK:JS-APOLLOSERVERCORE-15790567...
pqc-combo (=0.1.0), pqc-fips (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-ml-dsa (=0.0.4)
libcrux-ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-CP57-FQ8G-QH6V...
@aokyra/baileys (=2.0.6), @arceos/baileys (>=10.0.0 <=10.0.4) +77 more potentially affected by unknown CVE via @shennmine/libsignal-node (=0.0.1-security)
@shennmine/libsignal-node NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on @shennmine/libsignal-node and may be impacted: - @aokyra/baileys =2.0.6 - @arceos/baileys =10.0.0, =0.1.1, =2.0.3, =1.0.0, =1.0.0, =1.0.3, =1.0.6,...
@abysslabs/cli (=0.0.2), @brendonovich/solidjs__start (>=0.0.0 <=0.0.3) +52 more potentially affected by unknown CVE via h3 (>=2.0.0-beta.0 <=2.0.1-rc.14)
h3 NPM version =2.0.0-beta.0, =0.0.0, =0.1.25, =0.3.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-H3-15683856...
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +53318 more potentially affected by unknown CVE via hono (>=0.5.10 <=4.12.6)
hono NPM version =0.5.10, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =1.0.0, =0.3.2, =0.1.0, =1.0.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-V8W9-8MX6-G223...
pqc-combo (=0.1.0), pqc-fips (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-ml-dsa (=0.0.4)
libcrux-ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0076...
@cenk1cenk2/renovate-config (>=2.3.132 <=2.3.148), @jamietanna/patch-testing (>=0.1.0 <=0.2.28) +7 more potentially affected by unknown CVE via renovate (>=36.109.4 <=40.21.2)
renovate NPM version =36.109.4, =2.3.132, =0.1.0, =0.14.0, =0.5.0, =0.1.0, =0.1.0, =0.0.1, =0.19.0 - @zotero-chinese/renovate-config =1.0.3 Source cves: unknown CVE Source advisory: SNYK:JS-RENOVATE-14927385...
@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=1.3.4 <=1.4.0-beta.28) +24 more potentially affected by unknown CVE via better-auth (>=1.3.34 <=1.4.0-beta.9)
better-auth NPM version =1.3.34, =1.3.4, =0.18.9, =0.5.2, =0.0.9, =0.0.9, =0.0.9, =0.0.3, =0.0.9, =0.0.8, =0.0.11, =0.0.9, =7.0.9-canary.2, =7.0.9-canary.2, =0.1.8, =0.1.9 and more Source cves: unknown CVE Source advisory: OSV:GHSA-WMJR-V86C-M9JJ...
@oku-ui/accordion (>=0.5.0 <=0.6.1), @oku-ui/alert-dialog (>=0.0.1 <=0.6.1) +13 more potentially affected by unknown CVE via @oku-ui/presence (=0.6.1)
@oku-ui/presence NPM version =0.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on @oku-ui/presence and may be impacted: - @oku-ui/accordion =0.5.0, =0.0.1, =0.4.0, =0.2.3, =0.4.0, =0.4.0, =0.6.0, =0.4.0, =0.0.1, =0.4.0, =0.0.1, =0.4.0, =0.4.0, =0.4.0...
@oku-ui/primitives (>=0.4.0 <=0.6.1) potentially affected by unknown CVE via @oku-ui/switch (=0.6.1)
@oku-ui/switch NPM version =0.6.1 is affected by a known vulnerability. The following packages have a transitive dependency on @oku-ui/switch and may be impacted: - @oku-ui/primitives =0.4.0, =0.6.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191275...