26517 matches found
01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +2532 more potentially affected by CVE-2025-66019 via pypdf (>=3.10.0 <=6.3.0)
pypdf PYPI version =3.10.0, =0.0.5, =0.1.0, =0.0.1, =0.2.0, =0.4.0, =0.3.0, =0.3.0, =0.1.1, =0.1.0, =0.0.2, =0.2.0, =1.2.27, =3.0.145 and more Source cves: CVE-2025-66019 Source advisory: OSV:GHSA-M449-CWJH-6PW7...
@amorist/gatsby-theme-antd (=1.0.0), @antv/f2-site (>=4.0.0-4.0.0-alpha.3.0 <=5.0.1-beta.0) +16 more potentially affected by unknown CVE via gatsby-plugin-cname (=1.0.0)
gatsby-plugin-cname NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on gatsby-plugin-cname and may be impacted: - @amorist/gatsby-theme-antd =1.0.0 - @antv/f2-site =4.0.0-4.0.0-alpha.3.0, =0.9.81, =1.0.0, =1.1.18-beta.0, =0.0.1, =0.0.4,...
0pflow (>=0.1.0-dev.0de2bc6 <=0.1.0-dev.f5622ac), @adhisang/minecraft-modding-mcp (=1.0.0) +20 more potentially affected by unknown CVE via mcp-use (>=1.0.0 <=1.4.1)
mcp-use NPM version =1.0.0, =0.1.0-dev.0de2bc6, =1.0.0, =0.2.0, =2.0.3, =0.2.2, =0.0.1, =0.9.2, =0.3.0, =1.0.1, =1.14.0 - ask262 =0.0.15 - chrome-devtools-cli =1.0.0 - mcp-marketers =3.0.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-MCPUSE-14103656...
@authsome/adapter-clerk (>=0.1.1 <=0.1.12), @billyjacoby/clerk-react-native (>=1.0.0 <=1.0.4) +51 more potentially affected by CVE-2025-63700 via @clerk/clerk-js (>=1.35.1 <=5.85.0)
@clerk/clerk-js NPM version =1.35.1, =0.1.1, =1.0.0, =1.0.16, =1.0.1, =0.2.0, =0.0.1, =2.19.0, =0.1.0, =0.24.2-dev-clerk, =0.24.2-dev-clerk, =0.24.3-dev-ensure-cloud-token-6, =0.0.0, =0.0.5, =0.0.21 and more Source cves: CVE-2025-63700 Source advisory: OSV:GHSA-3MM3-WFPV-Q85G...
1-mutfru-muytio (=1.0.0), 12-mutfru-muytio (=1.0.0) +19562 more potentially affected by unknown CVE via nitroteh (=1.1.4)
nitroteh NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on nitroteh and may be impacted: - 1-mutfru-muytio =1.0.0 - 12-mutfru-muytio =1.0.0 - @mipta1/miftah19repo =1.0.0 - @mipta19/nitroteh =1.1.4 - @miptaa02/jiss =1.1.4 - aabi-alfi-av...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nudela-rahafheg-ga (=1.0.0)
nudela-rahafheg-ga NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nudela-rahafheg-ga and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163828...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala78 (=1.0.0)
nokire-nakala78 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala78 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163034...
siddheshtea (=1.1.6) potentially affected by unknown CVE via muklis-30 (=1.0.0)
muklis-30 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on muklis-30 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-160815...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nudel-rae-naha (=1.0.0)
nudel-rae-naha NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nudel-rae-naha and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163699...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nuilava-dakgrae-naha (=1.0.0)
nuilava-dakgrae-naha NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nuilava-dakgrae-naha and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163874...
siddheshtea (=1.1.6) potentially affected by unknown CVE via ruji-31 (=1.0.0)
ruji-31 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ruji-31 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-165257...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala7 (=1.0.0)
nokire-nakala7 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala7 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163025...
siddheshtea (=1.1.6) potentially affected by unknown CVE via makan-aiuga-fia (=1.0.0)
makan-aiuga-fia NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on makan-aiuga-fia and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-159207...
siddheshtea (=1.1.6) potentially affected by unknown CVE via nokire-nakala55 (=1.0.0)
nokire-nakala55 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on nokire-nakala55 and may be impacted: - siddheshtea =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-163009...
acamar-aether-bunyan-postgres (=1.2.4), acamar-chai-command-inquirer (=1.2.4) +1002 more potentially affected by unknown CVE via teaphahitqq (=1.2.4)
teaphahitqq NPM version =1.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on teaphahitqq and may be impacted: - acamar-aether-bunyan-postgres =1.2.4 - acamar-chai-command-inquirer =1.2.4 - acamar-link-backend-miranda =1.2.4 - acamar-perseus-leda-cors...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2025-62726 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2025-62726 Source advisory: OSV:GHSA-XGP7-7QJQ-VG47...
a2grunnerp (>=0.1.0 <=0.1.8), a62-emotion (>=0.9.2 <=0.11.4) +1265 more potentially affected by CVE-2025-12058 via keras (>=1.2.1 <=3.11.3)
keras PYPI version =1.2.1, =0.1.0, =0.9.2, =1.0.1, =0.1.0, =1.1.2, =0.0.8, =0.0.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2025-12058 Source advisory: OSV:GHSA-MQ84-HJQX-CWF2...
ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +4384 more potentially affected by CVE-2025-11965 via io.vertx:vertx-web (>=4.0.0-milestone1 <=4.5.21)
io.vertx:vertx-web MAVEN version =4.0.0-milestone1, =0.0.86, =0.0.86, =0.0.86, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =22.9.0, =25.3.10 and more Sou...
aiosftp (>=0.0.1 <=0.3.1), apt-mirror (>=1.0.0 <=16.0.0) +12 more potentially affected by unknown CVE via aioftp (>=0.16.0 <=0.26.2)
aioftp PYPI version =0.16.0, =0.0.1, =1.0.0, =0.1.2, =1.1.0b78, =5.5.1, =0.0.0, =0.10.0, =0.6.0, =0.1.0, =0.1.0, =0.6.1, =0.5.8, =1.0.0b2, =1.0.0b3 Source cves: unknown CVE Source advisory: SNYK:PYTHON-AIOFTP-13304441...
aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1463 more potentially affected by CVE-2025-59681 via django (>=5.2.0 <=5.2.6)
django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-59681 Source advisory: OSV:PYSEC-2025-106...
@revisium/admin (>=1.4.0 <=2.0.0) potentially affected by CVE-2025-59845 via @apollo/sandbox (=2.7.1)
@apollo/sandbox NPM version =2.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on @apollo/sandbox and may be impacted: - @revisium/admin =1.4.0, =2.0.0 Source cves: CVE-2025-59845 Source advisory: OSV:GHSA-W87V-7W53-WWXV...
01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25613 more potentially affected by CVE-2025-55558 via torch (>=1.0.0 <=2.7.0)
torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.16 - a1facts =0.2.6 and more Source cves: CVE-2025-55558 Source advisory: OSV:PYSEC-2025-208...
@diningcity/capacitor-qr-scanner (>=0.0.7 <=0.0.8), @mojitonft/hooks (=1.0.1-alpha.4) +93 more potentially affected by CVE-2025-26278 via dref (=0.0.6)
dref NPM version =0.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on dref and may be impacted: - @diningcity/capacitor-qr-scanner =0.0.7, =1.7.0, =0.0.1, =11.1.1, =3.3.3, =0.0.0-beta, =0.0.2, =1.0.2, =0.0.40, =0.0.2, =0.0.1, =0.0.1, =0.1.0, =0.1.19...
003-gas-convert (=1.0.1), 0x-hunter-core (>=1.0.0 <=1.0.1-5) +6570 more potentially affected by CVE-2025-57329 via web3-core-method (>=1.0.0-beta.52 <=3.0.0-rc.5)
web3-core-method NPM version =1.0.0-beta.52, =1.0.0, =0.0.3, =0.0.3, =0.0.31, =1.1.0, =0.9.9, =0.1.0, =0.1.1 - 55tools-block =1.0.0 - 55tools-block-ext =1.0.0 - 84447xe5t8 =1.0.0 and more Source cves: CVE-2025-57329 Source advisory: SNYK:JS-WEB3COREMETHOD-13110028...
0xtrails (>=0.1.9 <=0.6.6), @aarc-dev/deposit-widget (>=0.3.0 <=0.4.47) +11 more potentially affected by CVE-2025-59430 via @meshconnect/web-link-sdk (>=3.0.2 <=3.2.14)
@meshconnect/web-link-sdk NPM version =3.0.2, =0.1.9, =0.3.0, =0.0.1, =0.0.2, =0.0.1, =0.0.1, =0.0.4, =1.0.0, =1.1.0, =1.1.0, =1.1.0, =1.0.0, =1.0.5 Source cves: CVE-2025-59430 Source advisory: SNYK:JS-MESHCONNECTWEBLINKSDK-13004671...
org.webjars.npm:bonjour (=3.5.0), org.webjars.npm:dns-packet (>=1.3.1 <=4.2.0) +10 more potentially affected by CVE-2024-29415 +1 more via org.webjars.npm:ip (>=1.1.5 <=2.0.0)
org.webjars.npm:ip MAVEN version =1.1.5, =1.3.1, =1.0.1, =6.2.3, =4.2.0, =1.1.10, =3.0.1, =4.0.2 - org.webjars.npm:splitsoftwaresplitio =10.8.4 Source cves: CVE-2024-29415, CVE-2025-59437 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14101895...
react-jsonschema-rxnt-extras (>=0.1.14 <=0.5.0-alpha.190053) potentially affected by unknown CVE via react-complaint-image (>=0.0.10 <=0.0.31)
react-complaint-image NPM version =0.0.10, =0.1.14, =0.5.0-alpha.190053 Source cves: unknown CVE Source advisory: SNYK:JS-REACTCOMPLAINTIMAGE-12705089...
@angular/build (>=20.1.0 <=20.2.0-next.2), @atomazing-org/super-app-host (>=0.0.4 <=0.0.8) +55 more potentially affected by CVE-2025-58751 via vite (>=7.0.0 <=7.0.6)
vite NPM version =7.0.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =0.0.1750946288791, =0.0.2, =0.0.7, =0.0.2, =0.0.1, =0.1.34, =0.1.35 and more Source cves: CVE-2025-58751 Source advisory: OSV:GHSA-G4JQ-H2W9-997C...
ba.sake:hepek-http4s_3 (>=0.31.0 <=0.34.0), ch.linkyard.mcp:jsonrpc2-stdio_3 (>=0.1.0 <=0.3.2) +661 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_3 (>=3.0-117-375521f <=3.12.0)
co.fs2:fs2-io3 MAVEN version =3.0-117-375521f, =0.31.0, =0.1.0, =0.2.0, =0.1.0, =3.10-4b5f50b, =0.29.0, =0.2.1, =1.0.0, =0.1.0, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-377-020cf9e and more Source cves: CVE-2025-58369 Source advisory:...
@ckeditor/ckeditor5-adapter-ckfinder (>=46.0.0 <=46.0.2-alpha.1), @ckeditor/ckeditor5-ai (>=46.0.0 <=46.0.2-alpha.1) +89 more potentially affected by CVE-2025-58064 via @ckeditor/ckeditor5-clipboard (>=46.0.0 <=46.0.2)
@ckeditor/ckeditor5-clipboard NPM version =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.0, =46.0.2-alpha.1 and more Source cves: CVE-2025-58064 Source advisory: OSV:GHSA-X9GP-VJH6-3WV6...
@anjy7/navbar-cms (=0.0.5), @contentql/core (>=0.1.2 <=0.3.5) +14 more potentially affected by CVE-2025-4643 +1 more via @payloadcms/next (>=3.0.0-alpha.46 <=3.44.0-internal.6b79dc2)
@payloadcms/next NPM version =3.0.0-alpha.46, =0.1.2, =0.1.0, =3.2.0, =0.2.0, =0.1.0, =0.1.4, =1.0.0, =0.0.5, =0.0.1, =0.0.9-alpha.52, =0.0.5, =3.0.0-beta.3, =0.0.3, =1.0.0 and more Source cves: CVE-2025-4643, CVE-2025-4644 Source advisory: OSV:GHSA-26RV-H2HF-3FW4...
@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.61) +49 more potentially affected by CVE-2025-10894 via @nx/workspace (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)
@nx/workspace NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXWORKSPACE-12205641...
@6missedcalls-ai/zora-mcp-server (>=0.1.2 <=0.1.3), @aurracloud/agentkit (>=0.9.0 <=0.10.0) +32 more potentially affected by unknown CVE via x402 (>=0.1.2 <=0.4.3)
x402 NPM version =0.1.2, =0.1.2, =0.9.0, =0.1.0-alpha.1, =0.0.1, =0.0.1, =0.0.1, =0.0.0-nightly-20250711210411, =0.3.0, =0.0.3, =0.1.2, =0.1.3 - @openflow-sh/sdk =1.0.0 - @thorium-dev-group/x402-mcp-extension =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-3J63-5H8P-GF7C...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +222 more potentially affected by CVE-2025-55284 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.24)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2025-55284 Source advisory: OSV:GHSA-X5GV-JW7F-J6XJ...
packagesss (=1.0.0) potentially affected by unknown CVE via ldash (=0.0.1-security)
ldash NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on ldash and may be impacted: - packagesss =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25004...
000tea (=1.4.5), 00tea (=1.4.4) +838 more potentially affected by unknown CVE via name (=0.0.2)
name NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on name and may be impacted: - 000tea =1.4.5 - 00tea =1.4.4 - 01q =1.5.1 - 032we =1.5.7 - 0tea =1.4.3 - 123qaz =1.1.1 - 12we =1.6.9 - 12wea =1.5.5 - 1qwe =1.4.6 - 1qwer =1.4.7 - 1qwer...
@rustybrooks/eslint-config-prettier (>=1.0.0 <=1.0.18) potentially affected by unknown CVE via eslint-plugin-airbnb-base (=0.0.1-security)
eslint-plugin-airbnb-base NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on eslint-plugin-airbnb-base and may be impacted: - @rustybrooks/eslint-config-prettier =1.0.0, =1.0.18 Source cves: unknown CVE Source advisory:...
04-rsib_contact-numbers-menue_cli (>=1.0.0 <=1.0.1), advanture-game-by-sam (>=1.0.0 <=1.0.1) +2 more potentially affected by unknown CVE via chak (=0.0.1-security)
chak NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on chak and may be impacted: - 04-rsibcontact-numbers-menuecli =1.0.0, =1.0.0, =1.0.1, =1.0.3 - text-base-adventure-92 =1.0.0 Source cves: unknown CVE Source advisory:...
gulp-jsify (=0.1.0) potentially affected by unknown CVE via jsify (=0.0.4)
jsify NPM version =0.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on jsify and may be impacted: - gulp-jsify =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-23947...
brick-node (>=0.0.0 <=0.0.3) potentially affected by unknown CVE via brick-browserify-plugin (>=0.0.0 <=0.0.1)
brick-browserify-plugin NPM version =0.0.0, =0.0.0, =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-16164...
@pirxpilot/confirmation (=1.0.1), @pirxpilot/dialog (=1.1.1) +46 more potentially affected by unknown CVE via macgyver (>=1.10.1 <=1.9.2)
macgyver NPM version =1.10.1, =1.1.0, =1.0.3, =2.0.0, =1.0.1, =1.0.0, =1.0.8 - democracyos-confirmation =0.0.5 - democracyos-popover =1.1.0 - democracyos-quill =0.19.12 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-25744...
gezi-core (>=0.0.0 <=0.0.2), less-common-words (=0.0.0) +1 more potentially affected by unknown CVE via most-common-words (=2.0.0)
most-common-words NPM version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on most-common-words and may be impacted: - gezi-core =0.0.0, =0.0.2 - less-common-words =0.0.0 - meta-tags =0.0.0 Source cves: unknown CVE Source advisory:...
dxtest1 (>=1.0.0 <=1.0.2), lewistest (>=1.0.0 <=1.0.1) +2 more potentially affected by unknown CVE via commender (=0.0.1-security)
commender NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commender and may be impacted: - dxtest1 =1.0.0, =1.0.0, =1.0.1 - xy-xueyong-rkc =1.0.0 - zansanfeng123 =1.0.0 Source cves: unknown CVE Source advisory:...
fox (=0.0.8), lowkick (>=0.0.1 <=0.1.0) +2 more potentially affected by unknown CVE via combiner (=1.2.1)
combiner NPM version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on combiner and may be impacted: - fox =0.0.8 - lowkick =0.0.1, =1.1.0, =0.3.1, =0.3.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17379...
ourtunes (>=0.0.0 <=1.1.0) potentially affected by unknown CVE via play-url (=0.0.5)
play-url NPM version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on play-url and may be impacted: - ourtunes =0.0.0, =1.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-29381...
01memories (>=0.0.27 <=0.0.32), 01os (>=0.0.1 <=0.0.13) +8384 more potentially affected by CVE-2025-50817 via future (>=0.14.1 <=1.0.0)
future PYPI version =0.14.1, =0.0.27, =0.0.1, =1.0.0, =2.0.0, =0.0.2, =0.1.1, =0.9.2, =0.1.1, =0.4.24b0, =0.4.0, =1.0.0, =1.0.1 and more Source cves: CVE-2025-50817 Source advisory: SNYK:PYTHON-FUTURE-11951438...
com.itextpdf:bouncy-castle-fips-adapter (>=9.0.0 <=9.5.0), org.apache.camel.springboot:camel-opensearch-starter (=4.12.0) +13 more potentially affected by CVE-2025-8885 via org.bouncycastle:bc-fips (=2.0.0)
org.bouncycastle:bc-fips MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.itextpdf:bouncy-castle-fips-adapter =9.0.0, =3.22.0, =26.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0,...
windmill-cli (>=0.0.1 <=0.0.13) potentially affected by CVE-2025-55152 via @oakserver/oak (>=12.6.2 <=14.1.0)
@oakserver/oak NPM version =12.6.2, =0.0.1, =0.0.13 Source cves: CVE-2025-55152 Source advisory: SNYK:JS-OAKSERVEROAK-11735294...
org.apache.cxf.systests:cxf-systests-jaxrs (>=4.0.0 <=4.0.11), org.apache.cxf.systests:cxf-systests-transport-jms (>=4.0.0 <=4.0.11) +15 more potentially affected by CVE-2025-48913 via org.apache.cxf:cxf-rt-transports-jms (>=4.0.0 <=4.0.8)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =6.2.0.Final, =7.3.7.Final, =7.0.0.Final, =7.0.0.Final, =6.2.0.Final, =6.2.0.Final, =7.0.0.Final, =7.0.0.Final, =6.2.0.Final, =7.3.8.Final and more Source cves: CVE-2025-48913 Source advisor...
42towels (>=0.1.1001 <=0.1.1011), aait (>=0.0.4.80 <=2.3.14) +259 more potentially affected by CVE-2025-46206 via pymupdf (>=1.16.14 <=1.25.5)
pymupdf PYPI version =1.16.14, =0.1.1001, =0.0.4.80, =0.7.0, =0.0.1, =0.1.31, =0.0.5, =0.0.3.20, =0.0.1, =1.5.0, =1.2.3, =0.7.0b20230331, =0.7.0b20230307, =0.8.1b20230620 and more Source cves: CVE-2025-46206 Source advisory: SNYK:PYTHON-PYMUPDF-12672499...