26517 matches found
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41390 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41390 Source advisory: SNYK:JS-OPENCLAW-15865527...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-41387 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-41387 Source advisory: OSV:GHSA-J7P2-QCWM-94V4...
@agentholdings/agent-passport (=0.1.0), @flomesh/ztm-chat (>=2026.3.25 <=2026.3.26) +11 more potentially affected by CVE-2026-33581 via openclaw (>=0.0.1 <=2026.3.24-beta.2)
openclaw NPM version =0.0.1, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =3.3.2, =3.3.7 Source cves: CVE-2026-33581 Source advisory: OSV:GHSA-V8WV-JG3Q-QWPQ...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-33579 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-33579 Source advisory: SNYK:JS-OPENCLAW-15865802...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +12 more potentially affected by CVE-2026-41395 via openclaw (>=0.0.1 <=2026.3.24)
openclaw NPM version =0.0.1, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =3.3.2, =3.3.7 Source cves: CVE-2026-41395 Source advisory: OSV:GHSA-8689-GM9G-JGR6...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-34573 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-34573 Source advisory: OSV:GHSA-MFJ6-6P54-M98C...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.10) potentially affected by CVE-2026-34573 via parse-server (>=9.6.0-alpha.37 <=9.6.1)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.10 Source cves: CVE-2026-34573 Source advisory: SNYK:JS-PARSESERVER-15864422...
@dojo/cli-test-intern (>=0.1.0 <=2.0.0-beta3.1), express_mvc (>=4.1.1 <=4.3.10) +7 more potentially affected by CVE-2025-13465 +1 more via lodash-amd (>=4.16.4 <=4.17.23)
lodash-amd NPM version =4.16.4, =0.1.0, =4.1.1, =3.4.0, =0.0.1, =1.0.14, =0.0.7, =0.0.1, =0.1.5 - xirtam--matrix-operations =0.1.3 Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JS-LODASHAMD-15869622...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.11) potentially affected by CVE-2026-34784 via parse-server (>=9.6.0-alpha.37 <=9.7.0)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.11 Source cves: CVE-2026-34784 Source advisory: SNYK:JS-PARSESERVER-15864525...
copy-text (>=2.0.1 <=2.1.2), cypherquery (>=1.1.8 <=1.1.13) +1 more potentially affected by CVE-2021-23337 +1 more via lodash.template (>=4.0.0 <=4.0.2)
lodash.template NPM version =4.0.0, =2.0.1, =1.1.8, =2.0.7, =2.0.13 Source cves: CVE-2021-23337, CVE-2026-4800 Source advisory: SNYK:JS-LODASHTEMPLATE-15869628...
acpx-teams (=0.1.0), arifos (>=2026.2.22 <=2026.4.16) +58 more potentially affected by CVE-2026-32871 via fastmcp (>=3.0.0 <=3.1.1)
fastmcp PYPI version =3.0.0, =2026.2.22, =2026.3.13, =1.0.0, =0.56.0, =0.1.0, =0.3.2, =0.2.0, =0.3.0, =1.1.0, =0.0.1, =0.1.0, =0.5.12b18, =0.5.12b19 - efn-mcp =0.1.0 and more Source cves: CVE-2026-32871 Source advisory: SNYK:PYTHON-FASTMCP-15871014...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +152 more potentially affected by CVE-2026-34237 via io.modelcontextprotocol.sdk:mcp-core (=1.1.0)
io.modelcontextprotocol.sdk:mcp-core MAVEN version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.modelcontextprotocol.sdk:mcp-core and may be impacted: - ai.agentican:agentican-framework-core =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1,...
au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +352 more potentially affected by CVE-2026-34359 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=0.0.1 <=6.9.3)
ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =5.6.5, =5.6.5, =3.4.0, =5.6.5, =4.1.0, =4.0.3, =8.8.1 and more Source cves: CVE-2026-34359 Source advisory: OSV:GHSA-FGV2-4Q4G-WC35...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +12 more potentially affected by CVE-2026-35646 via openclaw (>=0.0.1 <=2026.3.24)
openclaw NPM version =0.0.1, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =3.3.2, =3.3.7 Source cves: CVE-2026-35646 Source advisory: OSV:GHSA-MF5G-6R6F-GHHM...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-35646 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-35646 Source advisory: SNYK:JS-OPENCLAW-15812232...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by unknown CVE via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15813032...
4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3644 more potentially affected by unknown CVE via handlebars (>=4.0.0 <=4.7.8)
handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: unknown CVE Source advisory: OSV:GHSA-442J-39WM-28R2...
io.github.jordepic:dataharness-trino (>=1.0 <=2.0) potentially affected by CVE-2026-34214 via io.trino:trino-iceberg (=476)
io.trino:trino-iceberg MAVEN version =476 is affected by a known vulnerability. The following packages have a transitive dependency on io.trino:trino-iceberg and may be impacted: - io.github.jordepic:dataharness-trino =1.0, =2.0 Source cves: CVE-2026-34214 Source advisory: SNYK:JAVA-IOTRINO-15857...
@0xsquid/mpp (>=0.1.1-beta.1 <=0.2.0), @okxweb3/mpp (=0.1.0) +2 more potentially affected by CVE-2026-34209 via mppx (>=0.1.1 <=0.3.16)
mppx NPM version =0.1.1, =0.1.1-beta.1, =0.0.0-pr-153-20260307193247, =0.1.0, =0.1.4 Source cves: CVE-2026-34209 Source advisory: OSV:GHSA-MV9J-8JVG-J8MR...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-35623 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-35623 Source advisory: SNYK:JS-OPENCLAW-15797944...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-34512 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-34512 Source advisory: SNYK:JS-OPENCLAW-15797941...
net.enilink.platform:net.enilink.platform.web (=1.6.0), org.webjars.npm:formio__core (=2.6.0) +1 more potentially affected by unknown CVE via org.webjars.npm:dompurify (>=3.1.7 <=3.3.0)
org.webjars.npm:dompurify MAVEN version =3.1.7, =0.54.0, =0.55.1 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15810939...
@1771technologies/play-frame (>=0.0.2 <=0.0.19), @9188/doso (>=1.0.0 <=1.0.10) +2136 more potentially affected by CVE-2026-4867 via path-to-regexp (>=0.0.2 <=0.1.12)
path-to-regexp NPM version =0.0.2, =0.0.2, =1.0.0, =1.0.44, =1.16.33, =1.16.33, =25.4.0-alpha.0, =16.7.2, =1.0.1, =2.4.3, =1.11.282, =1.1.55, =0.1.4, =0.1.12-beta.3 and more Source cves: CVE-2026-4867 Source advisory: OSV:GHSA-37CH-88JC-XWX2...
@clerk/agent-toolkit (>=0.3.1-canary.v20260303211310 <=0.3.16-snapshot.v20260416221307), @clerk/astro (>=3.0.1-canary.v20260303211310 <=3.0.19-canary.v20260422163039) +9 more potentially affected by CVE-2026-34076 via @clerk/backend (>=3.0.0 <=3.2.3-snapshot.v20260327200941)
@clerk/backend NPM version =3.0.0, =0.3.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =0.0.3-canary.v20260303211310, =7.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310,...
azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +30 more potentially affected by CVE-2025-15381 via mlflow-skinny (>=3.0.0 <=3.11.0rc0)
mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =7.1.1, =0.2.0, =0.2.1 and more Source cves: CVE-2025-15381 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-15870197...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33940 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33940 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803087...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33939 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33939 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807043...
1dr-twig-templating (=1.0.2), 433bf (=0.0.1) +948 more potentially affected by CVE-2026-33994 via locutus (=2.0.39)
locutus NPM version =2.0.39 is affected by a known vulnerability. The following packages have a transitive dependency on locutus and may be impacted: - 1dr-twig-templating =1.0.2 - 433bf =0.0.1 - @27works/posto =2.0.2 - @2gis/js-docs-generator =0.0.1, =0.0.1, =1.0.2, =1.0.5, =0.0.1, =0.1.0, =1.0....
1dr-twig-templating (=1.0.2), 433bf (=0.0.1) +953 more potentially affected by CVE-2026-33993 via locutus (>=2.0.10 <=2.0.39)
locutus NPM version =2.0.10, =0.0.1, =0.0.1, =1.0.2, =1.0.5, =0.0.1, =0.1.0, =1.0.0, =0.2.0, =0.9.0-rc.0 - @alchmy/generator-alchmy =0.0.206147191 and more Source cves: CVE-2026-33993 Source advisory: OSV:GHSA-4MPH-V827-F877...
@omchat/common (>=1.0.0 <=1.0.4), @tverse/ui (>=0.1.0 <=0.1.1) +2 more potentially affected by CVE-2026-33979 via express-xss-sanitizer (=1.2.1)
express-xss-sanitizer NPM version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on express-xss-sanitizer and may be impacted: - @omchat/common =1.0.0, =0.1.0, =1.0.0, =1.14.31, =1.15.2 Source cves: CVE-2026-33979 Source advisory:...
com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +4 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-bedrock-converse (>=1.1.0-M1 <=1.1.3)
org.springframework.ai:spring-ai-bedrock-converse MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =.30.0.rc1, =.30.0.rc1, =.30.0.rc1, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791534...
cn.echoparrot:echoparrot-application (=25.4.0), cn.echoparrot:echoparrot-core (>=25.4.0 <=25.4.4) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.1.0-M1 <=1.1.3)
org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.1.0-M1, =25.4.0, =1.1.0, =1.1.3 - org.vrspace:server =0.8.7 Source cves: CVE-2026-22743 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791530...
io.gitee.yeshizhe:echoparrot-application (=25.2.5), io.gitee.yeshizhe:echoparrot-core (=25.2.5) +2 more potentially affected by CVE-2026-22743 via org.springframework.ai:spring-ai-neo4j-store (>=1.0.0-M5 <=1.0.4)
org.springframework.ai:spring-ai-neo4j-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.4 Source cves: CVE-2026-22743 Source advisory: OSV:GHSA-7CJ7-RCW6-P68V...
com.chinagoods.framework.thinkcloud:think-cloud-starter-ai-vector-redis (>=4.2.3 <=4.2.6), org.springframework.ai:spring-ai-redis-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) +2 more potentially affected by CVE-2026-22744 via org.springframework.ai:spring-ai-redis-store (>=1.0.0-M5 <=1.0.4)
org.springframework.ai:spring-ai-redis-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.3.0, =1.3.8 Source cves: CVE-2026-22744 Source advisory: OSV:GHSA-44F4-GVWJ-6QG3...
4coders-commons (>=0.0.1 <=0.0.2), @11ty/eleventy (=0.3.3) +3644 more potentially affected by CVE-2026-33916 via handlebars (>=4.0.0 <=4.7.8)
handlebars NPM version =4.0.0, =0.0.1, =0.1.0, =0.1.0, =0.0.11, =0.0.52, =0.1.0, =0.0.72, =0.1.0, =1.1.1, =0.0.0-3b548b7bf6ff6554f724240da3a11be924237e6c, =1.16.0, =1.16.0, =1.16.0, =2.4.4 and more Source cves: CVE-2026-33916 Source advisory: SNYK:JS-HANDLEBARS-15789775...
org.webjars.npm:github-com-cisco-node-jose (=2.2.0), org.webjars.npm:google-auth-library (>=1.6.1 <=6.1.6) +7 more potentially affected by CVE-2026-33896 via org.webjars.npm:node-forge (>=0.10.0 <=1.3.3)
org.webjars.npm:node-forge MAVEN version =0.10.0, =1.6.1, =1.0.2, =2.3.2, =1.10.2, =2.1.1 Source cves: CVE-2026-33896 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15789772...
@2ly/runtime (>=0.0.3 <=0.2.5), @aa.tamura/lib-gqf (>=0.0.1 <=0.0.5) +552 more potentially affected by unknown CVE via @apollo/server (>=4.10.0 <=5.4.0)
@apollo/server NPM version =4.10.0, =0.0.3, =0.0.1, =0.0.0, =0.0.9, =1.0.6, =0.0.29, =0.0.4, =0.0.4, =0.0.29, =0.0.32, =1.1.1, =4.1.0, =0.0.0, =0.0.1, =1.4.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9Q82-XGWF-VJ6H...
2mxdev-gql-gateway (=1.0.0), 4m-node-server (>=0.0.1 <=0.0.8) +3154 more potentially affected by unknown CVE via apollo-server-core (>=1.3.2 <=3.13.0)
apollo-server-core NPM version =1.3.2, =0.0.1, =1.0.2, =0.0.80, =3.10.1, =1.2.0-pre.24, =1.0.1, =1.0.0, =1.0.0, =0.5.0, =1.0.0, =0.1.3, =0.1.0, =0.4.52, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9Q82-XGWF-VJ6H...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-35624 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-35624 Source advisory: OSV:GHSA-XHQ5-45PM-2GJR...
com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +62 more potentially affected by CVE-2026-3190 via org.keycloak:keycloak-model-jpa (>=1.0-alpha-1-12062013 <=26.5.5)
org.keycloak:keycloak-model-jpa MAVEN version =1.0-alpha-1-12062013, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =5.1.0-26.1, =2.5.6-24.0, =0.1.1, =0.1.1-rc3 and more Source cves: CVE-2026-3190 Source advisory:...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-35637 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-35637 Source advisory: OSV:GHSA-VFG3-PQPQ-93M4...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-35648 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-35648 Source advisory: OSV:GHSA-WJ55-88GF-X564...
vantuz (>=3.3.2 <=3.3.7) potentially affected by CVE-2026-35650 via openclaw (=0.0.1)
openclaw NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on openclaw and may be impacted: - vantuz =3.3.2, =3.3.7 Source cves: CVE-2026-35650 Source advisory: OSV:GHSA-39PP-XP36-Q6MG...
jo-cli (=1.0.2) potentially affected by CVE-2026-33750 via brace-expansion (=3.0.0)
brace-expansion NPM version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on brace-expansion and may be impacted: - jo-cli =1.0.2 Source cves: CVE-2026-33750 Source advisory: OSV:GHSA-F886-M6HF-6M8V...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +170 more potentially affected by CVE-2026-4874 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.6.0)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-4874 Source advisory: OSV:GHSA-22RM-WP4X-V5CXhttps://vulners.com/osv/OSV:GHSA-22RM-WP4X-...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @4itech/schematics (>=11.7.1 <=11.7.6) +977 more potentially affected by CVE-2026-33672 via picomatch (>=4.0.1 <=4.0.3)
picomatch NPM version =4.0.1, =11.7.1, =1.2.0, =8.3.0, =1.0.25, =0.0.47, =10.0.0, =10.0.0, =13.0.0, =10.0.0, =0.0.1-development, =0.0.1, =2.0.0, =1.0.57, =1.0.100 and more Source cves: CVE-2026-33672 Source advisory: SNYK:JS-PICOMATCH-15765513...
4itech-schematics (>=11.0.0 <=11.3.0-1), @142vip/midway (>=0.1.6-alpha.2 <=0.1.6-alpha.12) +570 more potentially affected by CVE-2026-33672 via picomatch (>=2.1.1 <=2.3.1)
picomatch NPM version =2.1.1, =11.0.0, =0.1.6-alpha.2, =7.4.1, =0.0.1, =1.0.1, =0.0.2, =2.0.0, =9.0.0, =9.2.0-alpha.9, =9.2.0-alpha.9, =1.0.101, =1.1.0, =1.4.1 and more Source cves: CVE-2026-33672 Source advisory: SNYK:JS-PICOMATCH-15765513...
01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +2125 more potentially affected by CVE-2026-33699 via pypdf (>=6.0.0 <=6.9.1)
pypdf PYPI version =6.0.0, =0.0.5, =0.1.0, =0.0.1, =0.2.0, =0.4.0, =0.3.0, =0.3.0, =0.1.1, =0.1.0, =0.0.2, =0.2.0, =1.2.27, =0.1.0, =0.6.0, =0.7.3 and more Source cves: CVE-2026-33699 Source advisory: SNYK:PYTHON-PYPDF-15766701...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-33627 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-33627 Source advisory: OSV:GHSA-37MJ-C2WF-CX96...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-33538 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-33538 Source advisory: SNYK:JS-PARSESERVER-15763384...