26517 matches found
@ainsleydev/payload-helper (>=0.0.16 <=0.0.20), @contentql/core (>=0.1.2 <=0.3.5) +2 more potentially affected by CVE-2026-34750 via @payloadcms/storage-s3 (>=3.0.0-beta.111 <=3.0.0-beta.91)
@payloadcms/storage-s3 NPM version =3.0.0-beta.111, =0.0.16, =0.1.2, =0.1.0, =0.1.4, =0.1.5 Source cves: CVE-2026-34750 Source advisory: SNYK:JS-PAYLOADCMSSTORAGES3-15873860...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: OSV:GHSA-JP4J-Q5FC-58GV...
com.newmediaworks:nmw-oss-website (>=1.7.0 <=1.11.0), com.pragmatickm:website (>=1.10.0 <=2.0.0) +102 more potentially affected by CVE-2025-13465 +1 more via org.webjars.npm:lodash (>=4.0.0 <=4.17.5)
org.webjars.npm:lodash MAVEN version =4.0.0, =1.7.0, =1.10.0, =1.11.0, =1.7.0, =1.6.1, =1.11.0, =1.13.0, =1.0, =1.0, =1.0, =1.2.0, =3.5.0, =3.5.0, =3.5.0, =3.12.0 and more Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869623...
4game-support-ckeditor5-custom-build (>=0.0.1 <=0.0.5), 87-midnight-ckeditor5 (>=0.0.3 <=0.0.5) +5462 more potentially affected by CVE-2025-13465 +1 more via lodash-es (>=4.0.0 <=4.18.0)
lodash-es NPM version =4.0.0, =0.0.1, =0.0.3, =0.0.1, =1.0.0, =1.0.0, =2.14.1, =41.3.1, =2.1.0, =0.3.4, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.3.5, =0.7.0, =0.10.2 and more Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JS-LODASHES-15869621...
au.csiro.pathling:encoders (>=8.0.0 <=9.5.0), au.csiro.pathling:fhirpath (>=8.0.0 <=9.5.0) +164 more potentially affected by CVE-2026-34359 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.4.1 <=6.9.3)
ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.4.1, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.2.0, =8.8.1 and more Source cves: CVE-2026-34359 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-15855257...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by unknown CVE via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15813001...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-35628 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-35628 Source advisory: SNYK:JS-OPENCLAW-15797940...
org.webjars.npm:github-com-cisco-node-jose (=2.2.0), org.webjars.npm:google-auth-library (>=1.6.1 <=6.1.6) +7 more potentially affected by CVE-2026-33891 via org.webjars.npm:node-forge (>=0.10.0 <=1.3.3)
org.webjars.npm:node-forge MAVEN version =0.10.0, =1.6.1, =1.0.2, =2.3.2, =1.10.2, =2.1.1 Source cves: CVE-2026-33891 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789770...
pqc-combo (=0.1.0), pqc-fips (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-ml-dsa (=0.0.4)
libcrux-ml-dsa CARGO version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on libcrux-ml-dsa and may be impacted: - pqc-combo =0.1.0 - pqc-fips =0.0.3 - pqc-nostd =0.1.0 Source cves: unknown CVE Source advisory: OSV:GHSA-CP57-FQ8G-QH6V...
org.scala-sbt:sbt (>=0.99.2 <=1.0.0-M4), org.scala-sbt:scripted-plugin_2.10 (>=0.99.2 <=1.0.0-M4) +1 more potentially affected by CVE-2026-32948 via org.scala-sbt:main_2.11 (>=0.99.2 <=1.0.0-M4)
org.scala-sbt:main2.11 MAVEN version =0.99.2, =0.99.2, =0.99.2, =0.99.2, =1.0.0-M4 Source cves: CVE-2026-32948 Source advisory: SNYK:JAVA-ORGSCALASBT-15763414...
org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC2), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC2) +3 more potentially affected by CVE-2026-22739 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.1)
org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-22739 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-15762281...
@2digits/tlo-mcp (>=0.1.0 <=0.1.10), @6qat/tcp-connection (>=0.2.6 <=0.2.9) +849 more potentially affected by CVE-2026-32887 via effect (>=2.0.0-next.10 <=3.1.6)
effect NPM version =2.0.0-next.10, =0.1.0, =0.2.6, =1.0.0, =0.1.0-alpha.1, =0.0.1, =0.1.0-alpha.1, =0.0.1, =0.0.5, =0.0.1, =0.1.0, =0.2.1, =0.4.2 - @arvkonstantin/framework-provider-local-pg =3.4.3 - @awstin/effect-zero-v3 =0.1.0 and more Source cves: CVE-2026-32887 Source advisory:...
IMAPServer (=0.1.0), NeteaseCloudMusicRustApi (=0.1.1) +1946 more potentially affected by unknown CVE via tokio-udp (>=0.1.0 <=0.2.0-alpha.1)
tokio-udp CARGO version =0.1.0, =0.1.0, =0.2.0, =0.5.3, =0.2.1, =0.1.0, =0.4.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 - actix-cors =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0064...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10067 more potentially affected by CVE-2026-22737 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.16)
org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22737 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-15701845...
@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +398 more potentially affected by CVE-2026-1527 via undici (>=7.0.0 <=7.22.0)
undici NPM version =7.0.0, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.1, =0.0.2, =0.1.0, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =0.5.0, =1.0.1, =2.8.7 and more Source cves: CVE-2026-1527 Source advisory: OSV:GHSA-4992-7RV2-5PVQ...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-32302 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-32302 Source advisory: OSV:GHSA-5WCW-8JJV-M286...
lightrft (=0.1.0), rl-square (=0.0.1.post1) potentially affected by CVE-2026-3989 via sglang (>=0.4.5 <=0.4.6.post5)
sglang PYPI version =0.4.5, =0.4.6.post5 is affected by a known vulnerability. The following packages have a transitive dependency on sglang and may be impacted: - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3989 Source advisory: OSV:GHSA-HVWJ-8W5G-28RG...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15443477...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15443481...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15443478...
com.efluid.oss:efluid-datagate-app (>=3.1.3 <=6.1.5), com.efluid.oss:efluid-datagate-app-cucumber (>=3.1.3 <=6.1.5) +5 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=5.0.1 <=5.7.8)
org.pac4j:pac4j-jwt MAVEN version =5.0.1, =3.1.3, =3.1.3, =0.8.0, =0.8.0, =2.0.6, =2.2.1, =2.0.6, =2.1.0 Source cves: CVE-2026-29000 Source advisory: OSV:GHSA-PM7G-W2CF-Q238...
vantuz (>=3.3.2 <=3.3.7) potentially affected by unknown CVE via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: unknown CVE Source advisory: OSV:GHSA-PFV7-RR5M-QMV6...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-22168 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-22168 Source advisory: OSV:GHSA-5V6X-RFC3-7QFR...
@dyyxyzz/baileys-mod (>=6.0.32 <=6.0.54) potentially affected by unknown CVE via @daffadeveloper/libsignal-node (=0.0.1-security)
@daffadeveloper/libsignal-node NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on @daffadeveloper/libsignal-node and may be impacted: - @dyyxyzz/baileys-mod =6.0.32, =6.0.54 Source cves: unknown CVE Source advisory:...
@graphql-mesh/plugin-rate-limit (>=0.2.23 <=1.0.0-alpha-20230524103718-9e72bdbec), @graphql-mesh/plugin-snapshot (>=0.1.24 <=1.0.0-alpha-20230524103718-9e72bdbec) +13 more potentially affected by CVE-2026-27903 via minimatch (>=8.0.2 <=8.0.4)
minimatch NPM version =8.0.2, =0.2.23, =0.1.24, =0.15.24, =2.0.0-beta.0, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =0.42.1, =1.6.0, =1.4.1, =1.4.4 Source cves: CVE-2026-27903 Source advisory: OSV:GHSA-7R86-CG39-JMMJ...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-56351 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-56351 Source advisory: OSV:GHSA-F3F2-MCXC-PWJX...
@klardaten/n8n-nodes-datevconnect (>=1.0.1 <=1.0.2), @n8n/ai-workflow-builder (>=0.2.0 <=0.33.2) +18 more potentially affected by CVE-2026-27498 via @n8n/config (>=1.15.0 <=1.65.1)
@n8n/config NPM version =1.15.0, =1.0.1, =0.2.0, =0.33.0, =0.26.0, =0.34.0, =1.3.0, =0.23.8, =1.51.0, =1.65.0, =1.65.0, =1.0.1, =0.3.3, =0.1.3, =0.2.0, =0.2.0, =4.1.23 and more Source cves: CVE-2026-27498 Source advisory: SNYK:JS-N8NCONFIG-15357607...
vantuz (>=3.3.2 <=3.3.7) potentially affected by unknown CVE via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: unknown CVE Source advisory: OSV:GHSA-56F2-HVWG-5743...
@cubejs-backend-json-clone/server (=1.0.0), @cubejs-backend/server (>=0.3.1 <=1.0.13) +4 more potentially affected by CVE-2026-25958 via @cubejs-backend/server-core (>=0.27.53 <=1.0.13)
@cubejs-backend/server-core NPM version =0.27.53, =0.3.1, =0.3.1, =0.8.0, =0.8.0, =0.32.28, =1.0.13 Source cves: CVE-2026-25958 Source advisory: OSV:GHSA-V226-32C7-X2V7...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-25881 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-25881 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15253532...
@nelluriramu/oegesbot (=1.0.0) potentially affected by CVE-2026-25651 via client-certificate-auth (=0.3.0)
client-certificate-auth NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on client-certificate-auth and may be impacted: - @nelluriramu/oegesbot =1.0.0 Source cves: CVE-2026-25651 Source advisory: OSV:GHSA-M4W9-GCH5-C2G4...
@kimuson/claude-code-viewer (>=0.4.2 <=0.5.9), @netlify/agent-runner-cli (>=1.0.0-broken <=1.58.3) +15 more potentially affected by CVE-2026-24887 via @anthropic-ai/claude-code (>=2.0.0 <=2.0.69)
@anthropic-ai/claude-code NPM version =2.0.0, =0.4.2, =1.0.0-broken, =0.0.1-rc.1, =0.12.0, =0.5.2, =0.12.1, =0.0.0, =0.1.2, =0.11.1, =0.11.0, =1.0.0, =1.2.1 and more Source cves: CVE-2026-24887 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15202067...
aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1287 via django (>=4.2.0 <=4.2.27)
django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1287 Source advisory: OSV:PYSEC-2026-46...
org.webjars.npm:solid-js (=1.9.5) potentially affected by CVE-2026-23736 via org.webjars.npm:seroval (=1.2.1)
org.webjars.npm:seroval MAVEN version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:seroval and may be impacted: - org.webjars.npm:solid-js =1.9.5 Source cves: CVE-2026-23736 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15054524...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69225 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69225 Source advisory: SNYK:PYTHON-AIOHTTP-14871929...
@pakasa/duuka-airtel-money-pay (>=0.0.12 <=0.0.16), @pakasa/duuka-checkout (>=0.0.1 <=0.0.9) +9 more potentially affected by CVE-2025-67419 via @evershop/evershop (>=1.0.0-rc.5 <=1.2.2)
@evershop/evershop NPM version =1.0.0-rc.5, =0.0.12, =0.0.1, =0.0.5, =0.0.1, =1.0.0, =0.0.2, =0.0.2, =0.0.4, =0.1.2, =1.1.0 Source cves: CVE-2025-67419 Source advisory: OSV:GHSA-M2Q5-XHQG-92R2...
lunarbase-pmm-math (>=0.1.0 <=0.2.4), ruint-macro (=0.1.1) +5 more potentially affected by unknown CVE via ruint (>=0.1.0 <=1.16.0)
ruint CARGO version =0.1.0, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.3.0, =0.1.0, =0.5.1 Source cves: unknown CVE Source advisory: OSV:GHSA-9FJQ-45QV-PCM7...
@fedify/botkit (>=0.3.0-dev.125 <=0.3.0-dev.131) potentially affected by CVE-2025-68475 via @fedify/fedify (=1.8.1-dev.1262)
@fedify/fedify NPM version =1.8.1-dev.1262 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.3.0-dev.125, =0.3.0-dev.131 Source cves: CVE-2025-68475 Source advisory: SNYK:JS-FEDIFYFEDIFY-14552161...
altcha-solver (=1.0.2) potentially affected by CVE-2025-68113 via altcha-lib (=0.3.0)
altcha-lib NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on altcha-lib and may be impacted: - altcha-solver =1.0.2 Source cves: CVE-2025-68113 Source advisory: OSV:GHSA-6GVQ-JCMP-8959...
absio (>=2.6.3 <=2.6.5), aioshadowsocks (>=0.1.1 <=0.1.8) +169 more potentially affected by unknown CVE via peewee (>=3.10.0 <=3.18.2)
peewee PYPI version =3.10.0, =2.6.3, =0.1.1, =2.1.0, =1.1.0, =0.4.6, =0.4.1.post1, =2.0.0, =1.0.1, =1.0.0, =1.8.5, =0.3.2, =0.2.0, =0.2.6, =0.1.0, =0.2.2 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-PEEWEE-14157229...
@cycle-mega-driver/database (>=0.2.1 <=0.3.2), @fluidnotions/rx-pouch (>=0.6.7 <=0.6.8) +2 more potentially affected by unknown CVE via flatten-unflatten (=1.0.0)
flatten-unflatten NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on flatten-unflatten and may be impacted: - @cycle-mega-driver/database =0.2.1, =0.6.7, =1.0.0, =0.3.0, =0.6.9 Source cves: unknown CVE Source advisory:...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)
gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...
@authsome/adapter-clerk (>=0.1.1 <=0.1.12), @billyjacoby/clerk-react-native (>=1.0.0 <=1.0.4) +51 more potentially affected by CVE-2025-63700 via @clerk/clerk-js (>=1.35.1 <=5.85.0)
@clerk/clerk-js NPM version =1.35.1, =0.1.1, =1.0.0, =1.0.16, =1.0.1, =0.2.0, =0.0.1, =2.19.0, =0.1.0, =0.24.2-dev-clerk, =0.24.2-dev-clerk, =0.24.3-dev-ensure-cloud-token-6, =0.0.0, =0.0.5, =0.0.21 and more Source cves: CVE-2025-63700 Source advisory: OSV:GHSA-3MM3-WFPV-Q85G...
siddheshtea (=1.1.6) potentially affected by unknown CVE via ruji-36 (=1.0.0)
ruji-36 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ruji-36 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-165262...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala7 (=1.0.0)
nokire-nakala7 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala7 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163025...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala3 (=1.0.0)
nokire-nakala3 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala3 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-162982...
create-bamboo (>=1.0.1 <=1.0.2) potentially affected by unknown CVE via bamboo-init (=1.0.7)
bamboo-init NPM version =1.0.7 is affected by a known vulnerability. The following packages have a transitive dependency on bamboo-init and may be impacted: - create-bamboo =1.0.1, =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-50934...
@aweto-agent/cli (>=1.7.2 <=1.8.0), @aweto-agent/core (>=1.7.1 <=1.8.0) +42 more potentially affected by unknown CVE via hono (>=4.0.0 <=4.10.2)
hono NPM version =4.0.0, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =4.0.0-alpha.28, =0.1.0, =0.75.0, =0.18.2, =0.2.25, =0.1.0, =1.1.0, =0.1.0, =0.3.2 and more Source cves: unknown CVE Source advisory: SNYK:JS-HONO-13720736...
@certd/commercial-core (>=1.25.9 <=1.41.2), @certd/lib-server (>=1.36.25 <=1.41.2) +32 more potentially affected by CVE-2025-62595 +1 more via koa (=2.16.2)
koa NPM version =2.16.2 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @certd/commercial-core =1.25.9, =1.36.25, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.19.3, =3.20.11,...
@amoscmc/dummy-package (>=1.3.1 <=1.3.3), @bitrefill/airfill-widget (>=4.2.2 <=4.8.3) +88 more potentially affected by CVE-2025-57318 via csvjson (>=1.0.5 <=5.1.0)
csvjson NPM version =1.0.5, =1.3.1, =4.2.2, =1.0.0, =1.0.6, =1.0.93, =0.0.4, =0.1.0, =0.5.1, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =1.1.1 and more Source cves: CVE-2025-57318 Source advisory: SNYK:JS-CSVJSON-13110014...