26517 matches found
@budibase/cli (>=3.0.0 <=3.2.26), @budibase/pro (>=3.0.0 <=3.2.26) +2 more potentially affected by CVE-2026-42239 via @budibase/backend-core (>=3.0.0 <=3.2.7)
@budibase/backend-core NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-42239 Source advisory: SNYK:JS-BUDIBASEBACKENDCORE-16318349...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +20 more potentially affected by CVE-2026-41908 via openclaw (>=2026.3.22 <=2026.4.2)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-41908 Source advisory: SNYK:JS-OPENCLAW-16205967...
org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41673 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)
org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41673 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16134531...
nimiq-accounts (>=0.1.0 <=0.2.0), nimiq-block-production (>=0.1.0 <=0.2.0) +11 more potentially affected by CVE-2026-33471 via nimiq-block (>=0.1.0 <=0.2.0)
nimiq-block CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-33471 Source advisory: OSV:GHSA-6973-8887-87FF...
@armenak/aa (=1.0.1), @armenak/ui-kit (>=1.0.0 <=1.0.5) +74 more potentially affected by CVE-2026-41691 via i18next-http-backend (>=3.0.1 <=3.0.4)
i18next-http-backend NPM version =3.0.1, =1.0.0, =1.0.2, =3.12.2-pre.0a3e0d524e, =3.2.9, =3.2.9, =10.0.0, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =3.42.3, =3.8.2, =3.7.3, =3.7.11 - @eternal-baguette/sample-component =0.0.3 and more Source cves: CVE-2026-41691 Source advisory:...
@saltcorn/cli (>=1.5.0 <=1.5.0-rc.2), @saltcorn/mobile-builder (>=1.5.0 <=1.5.0-rc.2) potentially affected by unknown CVE via @saltcorn/server (>=1.5.0-beta.0 <=1.5.0)
@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.0-rc.2 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNSERVER-16318352...
AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4020 more potentially affected by unknown CVE via rustls-webpki (>=0.100.3 <=0.102.8)
rustls-webpki CARGO version =0.100.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0104...
cn.herodotus.engine:oauth2-authorization-server-autoconfigure (>=3.3.0.0 <=3.3.2.2), cn.herodotus.engine:oauth2-core (>=3.3.0.0 <=3.3.2.2) +249 more potentially affected by CVE-2026-22748 via org.springframework.security:spring-security-oauth2-jose (>=6.3.0 <=6.3.10)
org.springframework.security:spring-security-oauth2-jose MAVEN version =6.3.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.0, =3.3.0.1 and more Source cves: CVE-2026-22748 Source advisory:...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +17 more potentially affected by unknown CVE via openclaw (>=0.0.1 <=2026.4.12)
openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: unknown CVE Source advisory: OSV:GHSA-F934-5RQF-XX47...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-43585 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-43585 Source advisory: SNYK:JS-OPENCLAW-16109684...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by CVE-2026-43569 via openclaw (>=2026.3.22 <=2026.4.5)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-43569 Source advisory: SNYK:JS-OPENCLAW-16109739...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by CVE-2026-43531 via openclaw (>=2026.3.22 <=2026.4.5)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-43531 Source advisory: SNYK:JS-OPENCLAW-16109726...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-43535 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-43535 Source advisory: SNYK:JS-OPENCLAW-16109728...
locizify (>=7.0.0 <=9.0.9), locizify-ssg (>=1.1.12 <=2.0.6) potentially affected by CVE-2026-41692 via i18nextify (>=4.0.0 <=4.0.7)
i18nextify NPM version =4.0.0, =7.0.0, =1.1.12, =2.0.6 Source cves: CVE-2026-41692 Source advisory: SNYK:JS-I18NEXTIFY-16415525...
amdonov.ospackage-init:amdonov.ospackage-init.gradle.plugin (>=0.1.0 <=0.5.0), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1646 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15on (>=1.46 <=1.70)
org.bouncycastle:bcpg-jdk15on MAVEN version =1.46, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =2023.06.07.114626-93b9d6f, =0.1.3-20210127.1838-76ab4fc, =0.1.4-20220614.0152-5ae0eef, =1.0.0-M6, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1-M3, =0.0.1-M19 and more...
com.axelor:axelor-core (>=8.0.0 <=8.1.1), com.axelor:axelor-web (>=8.0.0 <=8.1.1) potentially affected by CVE-2026-40458 +1 more via org.pac4j:pac4j-ldap (>=6.2.2 <=6.3.1)
org.pac4j:pac4j-ldap MAVEN version =6.2.2, =8.0.0, =8.0.0, =8.1.1 Source cves: CVE-2026-40458, CVE-2026-40459 Source advisory: SNYK:JAVA-ORGPAC4J-16109662...
@paperclipai/server (>=2026.3.17-canary.2 <=2026.416.0-canary.1), companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +4 more potentially affected by unknown CVE via @paperclipai/adapter-codex-local (>=2026.318.0-canary.0 <=2026.416.0-canary.1)
@paperclipai/adapter-codex-local NPM version =2026.318.0-canary.0, =2026.3.17-canary.2, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: unknown CVE Source advisory: SNYK:JS-PAPERCLIPAIADAPTERCODEXLOCAL-16421448...
@paperclipai/adapter-claude-local (>=2026.3.17-canary.0 <=2026.411.0-canary.8), @paperclipai/adapter-codex-local (>=2026.3.17-canary.0 <=2026.411.0-canary.8) +12 more potentially affected by unknown CVE via @paperclipai/adapter-utils (>=2026.318.0-canary.0 <=2026.416.0-canary.1)
@paperclipai/adapter-utils NPM version =2026.318.0-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.0, =2026.3.17-canary.2, =2026.324.0-canary.0, =5.0.0, =2026.3.17-canary.3, =0.6.5, =0.6.6...
10minions-engine (>=0.0.1 <=0.0.4), @0xr404/lol404 (>=1.1.0 <=1.1.6) +3252 more potentially affected by CVE-2026-41242 via protobufjs (>=7.0.0 <=7.5.4)
protobufjs NPM version =7.0.0, =0.0.1, =1.1.0, =1.0.1-beta.0, =0.0.2-beta.0, =1.0.0, =1.5.10, =0.10.1, =1.1.0, =6.0.0, =2.0.2, =3.3.2 and more Source cves: CVE-2026-41242 Source advisory: SNYK:JS-PROTOBUFJS-16094665...
@13w/local-rag (>=1.6.0 <=1.7.2), @24letters/devservers (>=0.1.0 <=0.5.0) +632 more potentially affected by CVE-2026-6414 via @fastify/static (>=8.0.0 <=9.1.0)
@fastify/static NPM version =8.0.0, =1.6.0, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0-beta.23, =0.0.1, =1.0.0, =4.76.1 - @akiojin/claude-worktree =1.33.0 and more Source cves: CVE-2026-6414 Source advisory: OSV:GHSA-X428-GHPX-8J92...
copilot-studio-datainsight (>=0.0.1 <=0.0.6), flowise (>=1.6.1 <=2.2.8) potentially affected by CVE-2026-41138 via flowise-components (>=1.3.4 <=2.2.8)
flowise-components NPM version =1.3.4, =0.0.1, =1.6.1, =2.2.8 Source cves: CVE-2026-41138 Source advisory: SNYK:JS-FLOWISECOMPONENTS-16110988...
org.bouncycastle:bcjmail-debug-jdk15to18 (>=1.81 <=1.83), org.bouncycastle:bcmail-debug-jdk15to18 (>=1.81 <=1.83) potentially affected by CVE-2026-5588 via org.bouncycastle:bcpkix-debug-jdk15to18 (>=1.81 <=1.83)
org.bouncycastle:bcpkix-debug-jdk15to18 MAVEN version =1.81, =1.81, =1.81, =1.83 Source cves: CVE-2026-5588 Source advisory: OSV:GHSA-WG6Q-6289-32HP...
app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1229 more potentially affected by CVE-2026-0636 via org.bouncycastle:bcprov-jdk15to18 (>=1.74 <=1.83)
org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.74, =0.0.2, =0.0.2.1, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 -...
article-extractor (=0.5.8), nscraper (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via justhtml (>=1.13.0 <=1.14.0)
justhtml PYPI version =1.13.0, =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: SNYK:PYTHON-JUSTHTML-16083990...
@saltcorn/cli (>=1.6.0-alpha.0 <=1.6.0-beta.14), @saltcorn/mobile-builder (>=1.6.0-alpha.0 <=1.6.0-beta.14) potentially affected by CVE-2026-40163 via @saltcorn/server (>=1.6.0-alpha.0 <=1.6.0-beta.3)
@saltcorn/server NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-beta.14 Source cves: CVE-2026-40163 Source advisory: SNYK:JS-SALTCORNSERVER-15990855...
@saltcorn/cli (>=1.5.0 <=1.5.5-beta.0), @saltcorn/mobile-builder (>=1.5.0 <=1.5.5-beta.0) potentially affected by CVE-2026-40163 via @saltcorn/server (>=1.5.0-beta.0 <=1.5.5-beta.0)
@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0, =1.5.0, =1.5.5-beta.0 Source cves: CVE-2026-40163 Source advisory: OSV:GHSA-32PV-MPQG-H292...
africa.shuwari.sbt:sbt-js_2.12_1.0 (>=0.14.1 <=0.16.1), africa.shuwari.sbt:sbt-netbeans_2.12_1.0 (>=0.1.0 <=0.1.1) +19258 more potentially affected by CVE-2026-34477 via org.apache.logging.log4j:log4j-core (>=2.12.0 <=2.25.3)
org.apache.logging.log4j:log4j-core MAVEN version =2.12.0, =0.14.1, =0.1.0, =0.9.6, =0.12.0, =0.9.6, =0.9.6, =0.9.6, =0.9.6, =0.14.1, =0.9.6, =0.14.1, =4.4.0.1, =1.4.6, =1.4.6, =1.4.8 and more Source cves: CVE-2026-34477 Source advisory: SNYK:JAVA-ORGAPACHELOGGINGLOG4J-15967727...
org.apache.logging.log4j:log4j-layout-template-json-test (>=3.0.0-alpha1 <=3.0.0-beta2), software.airborne.kairo:kairo-alternative-money-formatters (=5.0.0) +29 more potentially affected by CVE-2026-34481 via org.apache.logging.log4j:log4j-layout-template-json (>=3.0.0-alpha1 <=3.0.0-beta3)
org.apache.logging.log4j:log4j-layout-template-json MAVEN version =3.0.0-alpha1, =3.0.0-alpha1, =3.0.0-beta2 - software.airborne.kairo:kairo-alternative-money-formatters =5.0.0 - software.airborne.kairo:kairo-clock-feature =5.0.0 - software.airborne.kairo:kairo-closeable =5.0.0 -...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by CVE-2026-42420 via openclaw (>=2026.3.22 <=2026.4.5)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-42420 Source advisory: SNYK:JS-OPENCLAW-15989069...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +24 more potentially affected by CVE-2026-42429 via openclaw (>=0.0.1 <=2026.4.5)
openclaw NPM version =0.0.1, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-42429 Source advisory: OSV:GHSA-4F8G-77MW-3RXC...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.4.5)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15989068...
06-03-5 (=1.0.0), 80cents (>=0.3.4 <=0.4.24) +2147 more potentially affected by unknown CVE via nodemailer (>=8.0.0 <=8.0.4)
nodemailer NPM version =8.0.0, =0.3.4, =0.1.0, =1.0.0, =1.16.0-feature-320605-mfchyhti, =1.0.1-develop-7a7ecd-mffcpgol, =2.0.0, =1.17.13-beta-20260512-004004-69bacba8, =0.1.0, =0.2.3 and more Source cves: unknown CVE Source advisory: SNYK:JS-NODEMAILER-15930946...
antgrid-server (>=0.0.2 <=0.0.3), kani-tts (=0.0.1) +3 more potentially affected by CVE-2026-24175 via nvidia-pytriton (=0.7.0)
nvidia-pytriton PYPI version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on nvidia-pytriton and may be impacted: - antgrid-server =0.0.2, =0.1.0, =0.1.0rc1, =0.1.0, =0.4.0 Source cves: CVE-2026-24175 Source advisory:...
be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2026-34197 via org.apache.activemq:activemq-all (>=5.0.0 <=5.19.3)
org.apache.activemq:activemq-all MAVEN version =5.0.0, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-34197 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-16032379...
@runspace/ataraxia-auth (=0.0.0), @runspace/cli (>=0.1.6 <=0.1.8) +19 more potentially affected by unknown CVE via @stablelib/cbor (>=1.0.1 <=1.0.2)
@stablelib/cbor NPM version =1.0.1, =0.1.6, =0.1.3, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =0.8.0, =0.9.0, =0.9.0, =0.8.0, =0.8.0, =0.8.0, =0.11.0, =0.11.0, =0.12.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5JG4-P4QW-CGFR...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +5637 more potentially affected by unknown CVE via tools.jackson.core:jackson-core (>=3.0.0-rc1 <=3.1.0)
tools.jackson.core:jackson-core MAVEN version =3.0.0-rc1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.1.2, =0.1.0, =0.1.0, =0.7.6, =0.7.21 and more Source cves:...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-41382 via openclaw (>=2026.3.22 <=2026.3.28)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-41382 Source advisory: SNYK:JS-OPENCLAW-15893692...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41349 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41349 Source advisory: SNYK:JS-OPENCLAW-15893801...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-41396 via openclaw (>=2026.3.22 <=2026.3.28)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-41396 Source advisory: SNYK:JS-OPENCLAW-15895899...
@21epub/resource-lib (>=1.0.0 <=1.0.3), @8base/boost (>=1.2.0 <=1.5.0) +1605 more potentially affected by CVE-2026-47099 via telejson (>=1.0.1 <=5.3.3)
telejson NPM version =1.0.1, =1.0.0, =1.2.0, =1.0.0, =1.1.4, =1.16.0, =1.1.2, =0.5.19-20200320212412, =5.0.0, =1.0.0-beta.10, =0.0.3, =0.0.199-alpha.0, =1.0.22, =0.0.1, =0.2.0 and more Source cves: CVE-2026-47099 Source advisory: OSV:GHSA-CCGF-5RWJ-J3HV...
2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +4112 more potentially affected by CVE-2026-34601 via @xmldom/xmldom (>=0.7.0 <=0.8.11)
@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =1.0.4, =1.0.0, =2.1.0-develop-2ff6c7-mckmjkzz, =2.1.0-renovate-fdebc6-mhg3djx8 - @abcd19/st-grid =3.1.0 - @abdullahceylan/expo-cli =0.2.6 and more Source cves: CVE-2026-34601 Source advisory: OSV:GHSA-WH4C-J3R5-MJHP...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41344 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41344 Source advisory: SNYK:JS-OPENCLAW-15864628...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41332 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41332 Source advisory: SNYK:JS-OPENCLAW-15864694...
airduct (>=0.1.13 <=0.1.22), aprsd (>=1.6.0 <=3.4.4) +42 more potentially affected by CVE-2026-34531 via flask-httpauth (>=2.5.0 <=4.8.0)
flask-httpauth PYPI version =2.5.0, =0.1.13, =1.6.0, =1.0.5, =0.0.5, =0.5.0, =4.2.6, =1.0.0, =0.0.28, =0.0.0rc24, =1.0.2, =0.2.2, =3.2.0.0, =2.0.0, =0.1.8.1, =2.2.1 and more Source cves: CVE-2026-34531 Source advisory: OSV:GHSA-P44Q-VQPR-4XMG...
@dojo/cli-test-intern (>=0.1.0 <=2.0.0-beta3.1), express_mvc (>=4.1.1 <=4.3.10) +7 more potentially affected by CVE-2021-23337 +1 more via lodash-amd (>=4.16.4 <=4.17.23)
lodash-amd NPM version =4.16.4, =0.1.0, =4.1.1, =3.4.0, =0.0.1, =1.0.14, =0.0.7, =0.0.1, =0.1.5 - xirtam--matrix-operations =0.1.3 Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JS-LODASHAMD-15869626...
acpx-teams (=0.1.0), arifos (>=2026.2.22 <=2026.4.16) +58 more potentially affected by CVE-2026-27124 via fastmcp (>=3.0.0 <=3.1.1)
fastmcp PYPI version =3.0.0, =2026.2.22, =2026.3.13, =1.0.0, =0.56.0, =0.1.0, =0.3.2, =0.2.0, =0.3.0, =1.1.0, =0.0.1, =0.1.0, =0.5.12b18, =0.5.12b19 - efn-mcp =0.1.0 and more Source cves: CVE-2026-27124 Source advisory: SNYK:PYTHON-FASTMCP-15871030...
abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +702 more potentially affected by CVE-2026-0596 via mlflow (>=3.0.0rc2 <=3.9.0)
mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =1.1.0, =0.1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2026-0596 Source advisory: SNYK:PYTHON-MLFLOW-15907602...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34373 via parse-server (>=9.6.0-alpha.37 <=9.6.1)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34373 Source advisory: OSV:GHSA-Q3P6-G7C4-829C...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-34363 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-34363 Source advisory: OSV:GHSA-M983-V2FF-WQ65...
crewai-geolocate (=0.1.0) potentially affected by CVE-2026-2287 via crewai-tools (=1.11.0)
crewai-tools PYPI version =1.11.0 is affected by a known vulnerability. The following packages have a transitive dependency on crewai-tools and may be impacted: - crewai-geolocate =0.1.0 Source cves: CVE-2026-2287 Source advisory: SNYK:PYTHON-CREWAITOOLS-15922651...