@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/navaids (>=0.2.4 <=0.4.1)

@squawk/navaids NPM version =0.2.4, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: SNYK:JS-SQUAWKNAVAIDS-16640884...

EUVD-2026-25663

A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management Plane. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The project was informed o...

@activepieces/piece-ai (>=0.3.1 <=0.3.4), @aikotools/repo-maintenance (>=1.0.2 <=1.7.0) +260 more potentially affected by CVE-2026-39406 via @hono/node-server (>=0.2.4 <=1.19.12)

@hono/node-server NPM version =0.2.4, =0.3.1, =1.0.2, =1.0.25-beta.0, =0.0.1, =0.29.3, =0.36.0, =0.0.1, =0.0.1-experimental.1, =0.0.3, =1.0.1, =1.3.2, =0.2.305, =1.0.0 - @bojanrajkovic/mcp-paprika =1.1.0 and more Source cves: CVE-2026-39406 Source advisory: OSV:GHSA-92PP-H63X-V22M...

abstra (>=1.8.8 <=2.5.1), clay (>=3.0.0 <=4.0.0) +19 more potentially affected by CVE-2026-28356 via multipart (>=0.2.4 <=1.2.1)

multipart PYPI version =0.2.4, =1.8.8, =3.0.0, =4.5.0b3, =0.3.11, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =0.1.0, =1.0.0, =0.1.3, =1.1.44 and more Source cves: CVE-2026-28356 Source advisory: OSV:GHSA-P2M9-WCP5-6QW3...

Peppermint Security Vulnerabilities

Peppermint is an open source ticket management system from Peppermint Labs. A security vulnerability exists in Peppermint Ticket Management version 0.2.4 and earlier versions. A remote attacker can exploit this vulnerability to read an arbitrary file via a...

app.js (>=0.0.1 <=0.0.21), attester (>=1.0.2 <=1.2.1) +37 more potentially affected by CVE-2017-16086 via ua-parser (>=0.2.4 <=0.3.5)

ua-parser NPM version =0.2.4, =0.0.1, =1.0.2, =2.2.2, =1.0.0, =0.1.0, =0.0.1, =0.0.5, =0.0.2, =0.2.2, =0.2.16 and more Source cves: CVE-2017-16086 Source advisory: OSV:GHSA-PMG9-P9R2-6Q87...