26517 matches found
com.47deg:freestyle-http-http4s_2.11 (=0.1.0), com.azavea.geotrellis:geotrellis-server-core_2.11 (>=4.0.1 <=4.2.0) +173 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.11 (>=0.9.1 <=2.1.0)
co.fs2:fs2-io2.11 MAVEN version =0.9.1, =4.0.1, =4.0.1, =4.0.1, =0.4.0, =0.4.0, =5.0.0, =2.0.0, =0.12.7, =0.12.7, =0.12.7, =0.14.1, =0.12.7, =1.1.0, =1.2.1 and more Source cves: CVE-2025-58369 Source advisory: SNYK:JAVA-COFS2-13180115...
co.fs2:fs2-protocols_2.12 (>=3.10-4b5f50b <=3.12.0-RC2), com.47deg:github4s_2.12 (>=0.29.0 <=0.29.1) +435 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.12 (>=3.0.0 <=3.12.0)
co.fs2:fs2-io2.12 MAVEN version =3.0.0, =3.10-4b5f50b, =0.29.0, =1.0.0, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898,...
ch.j3t:zio-prefetcher_2.12 (>=0.3.0 <=0.7.0), com.47deg:embedded-cassandra-core_2.12 (=0.0.7) +465 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.12 (>=2.0.0 <=2.5.12)
co.fs2:fs2-io2.12 MAVEN version =2.0.0, =0.3.0, =0.22.0, =0.0.1, =0.13.2, =0.2.6, =0.3.0, =0.2.0, =0.1.0, =0.7.0, =0.7.0, =0.18.1, =0.17.0, =0.17.0, =0.1.21, =0.19.3 and more Source cves: CVE-2025-58369 Source advisory: SNYK:JAVA-COFS2-12669991...
ba.sake:hepek-http4s_3 (>=0.31.0 <=0.34.0), ch.linkyard.mcp:jsonrpc2-stdio_3 (>=0.1.0 <=0.3.2) +661 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_3 (>=3.0-117-375521f <=3.12.1)
co.fs2:fs2-io3 MAVEN version =3.0-117-375521f, =0.31.0, =0.1.0, =0.2.0, =0.1.0, =3.10-4b5f50b, =0.29.0, =0.2.1, =1.0.0, =0.1.0, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-148-8da8898, =1.0-377-020cf9e and more Source cves: CVE-2025-58369 Source advisory:...
ca.qc.ircm:plate-layout (=0.8), com.github.ilgun:expandingtextarea (=2.0) +100 more potentially affected by CVE-2025-9467 via com.vaadin:vaadin-server (>=8.0.0 <=8.28.1)
com.vaadin:vaadin-server MAVEN version =8.0.0, =1.0.0, =1.0.0, =1.1.20, =1.1.8, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.5 and more Source cves: CVE-2025-9467 Source advisory: OSV:GHSA-9GFH-4FWJ-W3RJ...
aana (>=0.2.1 <=0.2.2), acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9) +487 more potentially affected by CVE-2025-58367 via deepdiff (>=5.0.1 <=8.6.0)
deepdiff PYPI version =5.0.1, =0.2.1, =0.1.7, =3.0.0b853, =0.1.0, =0.0.1, =0.1.0, =1.8.15, =1.8.17, =1.8.14, =1.0.0, =2.8.5, =0.1.6, =0.2.0 and more Source cves: CVE-2025-58367 Source advisory: SNYK:PYTHON-DEEPDIFF-12485343...
aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1461 more potentially affected by CVE-2025-57833 via django (>=5.2.0 <=5.2.5)
django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-57833 Source advisory: OSV:PYSEC-2025-105...
@ainsleydev/payload-helper (>=0.0.1 <=0.0.32), @anjy7/navbar-cms (=0.0.5) +63 more potentially affected by CVE-2025-4643 +1 more via payload (>=0.12.3 <=3.35.1)
payload NPM version =0.12.3, =0.0.1, =1.0.1, =1.0.0, =1.0.6, =0.1.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.7, =1.0.0, =1.1.8 and more Source cves: CVE-2025-4643, CVE-2025-4644 Source advisory: OSV:GHSA-26RV-H2HF-3FW4...
@cedarjs/api-server (>=0.0.4 <=9.0.0-canary.1784), @cedarjs/cli (>=0.0.4 <=9.0.0-canary.1784) +49 more potentially affected by unknown CVE via @escape.tech/graphql-armor-max-depth (>=2.0.0 <=2.4.1)
@escape.tech/graphql-armor-max-depth NPM version =2.0.0, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.9.1-next.19, =0.0.4, =0.0.4, =0.0.2, =2.0.0, =2.0.6, =2.2.2, =2.19.6 and more Source cves: unknown CVE Source advisory: SNYK:JS-ESCAPETECHGRAPHQLARMORMAXDEPTH-12219686...
org.webjars.bower:jspdf-autotable (>=2.0.2 <=2.1.0) potentially affected by CVE-2025-57810 via org.webjars.bower:jspdf (>=1.0.272 <=1.4.1)
org.webjars.bower:jspdf MAVEN version =1.0.272, =2.0.2, =2.1.0 Source cves: CVE-2025-57810 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-12205534...
org.webjars.bowergithub.hhurz:tableexport.jquery.plugin (=1.26.0) potentially affected by CVE-2025-57810 via org.webjars.bowergithub.parallax:jspdf (=2.4.0)
org.webjars.bowergithub.parallax:jspdf MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.bowergithub.parallax:jspdf and may be impacted: - org.webjars.bowergithub.hhurz:tableexport.jquery.plugin =1.26.0 Source cves:...
@n8n/task-runner (>=1.37.0 <=1.42.3), n8n-node-dev (>=1.0.0 <=1.104.3) +10 more potentially affected by CVE-2025-57749 via n8n-core (>=1.0.0 <=1.105.3)
n8n-core NPM version =1.0.0, =1.37.0, =1.0.0, =0.1.0, =0.3.3, =0.3.1, =1.1.0, =0.1.4, =0.4.10, =0.2.0, =0.1.0, =0.4.28 Source cves: CVE-2025-57749 Source advisory: SNYK:JS-N8NCORE-12081401...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +326 more potentially affected by CVE-2025-54988 via org.apache.tika:tika-parser-pdf-module (>=2.0.0-ALPHA <=3.2.1)
org.apache.tika:tika-parser-pdf-module MAVEN version =2.0.0-ALPHA, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.0, =1.0.3.1-JDK21, =1.0.0, =1.0.0, =1.0, =1.4 and more Source cves: CVE-2025-54988 Source advisory: OSV:GHSA-P72G-PV48-7W9X...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +324 more potentially affected by CVE-2025-54988 +1 more via org.apache.tika:tika-parser-pdf-module (>=2.0.0 <=3.2.1)
org.apache.tika:tika-parser-pdf-module MAVEN version =2.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.0, =1.0.3.1-JDK21, =1.0.0, =1.0.0, =1.0, =1.4 and more Source cves: CVE-2025-54988, CVE-2025-66516 Source advisory: SNYK:JAVA-ORGAPACHETIKA-12238980...
https-curl (=1.7.9), multi-installer (=0.0.1) +1 more potentially affected by CVE-2025-55294 via screenshot-desktop (>=1.15.0 <=1.15.1)
screenshot-desktop NPM version =1.15.0, =1.0.0, =1.0.1 Source cves: CVE-2025-55294 Source advisory: SNYK:JS-SCREENSHOTDESKTOP-12028632...
40au-isteven-angular-multiselect (=4.0.0), @0negativ/hawtio-integration (>=4.13.7-rc4 <=4.13.7-rc5) +502 more potentially affected by CVE-2025-4690 via angular-sanitize (>=1.2.27 <=1.8.3)
angular-sanitize NPM version =1.2.27, =4.13.7-rc4, =0.0.1, =0.0.1, =0.1.0, =2.0.0, =0.3.2, =0.2.7, =1.0.0, =1.0.0, =0.2.1, =0.0.1, =1.0.0, =3.0.2, =4.16.5 and more Source cves: CVE-2025-4690 Source advisory: SNYK:JS-ANGULARSANITIZE-12177871...
aella-gateway-admin (>=1.0.5 <=1.0.9), angus-router (>=0.1.0 <=0.1.4) +5 more potentially affected by CVE-2025-9095 via express-gateway (=1.16.11)
express-gateway NPM version =1.16.11 is affected by a known vulnerability. The following packages have a transitive dependency on express-gateway and may be impacted: - aella-gateway-admin =1.0.5, =0.1.0, =1.0.0, =0.0.1, =0.0.5, =0.0.6 - factoria.rae.identity =1.0.0 - wawole-gateway =1.0.0 Source...
confluence-static-site-builder (>=1.0.0-m04 <=1.0.0-m08) potentially affected by unknown CVE via commnader (=0.0.1-security)
commnader NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commnader and may be impacted: - confluence-static-site-builder =1.0.0-m04, =1.0.0-m08 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17424...
cli-form (>=0.0.0 <=0.1.4), kik (>=0.0.0 <=1.3.0) potentially affected by unknown CVE via cli-qa (>=0.3.0 <=2.3.0)
cli-qa NPM version =0.3.0, =0.0.0, =0.0.0, =1.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17116...
ourtunes (>=0.0.0 <=1.1.0), play-url (>=0.0.2 <=0.0.5) potentially affected by unknown CVE via rdio-js-api (=0.0.6)
rdio-js-api NPM version =0.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on rdio-js-api and may be impacted: - ourtunes =0.0.0, =0.0.2, =0.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2025-31754...
delegate-dom (>=0.0.0 <=0.0.1), dom-delegation-stream (=0.0.0) +2 more potentially affected by unknown CVE via matches-dom-selector (=0.0.0)
matches-dom-selector NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on matches-dom-selector and may be impacted: - delegate-dom =0.0.0, =1.0.0, =1.0.0, =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25996...
my-testutil (=1.0.1), storm-test (=0.0.1) +1 more potentially affected by unknown CVE via wepack-cli (=0.0.1-security)
wepack-cli NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on wepack-cli and may be impacted: - my-testutil =1.0.1 - storm-test =0.0.1 - stormydb =0.1.1, =0.5.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-39082...
airbasix (>=0.2.0 <=0.3.0) potentially affected by unknown CVE via wix-data (=0.0.1-security)
wix-data NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on wix-data and may be impacted: - airbasix =0.2.0, =0.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-39367...
cli-form (>=0.0.0 <=0.1.4), cli-qa (>=0.0.0 <=2.3.0) +1 more potentially affected by unknown CVE via read-cli-input (=1.0.1)
read-cli-input NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on read-cli-input and may be impacted: - cli-form =0.0.0, =0.0.0, =0.0.0, =1.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-31878...
@tgticketing/common (>=1.0.2 <=1.0.25), pirvp (=1.0.0) potentially affected by unknown CVE via exrpess (=0.0.1-security)
exrpess NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on exrpess and may be impacted: - @tgticketing/common =1.0.2, =1.0.25 - pirvp =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-20101...
@luxiaodan/el-selection-tree-table (=1.0.3) potentially affected by unknown CVE via lodsah (=0.0.1-security)
lodsah NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on lodsah and may be impacted: - @luxiaodan/el-selection-tree-table =1.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25516...
luis-reddit-cli (=1.0.0), md-links-larissadepaula (>=0.2.0 <=0.2.1) +1 more potentially affected by unknown CVE via node-fecth (=0.0.1-security)
node-fecth NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on node-fecth and may be impacted: - luis-reddit-cli =1.0.0 - md-links-larissadepaula =0.2.0, =0.0.37, =0.0.40 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27...
clicommandcources (=1.0.1) potentially affected by unknown CVE via commandr (=0.0.1-security)
commandr NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commandr and may be impacted: - clicommandcources =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17409...
docusign-jsx (=1.0.0), word-replace-contabil (>=1.0.1 <=1.0.9) potentially affected by unknown CVE via word2pdf (=0.0.1-security)
word2pdf NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on word2pdf and may be impacted: - docusign-jsx =1.0.0 - word-replace-contabil =1.0.1, =1.0.9 Source cves: unknown CVE Source advisory: OSV:MAL-2025-39417...
@alancastro06/coolsolelog (=22.14.0), albot (>=0.1.0 <=0.14.1) +43 more potentially affected by unknown CVE via ansi-codes (>=0.0.0 <=2.0.0)
ansi-codes NPM version =0.0.0, =0.1.0, =0.0.10, =7.1.0, =0.0.8, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =1.0.0, =0.0.1, =0.0.0, =0.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-14554...
08cms (=1.0.0), 1.1.0 (=1.0.0) +8988 more potentially affected by unknown CVE via orchestrator (>=0.0.5 <=0.3.8)
orchestrator NPM version =0.0.5, =1.0.0, =1.0.0, =0.0.2, =1.0.0, =0.0.1, =1.0.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-28475...
declarative-js (>=0.0.0 <=0.0.2) potentially affected by unknown CVE via andthen (=0.0.2)
andthen NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on andthen and may be impacted: - declarative-js =0.0.0, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-14514...
circle (>=0.0.0 <=0.0.9), democirclepackage (=1.0.3) +3 more potentially affected by unknown CVE via post-data (=0.0.0)
post-data NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on post-data and may be impacted: - circle =0.0.0, =0.0.40, =0.0.0, =0.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-29531...
@c0b41/prettify-error (=1.0.0), assume (>=0.0.10 <=1.4.0) +22 more potentially affected by unknown CVE via failing-code (>=0.0.2 <=0.1.0)
failing-code NPM version =0.0.2, =0.0.10, =7.1.0, =1.0.0, =0.1.1, =1.0.0, =0.0.1, =0.0.4 - innkeeper =1.0.4 - limited-parallel-loop =0.0.0 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-20162...
my-first-vue-project (=0.1.0), react-responsive-data-table (>=1.0.0 <=1.0.5) potentially affected by unknown CVE via bootstrap4 (=0.0.1-security)
bootstrap4 NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap4 and may be impacted: - my-first-vue-project =0.1.0 - react-responsive-data-table =1.0.0, =1.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2025-159...
ai.acolite:openai-agent-sdk (>=0.1.0 <=0.4.0), ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +11788 more potentially affected by CVE-2025-8671 via org.apache.httpcomponents.core5:httpcore5-h2 (>=5.0 <=5.3.4)
org.apache.httpcomponents.core5:httpcore5-h2 MAVEN version =5.0, =0.1.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.0.4, =0.0.4, =1.0.0, =1.0.2 and more Source...
@fedify/botkit (>=0.3.0-dev.125 <=0.3.0-dev.131) potentially affected by CVE-2025-54888 via @fedify/fedify (=1.8.1-dev.1262)
@fedify/fedify NPM version =1.8.1-dev.1262 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.3.0-dev.125, =0.3.0-dev.131 Source cves: CVE-2025-54888 Source advisory: SNYK:JS-FEDIFYFEDIFY-11735306...
org.apache.camel:camel-example-cxf (>=2.14.0 <=2.19.5), org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests (>=3.0.0 <=3.6.11) +17 more potentially affected by CVE-2025-48913 via org.apache.cxf:cxf-rt-transports-jms (>=3.0.0-milestone1 <=3.6.7)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =3.0.0-milestone1, =2.14.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.0, =5.0.0.Beta1, =5.0.0.Beta1, =5.0.0.Beta1, =5.0.0.Beta1, =5.5.0.Final and more Source cves: CVE-2025-48913 Source advisory:...
@astar-network/swanky-cli (>=2.2.0-alpha.0 <=2.2.3), @neon.id/uji-grader (>=1.0.0 <=1.2.0) +1 more potentially affected by CVE-2025-54803 via js-toml (>=0.1.1 <=1.0.0)
js-toml NPM version =0.1.1, =2.2.0-alpha.0, =1.0.0, =1.0.0, =1.2.0 Source cves: CVE-2025-54803 Source advisory: OSV:GHSA-65FC-CR5F-V7R2...
@brandboostinggmbh/image (=0.6.2), @cssninja/nuxt-media-viewer (>=0.0.1 <=0.0.15) +46 more potentially affected by CVE-2025-54387 via ipx (>=0.3.2 <=1.1.0)
ipx NPM version =0.3.2, =0.0.1, =1.0.0, =1.0.0-27100507.943fa27, =1.0.3, =1.0.3-27133259.82aaae0, =0.0.2-beta.0, =0.2.0, =14.9.23-prev, =0.6.3, =0.6.2, =1.0.0-beta.2, =1.0.0-beta.2, =1.0.18, =1.0.0-beta.4, =1.0.0-beta.12 and more Source cves: CVE-2025-54387 Source advisory: OSV:GHSA-MM3P-J368-7JC...
acapy-agent (>=1.1.1 <=1.5.0rc1), acapy-agent-jamie-testing (=1.3.1rc1) +447 more potentially affected by CVE-2025-45768 via pyjwt (>=2.0.0 <=2.10.1)
pyjwt PYPI version =2.0.0, =1.1.1, =0.1.1, =0.1.31, =0.1.0, =0.5.0, =1.89.5, =0.1.0, =0.0.1, =0.1.59, =0.2.47, =24.12.0, =1.29.7, =1.37.0 - anote-generate =0.3.0 and more Source cves: CVE-2025-45768 Source advisory: SNYK:PYTHON-PYJWT-11356591...
app.tozzi.mail:pec-parser (=4.0.0), app.tozzi:uudecoder (=4.0.0) +1257 more potentially affected by CVE-2025-7962 via com.sun.mail:jakarta.mail (>=2.0.0-RC1 <=2.0.1)
com.sun.mail:jakarta.mail MAVEN version =2.0.0-RC1, =0.2.0, =0.2.0, =2.0.1, =2.0.0, =0.1, =0.4, =1.0.0, =2022.3.4.0, =1.0.0-JDK21, =1.0.3.2-JDK21 - cn.sunyblog.easymail:easymail-spring-boot-starter3 =1.0.1 and more Source cves: CVE-2025-7962 Source advisory: SNYK:JAVA-COMSUNMAIL-12028709...
@1inch/delegating (=2.0.0), @1inch/farming (=4.0.0) +31 more potentially affected by CVE-2025-54070 via @openzeppelin/contracts (>=5.2.0 <=5.3.0)
@openzeppelin/contracts NPM version =5.2.0, =1.0.0-alpha.9, =0.0.4, =1.0.0, =0.1.0, =0.4.27, =0.3.0, =0.5.3, =7.9.0-main3c5a2f8, =7.9.0-maine3c28f1, =7.9.0-main01f77d70, =7.9.0-mainc91b9b3, =7.9.0-main163e291, =7.9.0-main0cdac11, =8.0.9-prffd008c and more Source cves: CVE-2025-54070 Source...
org.webjars.npm:nestjs__platform-express (>=8.4.7 <=9.0.0-next.2) potentially affected by CVE-2025-7338 via org.webjars.npm:multer (=1.4.4-lts.1)
org.webjars.npm:multer MAVEN version =1.4.4-lts.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:multer and may be impacted: - org.webjars.npm:nestjsplatform-express =8.4.7, =9.0.0-next.2 Source cves: CVE-2025-7338 Source advisory:...
africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0) +5879 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.2.7)
io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1...
ai.swim:swim-js (=3.10.0), ai.swim:swim-vm (=3.10.0) +3052 more potentially affected by CVE-2025-30754 via org.graalvm.sdk:graal-sdk (>=19.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =19.0.0, =0.0.1, =0.1.5, =0.1.5, =0.0.2, =0.0.2, =1.5.1, =1.0.0, =1.0.2, =1.0.0, =1.0.2, =1.0.2, =1.1.4 and more Source cves: CVE-2025-30754 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-11023285...
de.the-library-code.dspace:addon-duplication-detection-service-api (>=6.2.0 <=6.3.1), de.the-library-code.dspace:addon-duplication-detection-service-jspui (>=6.2.0 <=6.3.1) +53 more potentially affected by CVE-2025-53621 via org.dspace:dspace-api (>=1.5-alpha <=7.0-preview-1)
org.dspace:dspace-api MAVEN version =1.5-alpha, =6.2.0, =6.2.0, =5.8.0, =5.8.0, =5.4.0, =5.4.0, =5.4.0, =3.0, =1.7.0, =1.7.0, =5.11 and more Source cves: CVE-2025-53621 Source advisory: OSV:GHSA-JJWR-5CFH-7XWH...
@altipla/directus-sdk-utils (=0.7.2), @bicou/directus-extension-imagga (>=1.6.3 <=1.6.6) +9 more potentially affected by CVE-2025-53889 via directus (>=10.10.0 <=11.8.0)
directus NPM version =10.10.0, =1.6.3, =11.16.1-depup.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 - lease-directus-template =0.0.0 Source cves: CVE-2025-53889 Source advisory: OSV:GHSA-7CVF-PXGP-42FC...
com.axonivy.ivy.tool.soap:cxf-client-codegen (=1.0.0), cv.igrp:igrp-core (>=1.7.3.230801 <=1.7.3.230802) +378 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=3.6.0 <=3.6.5)
org.apache.cxf:cxf-core MAVEN version =3.6.0, =1.7.3.230801, =3.0-M3, =3.0-M3, =3.0-M3, =3.0-M3, =2.0, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =3.0.5, =3.0.6 - net.tirasa.connid.bundles:net.tirasa.connid.bundles.servicenow =1.0.4 and more Source cves:...
@wix/mcp-remote (=0.0.6) potentially affected by CVE-2025-6514 via mcp-remote (=0.1.13)
mcp-remote NPM version =0.1.13 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-remote and may be impacted: - @wix/mcp-remote =0.0.6 Source cves: CVE-2025-6514 Source advisory: OSV:GHSA-6XPM-GGF7-WC3P...