26517 matches found
aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-7141 via vllm (>=0.10.0 <=0.9.2)
vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-7141 Source advisory: SNYK:PYTHON-VLLM-16316415...
org.apache.camel.kafkaconnector:camel-consul-kafka-connector (>=0.1.0 <=0.11.5), org.apache.camel.karaf:camel-consul (>=4.10.3 <=4.14.5) +8 more potentially affected by CVE-2026-27172 via org.apache.camel:camel-consul (>=3.0.0-M1 <=4.14.5)
org.apache.camel:camel-consul MAVEN version =3.0.0-M1, =0.1.0, =4.10.3, =4.10.3, =1.0.0, =1.0.0, =1.0.0, =4.10.0, =3.0.0, =3.0.0-M1, =3.0.0-RC3 - org.wildfly.camel:wildfly-camel-itests-standalone-docker =12.0.0 Source cves: CVE-2026-27172 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321641...
org.apache.camel.karaf:camel-pqc (=4.18.1), org.apache.camel.quarkus:camel-quarkus-pqc (>=3.32.0 <=3.33.0) +2 more potentially affected by CVE-2026-40048 via org.apache.camel:camel-pqc (>=4.18.0 <=4.18.1)
org.apache.camel:camel-pqc MAVEN version =4.18.0, =3.32.0, =3.32.0, =4.18.0, =4.18.1 Source cves: CVE-2026-40048 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321659...
org.apache.camel.kafkaconnector:camel-mina-kafka-connector (>=0.1.0 <=0.11.5), org.apache.camel.karaf:camel-mina (>=4.10.3 <=4.14.5) +5 more potentially affected by CVE-2026-40473 via org.apache.camel:camel-mina (>=3.0.0-RC1 <=4.14.5)
org.apache.camel:camel-mina MAVEN version =3.0.0-RC1, =0.1.0, =4.10.3, =3.0.0, =3.0.0-RC1, =4.0-20200713, =4.0-20200713, =4.0-20200713, =4.3.2 Source cves: CVE-2026-40473 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321635...
ai.wanaku:core-runtime-camel (>=0.0.4 <=0.0.9), ai.wanaku:core-services (>=0.0.2 <=0.0.3) +1617 more potentially affected by CVE-2026-40860 via org.apache.camel:camel-componentdsl (>=3.10.0 <=4.14.6)
org.apache.camel:camel-componentdsl MAVEN version =3.10.0, =0.0.4, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.2, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.7 and more Source cves: CVE-2026-40860 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321539...
ca.islandora.alpaca:islandora-alpaca-app (>=2.0.0 <=2.2.0), ca.islandora.alpaca:islandora-connector-derivative (>=2.0.0 <=2.2.0) +82 more potentially affected by CVE-2026-40860 via org.apache.camel:camel-jms (>=3.0.0-M1 <=4.14.6)
org.apache.camel:camel-jms MAVEN version =3.0.0-M1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =3.0.0, =0.46, =0.3, =0.5, =0.1, =0.1, =1.0, =4.3.7.hyte-4307a, =4.3.7.hyte-4307a, =hyte-mq-4.3.7.hyte-43072 and more Source cves: CVE-2026-40860 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321536...
org.apache.camel.kafkaconnector:camel-google-pubsub-kafka-connector (>=0.1.0 <=0.11.5), org.apache.camel.kafkaconnector:camel-google-pubsub-sink-kafka-connector (>=1.0.0 <=4.14.5) +12 more potentially affected by CVE-2026-40453 via org.apache.camel:camel-google-pubsub (>=3.0.0 <=4.14.5)
org.apache.camel:camel-google-pubsub MAVEN version =3.0.0, =0.1.0, =1.0.0, =1.0.0, =3.19.0, =4.10.2, =0.9.0, =4.10.3, =4.10.3, =1.0.0, =1.0.0, =1.0.0, =1.5.0, =3.0.0, =0.5.0, =0.5.2 Source cves: CVE-2026-40453https://vulners.com/cv...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), be.mogo.iam:mogo-provisioning (>=1.0.1.RELEASE <=1.1.7.RELEASE) +898 more potentially affected by CVE-2026-41635 via org.apache.mina:mina-core (>=2.0.0 <=2.0.27)
org.apache.mina:mina-core MAVEN version =2.0.0, =37.v0d3157c4aef8, =1.0.1.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.2.RELEASE, =2.0.0, =1.0.7, =1.1.6, =1.1.0, =1.0.0, =1.1.0, =5.1.3 and more Source cves: CVE-2026-41635 Source advisory:...
org.apache.camel.karaf:camel-pqc (>=4.14.5 <=4.18.1), org.apache.camel.quarkus:camel-quarkus-pqc (>=3.24.0 <=3.33.0) +2 more potentially affected by CVE-2026-40048 via org.apache.camel:camel-pqc (>=4.12.0 <=4.18.1)
org.apache.camel:camel-pqc MAVEN version =4.12.0, =4.14.5, =3.24.0, =3.24.0, =4.12.0, =4.18.1 Source cves: CVE-2026-40048 Source advisory: OSV:GHSA-V3VG-332R-MW99...
ai.intelliswarm:swarmai-core (>=1.0.0 <=1.0.28), ai.intelliswarm:swarmai-distributed (>=1.0.0 <=1.0.28) +12 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-pgvector-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-pgvector-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =4.2.3, =0.0.1, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321394...
org.springframework.ai:spring-ai-starter-vector-store-typesense (>=1.0.0 <=1.0.5), org.springframework.ai:spring-ai-typesense-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-typesense-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-typesense-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0-M5, =1.0.0-M6 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321396...
ai.driftkit:driftkit-vector-spring-ai (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-vector-spring-ai-starter (>=0.6.0 <=0.8.7) +196 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-vector-store (>=1.0.0-M7 <=1.0.5)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.0.0-M7, =0.6.0, =0.6.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =1.0.28 - com.alibaba.cloud.ai.autoconfigure.memory.long:spring-ai-alibaba-autoconfigure-memory-long =1.0.0.4 -...
org.springframework.ai:spring-ai-starter-vector-store-couchbase (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-couchbase-store (>=1.0.0-M7 <=1.0.5)
org.springframework.ai:spring-ai-couchbase-store MAVEN version =1.0.0-M7, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316423...
org.springframework.ai:spring-ai-starter-vector-store-weaviate (>=1.0.0 <=1.0.5), org.springframework.ai:spring-ai-weaviate-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-weaviate-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-weaviate-store MAVEN version =1.0.0-M5, =1.0.0, =1.0.0-M5, =1.0.0-M6 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321397...
com.alibaba.cloud.ai:spring-ai-alibaba-studio-server-admin (=1.0.0.4), com.alibaba.cloud.ai:spring-ai-alibaba-studio-server-core (=1.0.0.4) +4 more potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-elasticsearch-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-elasticsearch-store MAVEN version =1.0.0-M5, =4.2.3, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321388...
org.springframework.ai:spring-ai-mariadb-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6), org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40967 via org.springframework.ai:spring-ai-mariadb-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40967 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16321390...
org.springframework.ai:spring-ai-azure-cosmos-db-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6), org.springframework.ai:spring-ai-starter-vector-store-azure-cosmos-db (>=1.0.0 <=1.0.5) potentially affected by CVE-2026-40978 via org.springframework.ai:spring-ai-azure-cosmos-db-store (>=1.0.0-M5 <=1.0.5)
org.springframework.ai:spring-ai-azure-cosmos-db-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.5 Source cves: CVE-2026-40978 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316419...
com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-memory-long (>=1.1.0.0 <=1.1.2.3), com.alibaba.cloud.ai:spring-ai-alibaba-starter-memory-long (>=1.1.0.0 <=1.1.2.3) +5 more potentially affected by CVE-2026-40966 via org.springframework.ai:spring-ai-advisors-vector-store (>=1.1.0-M3 <=1.1.4)
org.springframework.ai:spring-ai-advisors-vector-store MAVEN version =1.1.0-M3, =1.1.0.0, =1.1.0.0, =1.1.0.0, =0.0.6, =4.17.0, =4.17.0, =4.20.0 - org.vrspace:server =0.8.7 Source cves: CVE-2026-40966 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16316424...
cc.allio.uno:uno-data-db (>=1.1.9 <=1.2.1), cc.allio.uno:uno-test (>=1.1.9 <=1.2.1) +198 more potentially affected by CVE-2026-7045 via com.baomidou:dynamic-datasource-spring-boot-common (>=4.0.0-B1 <=4.5.0)
com.baomidou:dynamic-datasource-spring-boot-common MAVEN version =4.0.0-B1, =1.1.9, =1.1.9, =2024.1.1.0, =2023.5.1.0, =2022.5.0.0, =2022.4.1.0, =1.0.0-JDK21, =1.0.0-JDK21, =4.0.0, =4.0.0, =4.5.0 - com.baomidou:dynamic-datasource-spring-boot4-starter =4.5.0 and more Source cves: CVE-2026-7045 Sour...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-44998 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-44998 Source advisory: SNYK:JS-OPENCLAW-16298052...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +20 more potentially affected by CVE-2026-44117 via openclaw (>=2026.3.22 <=2026.4.2)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-44117 Source advisory: SNYK:JS-OPENCLAW-16298053...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +20 more potentially affected by CVE-2026-44114 via openclaw (>=2026.3.22 <=2026.4.2)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-44114 Source advisory: SNYK:JS-OPENCLAW-16298041...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +21 more potentially affected by CVE-2026-41908 via openclaw (>=0.0.1 <=2026.4.2)
openclaw NPM version =0.0.1, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 - @xmoxmo/bncr =0.0.8 - morpho-vault-manager =0.1.0 and more Source cves: CVE-2026-41908 Source advisory: OSV:GHSA-V8QF-FR4G-28P2...
@8btc/excalidraw (>=0.18.0-beta.0 <=0.18.0-beta.4), @alkemio/excalidraw (>=0.17.1-alkemio-5 <=0.19.0-alkemio-1) +99 more potentially affected by unknown CVE via @excalidraw/mermaid-to-excalidraw (>=0.3.0 <=1.1.2)
@excalidraw/mermaid-to-excalidraw NPM version =0.3.0, =0.18.0-beta.0, =0.17.1-alkemio-5, =1.0.0, =0.18.3, =0.18.0, =0.0.1-BETA, =0.5.0-00d79ee, =0.17.1, =18.0.3, =0.18.0-patch.1, =0.17.1-1d71f84, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-39H7-PWV7-RC3X...
@13w/local-rag (=2.0.0), @amodalai/cli (>=0.1.0 <=0.1.1) +30 more potentially affected by unknown CVE via @google/gemini-cli (>=0.11.3 <=0.39.0-nightly.20260411.0957f7d3e)
@google/gemini-cli NPM version =0.11.3, =0.1.0, =0.1.5, =0.1.0, =1.0.0, =0.0.17, =0.6.4, =0.0.1, =1.3.0, =0.1.10, =1.0.0, =2.0.0 and more Source cves: unknown CVE Source advisory: SNYK:JS-GOOGLEGEMINICLI-16301693...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7018 more potentially affected by CVE-2026-42040 via axios (>=1.0.0 <=1.15.0)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2026-42040 Source advisory:...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7018 more potentially affected by CVE-2026-42033 via axios (>=1.0.0 <=1.15.0)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2026-42033 Source advisory:...
0xpay-cc-sdk (>=0.0.8 <=0.1.0), 0xtrails (>=0.0.0-20251106131028 <=0.16.2) +7018 more potentially affected by CVE-2026-42034 via axios (>=1.0.0 <=1.15.0)
axios NPM version =1.0.0, =0.0.8, =0.0.0-20251106131028, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.0-canary-847463221a9a1bee28641d8c0ecfaca98ee142f6, =0.0.1-alpha.3, =0.1.6-alpha.11, =0.1.6-alpha.12 and more Source cves: CVE-2026-42034 Source advisory:...
AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4020 more potentially affected by unknown CVE via rustls-webpki (>=0.100.3 <=0.102.8)
rustls-webpki CARGO version =0.100.3, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-82J2-J2CH-GFR8...
aws-encryption-sdk-cli (>=2.1.0 <=3.1.0), cloudformation-cli-python-lib (>=2.1.9 <=2.1.16) +4 more potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=2.0.0 <=3.3.0)
aws-encryption-sdk PYPI version =2.0.0, =2.1.0, =2.1.9, =1.0.0, =1.0.1, =0.4.8, =25.11.0, =25.14.1 Source cves: CVE-2026-6550 Source advisory: OSV:GHSA-V638-38FC-RHFV...
@11ty/eleventy (=3.0.0-alpha.16), @agiflowai/aicode-toolkit (>=0.6.0 <=1.1.0) +93 more potentially affected by CVE-2026-41311 via liquidjs (>=10.10.0 <=10.25.6)
liquidjs NPM version =10.10.0, =0.6.0, =0.1.0, =0.0.0, =0.5.5, =0.8.0, =1.0.1, =1.6.3, =3.11.0, =3.11.0, =3.11.0, =1.0.0-beta.1, =1.0.0-beta.4 - @clairview/api =23.1.0 and more Source cves: CVE-2026-41311 Source advisory: OSV:GHSA-4RC3-7J7W-M548...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-41044 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-41044 Source advisory: OSV:GHSA-MR6M-XJ7V-3CV3...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.2.1 <=3.3.0-alpha), org.apache.dolphinscheduler:dolphinscheduler-extract-alert (>=3.2.1 <=3.3.0-alpha) +13 more potentially affected by CVE-2025-62233 via org.apache.dolphinscheduler:dolphinscheduler-extract-base (>=3.2.1 <=3.3.0-alpha)
org.apache.dolphinscheduler:dolphinscheduler-extract-base MAVEN version =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.3.0-alpha - o...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-41044 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.4)
org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-41044 Source advisory:...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-41358 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-41358 Source advisory: SNYK:JS-OPENCLAW-16206250...
companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3), corporateai (=2026.328.0-canary.0) +3 more potentially affected by CVE-2026-41679 via @paperclipai/server (>=2026.318.0-canary.0 <=2026.416.0-canary.1)
@paperclipai/server NPM version =2026.318.0-canary.0, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: CVE-2026-41679 Source advisory: SNYK:JS-PAPERCLIPAISERVER-16189082...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2026-3960 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2026-3960 Source advisory: OSV:GHSA-QMCV-HH7C-3M56...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +21083 more potentially affected by CVE-2026-40977 via org.springframework.boot:spring-boot (>=3.0.0 <=3.5.13)
org.springframework.boot:spring-boot MAVEN version =3.0.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...
@deviceinsight/ng-ui-scale-lib (>=9.14.0 <=10.1.0), @namiq/chat-widget (>=0.0.11 <=0.0.15) +6 more potentially affected by CVE-2026-41886 via locize (>=0.0.3 <=4.0.16)
locize NPM version =0.0.3, =9.14.0, =0.0.11, =1.5.0, =0.0.3, =1.0.0, =0.0.1, =0.0.7 Source cves: CVE-2026-41886 Source advisory: OSV:GHSA-W937-FG2H-XHQ2...
2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +4860 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (>=0.7.0 <=0.8.12)
@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.0, =1.2.13 and more Source cves: CVE-2026-41673 Source advisory: OSV:GHSA-2V35-W6HQ-6MFW...
2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +4860 more potentially affected by CVE-2026-41674 via @xmldom/xmldom (>=0.7.0 <=0.8.12)
@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.0, =1.2.13 and more Source cves: CVE-2026-41674 Source advisory: SNYK:JS-XMLDOMXMLDOM-16134549...
org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41674 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)
org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41674 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16134550...
@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41675 via @xmldom/xmldom (=0.9.0)
@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41675 Source advisory:...
@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41672 via @xmldom/xmldom (=0.9.0)
@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41672 Source advisory:...
@nocobase/actions (>=0.4.0-alpha.1 <=2.0.38), @nocobase/api (>=0.4.0-alpha.1 <=0.4.0-alpha.7) +37 more potentially affected by CVE-2026-41640 via @nocobase/database (>=0.10.0-alpha.2 <=2.0.38)
@nocobase/database NPM version =0.10.0-alpha.2, =0.4.0-alpha.1, =0.4.0-alpha.1, =0.14.0-alpha.4, =0.7.0-alpha.1, =0.10.0-alpha.2, =0.14.0-alpha.4, =0.20.0-alpha.1, =0.18.0-alpha.1, =0.7.0-alpha.1, =0.4.0-alpha.1, =0.7.1-alpha.4, =0.10.1-alpha.1, =0.4.0-alpha.1, =0.4.0-alpha.1, =0.10.1-alpha.1 and...
@marko/compiler (=5.0.0-next.0), @marko/translator-default (=5.0.0-next.0) +1 more potentially affected by CVE-2026-41591 via marko (>=5.0.0-next.0 <=5.20.9)
marko NPM version =5.0.0-next.0, =1.1.4, =1.2.1 Source cves: CVE-2026-41591 Source advisory: SNYK:JS-MARKO-16421453...
@marko/translator-interop-class-tags (>=0.1.1 <=0.2.24), @marko/translator-tags (>=0.1.1 <=0.4.8) potentially affected by CVE-2026-41591 via @marko/runtime-tags (>=0.1.25 <=0.3.86)
@marko/runtime-tags NPM version =0.1.25, =0.1.1, =0.1.1, =0.4.8 Source cves: CVE-2026-41591 Source advisory: OSV:GHSA-X9FJ-57FH-C8WQ...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +14 more potentially affected by CVE-2026-34067 via nimiq-transaction (>=0.1.0 <=0.2.0)
nimiq-transaction CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-34067 Source advisory: OSV:GHSA-264V-M8FM-76JM...
011xwztpjn (=1.0.0), 02y9dg4qm3 (=1.0.0) +11431 more potentially affected by CVE-2026-41240 via dompurify (>=0.6.6 <=3.3.3)
dompurify NPM version =0.6.6, =3.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on dompurify and may be impacted: - 011xwztpjn =1.0.0 - 02y9dg4qm3 =1.0.0 - 04tw75kmd9 =1.0.0 - 0650teqqly =1.0.0 - 097oi25ils =1.0.0 - 0a0fpniotn =1.0.0 - 0c7j76u46q...