26517 matches found
ai.spice:spiceai (=0.6.0), cn.isqing.icloud:icloud-common-utils (>=4.0.3-M1 <=4.0.3.1) +636 more potentially affected by CVE-2026-44893 via io.netty:netty-codec-haproxy (>=4.2.0.Final <=4.2.14.Final)
io.netty:netty-codec-haproxy MAVEN version =4.2.0.Final, =4.0.3-M1, =1.21.9, =3.4.7, =25.4.1, =26.2.1, =7.9.0, =5.1.0, =5.1.0, =6.80, =6.84 and more Source cves: CVE-2026-44893 Source advisory: OSV:GHSA-CC37-9Q2J-3HFV...
ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2478 more potentially affected by CVE-2026-44250 via io.netty:netty-codec-redis (>=4.1.0.Final <=4.1.134.Final)
io.netty:netty-codec-redis MAVEN version =4.1.0.Final, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.0.1, =0.0.9 and more Source cves: CVE-2026-44250 Source advisory: OSV:GHSA-3244-J874-RHC2...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +29726 more potentially affected by CVE-2026-44249 via io.netty:netty-handler (>=4.0.0.Alpha1 <=4.1.134.Final)
io.netty:netty-handler MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
17fe-ui23 (>=0.0.0 <=0.0.24), @2kog/pkg-editor (>=0.0.1 <=0.1.3) +584 more potentially affected by CVE-2026-47761 via tinymce (>=6.0.0 <=7.5.1)
tinymce NPM version =6.0.0, =0.0.0, =0.0.1, =12.1.0, =4.1.0, =1.0.0-beta.1, =4.1.2-rc, =1.0.0, =0.1.0, =0.1.19, =0.1.0, =0.1.1 and more Source cves: CVE-2026-47761 Source advisory: OSV:GHSA-VG35-5WQ7-3X7W...
17fe-ui23 (>=0.0.0 <=0.0.24), @2kog/pkg-editor (>=0.0.1 <=0.1.3) +554 more potentially affected by CVE-2026-47760 via tinymce (>=6.8.1 <=7.0.1)
tinymce NPM version =6.8.1, =0.0.0, =0.0.1, =12.1.0, =4.1.0, =1.0.0-beta.1, =4.1.2-rc, =1.0.0, =0.1.0, =0.1.0, =0.1.1, =0.1.7 - @arkxos/arkos-example =0.1.0 and more Source cves: CVE-2026-47760 Source advisory: OSV:GHSA-MH5M-5HW4-5C69...
a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +355 more potentially affected by CVE-2026-6657 via jupyter-server (>=1.13.2 <=2.17.0)
jupyter-server PYPI version =1.13.2, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2026-6657 Source advisory: SNYK:PYTHON-JUPYTERSERVER-17220130...
arches (=8.0.0a1), avaintegration-metapackage (>=6.0.4.3 <=6.0.5.32) +47 more potentially affected by CVE-2026-7666 via django (>=6.0.0 <=6.0.5)
django PYPI version =6.0.0, =6.0.4.3, =2.0.0, =1.1.0, =0.1.0, =0.4.5 - django-ndr-core =0.70.2 - django-sb-simple-migrations =0.9.0 and more Source cves: CVE-2026-7666 Source advisory: OSV:PYSEC-2026-200...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), be.mogo.iam:mogo-provisioning (>=1.0.1.RELEASE <=1.1.7.RELEASE) +1174 more potentially affected by CVE-2026-47065 via org.apache.mina:mina-core (>=2.0.0-M1 <=2.0.28)
org.apache.mina:mina-core MAVEN version =2.0.0-M1, =37.v0d3157c4aef8, =1.0.1.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =2.7.4.0, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.2.RELEASE, =1.0.3.RELEASE - cn.javaboot:nacos-address =1.4.1 - cn.javaboot:nacos-console =1.4.1 -...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +40 more potentially affected by CVE-2026-41084 via apache-airflow-core (>=3.0.0 <=3.2.1rc3)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-41084 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-17137559...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +40 more potentially affected by CVE-2026-40861 via apache-airflow-core (>=3.0.0 <=3.2.1rc3)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-40861 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-17137558...
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.5), org.apache.activemq:activemq-web-console (>=6.0.0 <=6.2.5) +2 more potentially affected by CVE-2026-42253 via org.apache.activemq:activemq-web (>=6.0.0 <=6.2.5)
org.apache.activemq:activemq-web MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.5 Source cves: CVE-2026-42253 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151924...
be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2026-42253 via org.apache.activemq:activemq-all (>=5.0.0 <=5.19.6)
org.apache.activemq:activemq-all MAVEN version =5.0.0, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-42253 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151925...
com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.5) +5 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.5)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.5 Source cves: CVE-2026-34197, CVE-2026-45505 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151886...
be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2026-49157 via org.apache.activemq:activemq-all (>=5.0.0 <=5.19.6)
org.apache.activemq:activemq-all MAVEN version =5.0.0, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-49157 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151889...
com.infobip.kafkistry:kafkistry-app (>=0.7.0 <=0.10.1), com.infobip.kafkistry:kafkistry-auditing (>=0.7.0 <=0.10.1) +19 more potentially affected by CVE-2026-48827 via org.apache.sshd:sshd-git (>=2.10.0 <=2.17.1)
org.apache.sshd:sshd-git MAVEN version =2.10.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.9.9, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.62.0, =2.25.0, =1.1.0, =1.1.1 and more Source cves: CVE-2026-48827 Source advisory: SNYK:JAVA-ORGAPACHESSHD-17151844...
be.yildiz-games:module-messaging-activemq (>=1.0.0 <=1.0.1), cn.codeforfun:jfinal-activemq (=0.3) +215 more potentially affected by CVE-2026-49270 via org.apache.activemq:activemq-all (>=5.0.0 <=5.19.6)
org.apache.activemq:activemq-all MAVEN version =5.0.0, =1.0.0, =6.0.03, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.3-rc1, =2.0.0, =3.0.0, =8.0.0, =2.0.0, =1.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-49270 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-17151888...
acryl-datahub-airflow-plugin (>=0.8.35.6 <=1.7.0.1rc1), acryl-datahub-airflow-plugin-hcc-patched (>=1.4.0.3.post1 <=1.4.0.3.post2) +464 more potentially affected by CVE-2026-42360 via apache-airflow-task-sdk (>=1.0.0 <=1.2.2)
apache-airflow-task-sdk PYPI version =1.0.0, =0.8.35.6, =1.4.0.3.post1, =1.0.0, =0.0.9.2, =0.1.0rc0, =0.1.0, =0.1.2, =1.0.1, =0.1.0, =1.0.0, =0.0.1, =0.0.5 and more Source cves: CVE-2026-42360 Source advisory: SNYK:PYTHON-APACHEAIRFLOWTASKSDK-17131176...
@redhat-cloud-services/access-requests-frontend (>=1.2.0 <=1.2.11), @redhat-cloud-services/frontend-components (>=0.0.1 <=7.7.1) +19 more potentially affected by unknown CVE via @redhat-cloud-services/frontend-components-utilities (=7.4.0)
@redhat-cloud-services/frontend-components-utilities NPM version =7.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on @redhat-cloud-services/frontend-components-utilities and may be impacted: - @redhat-cloud-services/access-requests-frontend =1.2.0,...
a2a-lite (>=0.1.0 <=0.2.2), adb-connect-qr (>=0.1.0 <=0.1.3) +568 more potentially affected by CVE-2026-47184 via zeroconf (>=0.140.1 <=0.149.3)
zeroconf PYPI version =0.140.1, =0.1.0, =0.1.0, =0.1.0, =1.0.2, =1.0.1, =0.0.1, =1.4.8, =2.6.28, =0.7.1, =0.0.1, =1.7.0, =0.2.38, =3.2.20 and more Source cves: CVE-2026-47184 Source advisory: OSV:GHSA-RFG2-PJW2-56X2...
a2a-lite (>=0.1.0 <=0.2.2), adb-connect-qr (>=0.1.0 <=0.1.3) +595 more potentially affected by CVE-2026-47184 via zeroconf (>=0.102.0 <=0.149.3)
zeroconf PYPI version =0.102.0, =0.1.0, =0.1.0, =0.1.0, =1.0.2, =1.0.1, =0.0.1, =1.4.8, =2.6.28, =0.7.1, =0.0.1, =1.7.0, =45.3.1 and more Source cves: CVE-2026-47184 Source advisory: SNYK:PYTHON-ZEROCONF-17111094...
org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-47137 via org.webjars.npm:vm2 (=3.9.19)
org.webjars.npm:vm2 MAVEN version =3.9.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vm2 and may be impacted: - org.webjars.npm:degenerator =4.0.4 - org.webjars.npm:pac-resolver =6.0.2 - org.webjars.npm:rocket.chatapps-engine =1.35...
@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +23 more potentially affected by CVE-2026-35673 via openclaw (>=2026.3.22 <=2026.4.26)
openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-35673 Source advisory: SNYK:JS-OPENCLAW-17139460...
@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +95 more potentially affected by CVE-2026-44645 via liquidjs (>=10.10.0 <=10.25.7)
liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0, =1.0.0-beta.5 - @clairview/api =23.1.0 and more Source cves: CVE-2026-44645 Source advisory: OSV:GHSA-8XX9-69P8-7JP3...
org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-44632 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)
org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-44632 Source advisory: OSV:GHSA-524G-X36V-9WM6...
org.yamcs:distribution (>=4.7.1 <=5.12.6), org.yamcs:packet-viewer (>=4.10.3 <=5.12.6) +14 more potentially affected by CVE-2026-42568 via org.yamcs:yamcs-core (>=0.29.3 <=5.12.6)
org.yamcs:yamcs-core MAVEN version =0.29.3, =4.7.1, =4.10.3, =4.10.3, =5.10.0, =5.10.0, =3.4.0, =4.5.0, =0.1.0, =0.1, =4.5.0, =0.29.3, =1.0.0, =4.7, =4.10.3, =5.12.6 and more Source cves: CVE-2026-42568 Source advisory: OSV:GHSA-CQH3-JG8P-336J...
org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (=4.1.0)
org.apache.syncope.core:syncope-core-spring MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-spring and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic =4.1.0 -...
@altipla/directus-sdk-utils (=0.7.2), @better-auth/sso (>=1.6.0 <=1.7.0-beta.3) +28 more potentially affected by CVE-2026-46490 via samlify (>=2.10.0 <=2.12.0)
samlify NPM version =2.10.0, =1.6.0, =2.10.4, =1.0.0, =11.16.1-depup.0, =27.1.0, =0.73.0, =0.73.0, =0.73.1, =0.73.0, =0.73.1, =0.78.0 and more Source cves: CVE-2026-46490 Source advisory: SNYK:JS-SAMLIFY-16796318...
org.apache.camel.kafkaconnector:camel-cxf-kafka-connector (>=3.18.1 <=3.21.0), org.apache.camel.kafkaconnector:camel-cxfrs-kafka-connector (>=3.18.1 <=4.14.5) +16 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-rest (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-rest MAVEN version =3.18.0, =3.18.1, =3.18.1, =3.18.1, =3.18.1, =4.10.3, =3.18.0, =4.10.3, =4.10.7, =3.18.0, =3.18.0, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2024-05-RT - org.talend.esb.locator.service:locator-soap-service =$%7Brevision%7D an...
aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +235 more potentially affected by CVE-2026-45804 via diffusers (>=0.10.2 <=0.37.1)
diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-45804 Source advisory: SNYK:PYTHON-DIFFUSERS-16787358...
8004skill (>=1.1.0 <=2.0.0), @a3stack/identity (=0.2.0) +279 more potentially affected by CVE-2026-45783 via @libp2p/kad-dht (>=10.0.15 <=16.2.6-9eb27be79)
@libp2p/kad-dht NPM version =10.0.15, =1.1.0, =1.0.0, =1.0.0, =1.0.1, =1.3.0, =0.0.2, =1.1.3, =0.2.0, =0.0.0-test.0, =0.0.0-test.0, =0.7.2, =0.0.0-test.0, =4.0.0-nightly.20250907 and more Source cves: CVE-2026-45783 Source advisory: OSV:GHSA-32MQ-HPPH-XFVR...
@geode/opengeodeweb-front (>=9.13.1 <=10.0.2-rc.4), nuxt (>=3.20.0 <=3.21.5) potentially affected by CVE-2026-46342 via @nuxt/nitro-server (>=3.20.0 <=3.21.5)
@nuxt/nitro-server NPM version =3.20.0, =9.13.1, =3.20.0, =3.21.5 Source cves: CVE-2026-46342 Source advisory: SNYK:JS-NUXTNITROSERVER-16770417...
@antv/g-mobile-svg (>=1.0.0 <=1.0.46), @antv/g-plugin-rough-svg-renderer (>=2.0.0 <=2.0.47) +2 more potentially affected by unknown CVE via @antv/g-plugin-svg-picker (>=2.0.0 <=2.0.9)
@antv/g-plugin-svg-picker NPM version =2.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.46 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGPLUGINSVGPICKER-16754433...
@glorysoft/mcs_tool (>=0.0.25 <=0.0.28), @ithinkdt/lowcode (>=4.0.0 <=4.0.5) +15 more potentially affected by unknown CVE via @antv/x6 (=3.1.7)
@antv/x6 NPM version =3.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6 and may be impacted: - @glorysoft/mcstool =0.0.25, =4.0.0, =2.0.0, =0.7.0, =0.7.0, =0.14.0, =0.0.1, =1.0.0, =1.0.0, =0.0.1, =0.1.8 and more Source cves: unknown CVE...
@antv/g-mobile-webgl (>=1.0.0 <=1.1.1), @antv/g-plugin-3d (>=2.0.0 <=2.1.1) +6 more potentially affected by unknown CVE via @antv/g-plugin-device-renderer (>=2.0.0 <=2.6.1)
@antv/g-plugin-device-renderer NPM version =2.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.2.0, =0.1.0, =1.0.2, =1.0.8 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGPLUGINDEVICERENDERER-16754932...
1g6table (=0.1.0), 7qb (=0.0.17) +1701 more potentially affected by unknown CVE via @antv/hierarchy (>=0.1.2 <=0.7.1)
@antv/hierarchy NPM version =0.1.2, =1.1.0, =1.0.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.1.43, =5.0.48, =0.1.0, =0.5.0-alpha.0, =0.5.1-alpha.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVHIERARCHY-16754885...
@binarysee/widgets (=1.0.5), @binlove/widgets (=1.0.5) potentially affected by unknown CVE via @antv/s2-react (=2.0.0-next.28)
@antv/s2-react NPM version =2.0.0-next.28 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/s2-react and may be impacted: - @binarysee/widgets =1.0.5 - @binlove/widgets =1.0.5 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVS2REACT-16754376...
@antv/g-canvas (>=2.0.0 <=2.0.52), @antv/g-canvaskit (>=1.0.0 <=1.0.51) +9 more potentially affected by unknown CVE via @antv/g-plugin-html-renderer (>=2.0.0 <=2.3.1)
@antv/g-plugin-html-renderer NPM version =2.0.0, =2.0.0, =1.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.56 - @antv/g6 =5.0.46 - @antv/g6-extension-3d =0.1.20 - @antv/s2 =2.4.12-alpha.1 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGPLUGINHTMLRENDERER-16754947...
@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +83 more potentially affected by unknown CVE via @antv/x6-plugin-history (>=2.2.3 <=2.2.4)
@antv/x6-plugin-history NPM version =2.2.3, =1.0.0, =2.0.1, =0.0.1, =0.0.2, =1.0.0-beta.46, =0.0.4, =0.7.0, =0.0.3, =2.0.4, =0.0.27, =0.0.34 - @ithinkdt/lowcode =3.0.0-0 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVX6PLUGINHISTORY-16754887...
@antv/g-canvas (>=2.0.0 <=2.0.52), @antv/g-canvaskit (>=1.0.0 <=1.0.51) +15 more potentially affected by unknown CVE via @antv/g-plugin-image-loader (>=2.0.0 <=2.3.1)
@antv/g-plugin-image-loader NPM version =2.0.0, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.56 - @antv/g6 =5.0.46 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGPLUGINIMAGELOADER-16754987...
budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-45719 via @budibase/server (>=0.0.1 <=0.0.9)
@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-45719 Source advisory: OSV:GHSA-363W-HVWH-W7M6...
com.akamai.edgegrid:edgegrid-signer-async-http-client (>=6.0.1 <=6.0.1-rc.1), com.cloudbees.thirdparty:zendesk-java-client (>=1.1.0 <=1.3.1) +50 more potentially affected by CVE-2026-45300 via org.asynchttpclient:async-http-client (>=3.0.0.Beta1 <=3.0.1)
org.asynchttpclient:async-http-client MAVEN version =3.0.0.Beta1, =6.0.1, =1.1.0, =0.4.8, =0.4.8, =0.4.8, =218.0.0, =14.5.0, =15.4.0 - com.navercorp.pinpoint:pinpoint-agentstatistics-collector =3.1.0 - com.navercorp.pinpoint:pinpoint-batch =3.1.0 - com.navercorp.pinpoint:pinpoint-collector-starte...
com.oviva.telematik:epa4all-rest-service (>=0.0.4 <=1.2.1) potentially affected by CVE-2026-45574 via com.oviva.telematik:epa4all-client (>=0.0.4 <=1.2.1)
com.oviva.telematik:epa4all-client MAVEN version =0.0.4, =0.0.4, =1.2.1 Source cves: CVE-2026-45574 Source advisory: OSV:GHSA-5HHF-XMFX-4VVR...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2026-45672 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2026-45672 Source advisory: SNYK:PYTHON-OPENWEBUI-16725766...
hubzoid (>=0.2.2 <=0.6.0), openwebui-token-tracking (>=0.1.7 <=0.1.10) +1 more potentially affected by CVE-2026-45351 via open-webui (>=0.6.0 <=0.8.8)
open-webui PYPI version =0.6.0, =0.2.2, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-45351 Source advisory: OSV:GHSA-JH9G-8JQW-M2QX...
hubzoid (>=0.2.2 <=0.6.0), openwebui-token-tracking (>=0.1.7 <=0.1.10) +1 more potentially affected by CVE-2026-45318 via open-webui (>=0.6.0 <=0.8.8)
open-webui PYPI version =0.6.0, =0.2.2, =0.1.7, =0.1.0, =0.1.5 Source cves: CVE-2026-45318 Source advisory: SNYK:PYTHON-OPENWEBUI-16725485...
@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +29 more potentially affected by unknown CVE via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.3)
@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.0.14, =0.3.0, =0.3.0, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =1.97.4, =1.120.20 and more Source cves: unknown CVE Source advisory:...
ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +3116 more potentially affected by CVE-2026-45205 via org.apache.commons:commons-configuration2 (>=2.0 <=2.14.0)
org.apache.commons:commons-configuration2 MAVEN version =2.0, =0.31.0, =0.1.9, =0.1.9, =0.1.9, =3.30.1.1, =3.10.0.5, =3.10.0.7, =0.2.3.5, =0.1.9, =1.2.3, =1.2.3, =1.0.0-20260516144515, =1.0.0-20260516144515, =1.0.0.ee-20260528111216 and more Source cves: CVE-2026-45205 Source advisory:...
@avorati/strapi-plugin-preview (=1.0.1), @catchmexz/fedin-cms (>=5.30.1 <=5.30.2) +9 more potentially affected by CVE-2026-22707 via @strapi/upload (>=5.0.0-beta.10 <=5.33.2)
@strapi/upload NPM version =5.0.0-beta.10, =5.30.1, =2.0.2, =0.0.1, =5.0.0, =3.0.0-beta.1, =3.0.0-beta.2 - stronges =0.1.1 - test-lead =0.1.0 Source cves: CVE-2026-22707 Source advisory: SNYK:JS-STRAPIUPLOAD-16691317...
nautobot-app-intent-networking (>=2.0.9 <=2.0.11), nautobot-bgp-models (>=3.0.0a1 <=3.0.0a2) +13 more potentially affected by CVE-2026-44794 via nautobot (>=3.0.0rc2 <=3.1.1)
nautobot PYPI version =3.0.0rc2, =2.0.9, =3.0.0a1, =3.0.0rc1, =4.0.0a1, =3.0.0a1, =4.0.0a1, =4.0.0a2 - nautobot-ssot =4.0.0a1 - nautobot-welcome-wizard =3.0.0a1 Source cves: CVE-2026-44794 Source advisory: OSV:GHSA-WPXJ-44W3-2J6X...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +170 more potentially affected by CVE-2026-44681 via authlib (>=1.0.0 <=1.6.11)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.1.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-44681 Source advisory:...