26517 matches found
complaintclassify (=0.0.9) potentially affected by CVE-2021-37649 via tensorflow-cpu (=2.4.0)
tensorflow-cpu PYPI version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - complaintclassify =0.0.9 Source cves: CVE-2021-37649 Source advisory: OSV:GHSA-6GV8-P3VJ-PXVR...
04-rsib_contact-numbers-menue_cli (>=1.0.0 <=1.0.1), advanture-game-by-sam (>=1.0.0 <=1.0.1) +2 more potentially affected by unknown CVE via chak (=0.0.1-security)
chak NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on chak and may be impacted: - 04-rsibcontact-numbers-menuecli =1.0.0, =1.0.0, =1.0.1, =1.0.3 - text-base-adventure-92 =1.0.0 Source cves: unknown CVE Source advisory:...
@blitzbank/dashboard (>=0.0.1 <=0.0.2), @coinmesh/lnd-adapter (>=0.0.1 <=0.2.12) +15 more potentially affected by unknown CVE via express-basic-auth (>=0.1.3 <=1.1.6)
express-basic-auth NPM version =0.1.3, =0.0.1, =0.0.1, =2.0.0, =1.0.0, =0.1.5, =3.0.0, =1.0.1, =1.0.0, =0.1.5, =0.0.1, =1.0.0, =0.1.0, =2.0.0, =36.1.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-C35V-QWQG-87JC...
alvin-cli (>=0.0.1a0 <=1.3.0rc1), apache-airflow-providers-fastetl (>=0.0.36 <=0.0.39) +46 more potentially affected by CVE-2026-46374 via sqlfluff (>=0.11.2 <=4.1.0)
sqlfluff PYPI version =0.11.2, =0.0.1a0, =0.0.36, =0.4.6, =1.1.5, =0.1.2, =0.1.2, =0.2.0, =0.0.1, =0.1.0, =0.4.0, =0.19.1a7, =1.3.3, =0.9.3, =0.1.0, =0.1.0, =0.1.2 and more Source cves: CVE-2026-46374 Source advisory: OSV:GHSA-73JC-5MRQ-PRW7...
ai.looktech.ltrpc.schema:app-server (>=1.0.2 <=2.7.0), ai.looktech.ltrpc.schema:bt-app (=1.0.1) +493 more potentially affected by CVE-2026-45799 via com.squareup.wire:wire-runtime (>=1.0.0 <=6.2.0)
com.squareup.wire:wire-runtime MAVEN version =1.0.0, =1.0.2, =1.0.2, =0.0.1, =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.1.1, =0.2.7, =0.7.21, =0.7.21, =0.7.26 and more Source cves: CVE-2026-45799 Source advisory: OSV:GHSA-7XPR-HC2W-34M9...
@haxtheweb/create (>=0.1.3 <=26.0.0), @haxtheweb/open-apis (>=11.0.2 <=26.0.0) potentially affected by CVE-2026-46357 via @haxtheweb/haxcms-nodejs (>=0.0.13 <=25.0.0)
@haxtheweb/haxcms-nodejs NPM version =0.0.13, =0.1.3, =11.0.2, =26.0.0 Source cves: CVE-2026-46357 Source advisory: OSV:GHSA-9R33-XHW8-4QQP...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-56348 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-56348 Source advisory: OSV:GHSA-3875-8GCX-7V46...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by unknown CVE via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2VX9-7WPG-88JQ...
@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +7 more potentially affected by unknown CVE via @lint-md/core (>=2.0.0-beta.14 <=2.0.0)
@lint-md/core NPM version =2.0.0-beta.14, =0.3.0, =0.1.0, =2.0.0, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDCORE-16755005...
@aidps/canvas-flow (>=1.0.0 <=1.0.1), @antv/xflow (>=2.0.1 <=2.2.4) +87 more potentially affected by unknown CVE via @antv/x6-plugin-snapline (>=2.1.6 <=2.1.7)
@antv/x6-plugin-snapline NPM version =2.1.6, =1.0.0, =2.0.1, =0.0.1, =0.0.2, =1.0.0-beta.46, =0.0.4, =0.7.0, =0.0.3, =2.0.4, =0.0.27, =3.0.0, =4.0.0-600 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVX6PLUGINSNAPLINE-16755117...
fhrons-mobile (=1.1.22-beta.8) potentially affected by unknown CVE via @antv/f6-wx (=0.0.7)
@antv/f6-wx NPM version =0.0.7 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/f6-wx and may be impacted: - fhrons-mobile =1.1.22-beta.8 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVF6WX-16754838...
@lint-md/cli (>=0.0.1 <=0.1.4), @lint-md/eslint-plugin (>=0.0.1 <=0.0.3) +3 more potentially affected by unknown CVE via lint-md (>=0.1.1 <=0.2.0)
lint-md NPM version =0.1.1, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.2 - yuque-lint =0.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMD-16754472...
@antv/xflow (>=2.0.1 <=2.2.4), @antv/xflow-diff (=1.0.0) +42 more potentially affected by unknown CVE via @antv/x6-plugin-export (=2.1.6)
@antv/x6-plugin-export NPM version =2.1.6 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6-plugin-export and may be impacted: - @antv/xflow =2.0.1, =0.0.1, =0.0.1, =0.0.3, =0.6.1, =0.1.27, =0.1.1, =0.0.4, =2.0.4, =0.0.27, =3.0.0, =0.0.3, =0.3.2...
fittrackee (>=1.2.0 <=1.3.0b3), mein-et-projekt (=0.1.0) +2 more potentially affected by CVE-2026-44899 via mistune (=3.2.0)
mistune PYPI version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on mistune and may be impacted: - fittrackee =1.2.0, =2.19.0, =2.20.4 - uniovi-simur-wearablepermed-pipeline-step-counting =1.2.3 Source cves: CVE-2026-44899 Source advisory:...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-45740 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-45740 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16657756...
acegisecurity:acegi-security-catalina (>=0.7.0 <=0.9.0), ch.qos.logback:logback-access (>=${parent.version} <=0.8) +40 more potentially affected by CVE-2026-43515 via tomcat:catalina (>=4.0.6 <=5.5.9)
tomcat:catalina MAVEN version =4.0.6, =0.7.0, =$parent.version, =0.6, =3.2.10-1-SP3seam2hibernate5, =1.5, =1.0, =1.0, =1.0.0, =4.7.1, =4.7.2 - org.apache.geronimo.assemblies:geronimo-tomcat-minimal =1.2-beta - org.apache.geronimo.configs:ca-helper-tomcat =1.2-beta -...
birdclaw (>=0.1.0 <=0.7.0), livemark (>=0.0.0-dev <=0.23.0) potentially affected by CVE-2026-45321 via @tanstack/react-router-ssr-query (>=1.166.10 <=1.166.12)
@tanstack/react-router-ssr-query NPM version =1.166.10, =0.1.0, =0.0.0-dev, =0.23.0 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTROUTERSSRQUERY-16640207...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23809 more potentially affected by CVE-2026-42585 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2921 more potentially affected by CVE-2026-42580 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42580 Source advisory: SNYK:JAVA-IONETTY-16438926...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-43930 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-43930 Source advisory: OSV:GHSA-JPQ4-7FMQ-Q5FJ...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-6907 via django (>=5.2.0 <=5.2.13)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-6907 Source advisory: OSV:GHSA-5HRC-GVXJ-W55P...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +14 more potentially affected by CVE-2026-43526 via openclaw (>=2026.3.22 <=2026.4.11)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 and more Source cves: CVE-2026-43526 Source advisory: SNYK:JS-OPENCLAW-16420278...
async-std-resolver (>=0.25.0-alpha.1 <=0.25.0-alpha.5), ezk-sip-ua (>=0.5.0 <=0.7.1) +3 more potentially affected by unknown CVE via hickory-proto (=0.25.0-alpha.5)
hickory-proto CARGO version =0.25.0-alpha.5 is affected by a known vulnerability. The following packages have a transitive dependency on hickory-proto and may be impacted: - async-std-resolver =0.25.0-alpha.1, =0.5.0, =0.25.0-alpha.1, =0.25.0-alpha.5 - hickory-resolver =0.25.0-alpha.1 Source cves...
@unhook/cli (>=0.9.3 <=0.15.0) potentially affected by CVE-2026-42349 via @clerk/backend (>=2.0.0 <=2.29.3)
@clerk/backend NPM version =2.0.0, =0.9.3, =0.15.0 Source cves: CVE-2026-42349 Source advisory: OSV:GHSA-W24R-5266-9C3C...
africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2768 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)
org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)
org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...
com.redis.om:redis-om-spring-ai (>=1.0.0 <=2.0.5), io.github.massimilianopili:mcp-embeddings-tools (>=0.0.1 <=0.1.0) +2 more potentially affected by CVE-2026-40979 via org.springframework.ai:spring-ai-transformers (>=1.0.0 <=1.0.5)
org.springframework.ai:spring-ai-transformers MAVEN version =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.5 Source cves: CVE-2026-40979 Source advisory: OSV:GHSA-R5HP-3CGJ-J6XV...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), be.mogo.iam:mogo-provisioning (>=1.0.1.RELEASE <=1.1.7.RELEASE) +898 more potentially affected by CVE-2026-41635 via org.apache.mina:mina-core (>=2.0.0 <=2.0.27)
org.apache.mina:mina-core MAVEN version =2.0.0, =37.v0d3157c4aef8, =1.0.1.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.2.RELEASE, =2.0.0, =1.0.7, =1.1.6, =1.1.0, =1.0.0, =1.1.0, =5.1.3 and more Source cves: CVE-2026-41635 Source advisory:...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +7260 more potentially affected by CVE-2026-22745 via org.springframework:spring-core (>=7.0.0-M1 <=7.0.6)
org.springframework:spring-core MAVEN version =7.0.0-M1, =0.1.0, =0.1.0, =4.5.0, =4.7.11, =4.5.0, =4.5.0, =4.3.0, =4.3.0, =4.3.0, =4.7.0, =4.7.4, =4.7.4, =4.3.0, =4.7.0, =4.5.0, =4.6.0 and more Source cves: CVE-2026-22745 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109618...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-operator (>=0.0.4 <=0.6.0) +10246 more potentially affected by CVE-2026-22741 via org.springframework:spring-webmvc (>=6.0.0 <=6.2.17)
org.springframework:spring-webmvc MAVEN version =6.0.0, =0.2.0, =0.0.4, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.7.5, =0.8.3, =0.7.0, =0.5.0, =0.5.0, =0.8.7 and more Source cves: CVE-2026-22741 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109603...
AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4019 more potentially affected by unknown CVE via rustls-webpki (>=0.101.7 <=0.102.8)
rustls-webpki CARGO version =0.101.7, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XGP8-3HG3-C2MH...
best.skn:skn-spring-mail (>=1.0.0 <=2.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.0.0 <=8.8.1) +750 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring6 (>=3.1.0.M1 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring6 MAVEN version =3.1.0.M1, =1.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.6.0, =7.6.0, =7.0.0, =7.0.0, =8.8.1 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078377...
@saltcorn/admin-models (>=1.5.0 <=1.5.5-beta.0), @saltcorn/base-plugin (>=1.5.0 <=1.5.5-beta.0) +5 more potentially affected by unknown CVE via @saltcorn/data (>=1.5.0 <=1.5.5-beta.0)
@saltcorn/data NPM version =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.5-beta.0 Source cves: unknown CVE Source advisory: OSV:GHSA-59XV-588H-2VMM...
article-extractor (=0.5.8) potentially affected by unknown CVE via justhtml (=1.13.0)
justhtml PYPI version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on justhtml and may be impacted: - article-extractor =0.5.8 Source cves: unknown CVE Source advisory: OSV:GHSA-R758-8HXW-4845...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41361 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41361 Source advisory: SNYK:JS-OPENCLAW-15865306...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-33580 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-33580 Source advisory: SNYK:JS-OPENCLAW-15857174...
com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.1.0-M1 <=1.1.3)
org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +19755 more potentially affected by CVE-2026-33871 via io.netty:netty-codec-http2 (>=4.1.0.Beta4 <=4.1.131.Final)
io.netty:netty-codec-http2 MAVEN version =4.1.0.Beta4, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @4itech/schematics (>=11.7.1 <=11.7.6) +977 more potentially affected by CVE-2026-33671 via picomatch (>=4.0.1 <=4.0.3)
picomatch NPM version =4.0.1, =11.7.1, =1.2.0, =8.3.0, =1.0.25, =0.0.47, =10.0.0, =10.0.0, =13.0.0, =10.0.0, =0.0.1-development, =0.0.1, =2.0.0, =1.0.57, =1.0.100 and more Source cves: CVE-2026-33671 Source advisory: OSV:GHSA-C2C7-RCM5-VVQJ...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30949 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30949 Source advisory: OSV:GHSA-48MH-J4P5-7J9V...
@jamietanna/renovate-graph (=0.36.0), @secustor/backstage-plugin-renovate-backend-module-runtime-direct (=3.1.1) potentially affected by unknown CVE via renovate (>=42.92.4 <=42.92.5)
renovate NPM version =42.92.4, =42.92.5 is affected by a known vulnerability. The following packages have a transitive dependency on renovate and may be impacted: - @jamietanna/renovate-graph =0.36.0 - @secustor/backstage-plugin-renovate-backend-module-runtime-direct =3.1.1 Source cves: unknown C...
ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +22715 more potentially affected by CVE-2025-67735 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.128.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +15057 more potentially affected by CVE-2025-12183 +1 more via org.lz4:lz4-java (>=1.4 <=1.8.1)
org.lz4:lz4-java MAVEN version =1.4, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =1.2.10 and more Source cves: CVE-2025-12183, CVE-2025-66566 Source advisory: SNYK:JAVA-ORGLZ4-14219384...
@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +6 more potentially affected by CVE-2025-55182 via react-server-dom-webpack (=19.0.0)
react-server-dom-webpack NPM version =19.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @amazeelabs/bridge-waku =1.1.9, =3.1.12, =1.4.7, =1.1.3, =0.0.0-next-20250108080920, =0.0.0-next-20250108080920...
@akunsansan0/pucukharum (>=1.1.4 <=2.1.1), pucukharum (=2.1.1) potentially affected by unknown CVE via pucukharum (=1.1.4)
pucukharum NPM version =1.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on pucukharum and may be impacted: - @akunsansan0/pucukharum =1.1.4, =2.1.1 - pucukharum =2.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-181514...
anylearn (>=0.20.5 <=0.20.7rc3), pymetard (>=0.0.1 <=0.0.4) potentially affected by CVE-2025-48459 via apache-iotdb (=1.3.2.post0)
apache-iotdb PYPI version =1.3.2.post0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-iotdb and may be impacted: - anylearn =0.20.5, =0.0.1, =0.0.4 Source cves: CVE-2025-48459 Source advisory: OSV:PYSEC-2025-88...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +159 more potentially affected by CVE-2025-58752 via vite (>=6.0.0 <=6.3.5)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.1.10, =0.0.1, =1.0.0, =1.0.3 and more Source cves: CVE-2025-58752 Source advisory: SNYK:JS-VITE-12558116...
com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9341 via org.bouncycastle:bc-fips (=2.1.0)
org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...
simple-basic-react-button (=0.1.0) potentially affected by unknown CVE via prpo-types (=0.0.1-security)
prpo-types NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on prpo-types and may be impacted: - simple-basic-react-button =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-30788...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +12782 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.78.1)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.8.7 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789695...