@aurora-nexus/aurora-nexus-design-system (=0.2.0), @fireproof/core-protocols-dashboard (>=0.24.3-dev-20261224 <=0.24.12) +6 more potentially affected by CVE-2026-42349 via @clerk/shared (>=3.36.0 <=3.45.1)

@clerk/shared NPM version =3.36.0, =0.24.3-dev-20261224, =0.24.3-dev-20261224, =0.24.3-dev-20261224, =0.0.14, =0.18.25-dev, =0.24.3-dev-20261224, =0.18.25-dev, =0.18.28-dev Source cves: CVE-2026-42349 Source advisory: SNYK:JS-CLERKSHARED-16347746...

Sourcegraph 安全漏洞

Sourcegraph is an open source code search and navigation tool from US-based Sourcegraph. A security vulnerability exists in Sourcegraph versions 3.35 and 3.36, which stems from the reintroduction of a previously fixed side-channel vulnerability in the code monitoring feature, in which strings in...