26517 matches found
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +164 more potentially affected by CVE-2026-40690 via apache-airflow (>=1.8.2 <=3.2.1)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =1.6.0 and more Source cves: CVE-2026-40690 Source advisory: OSV:GHSA-W7RC-Q6CM-F5GM...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-34197 +1 more via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-34197, CVE-2026-40466 Source advisory: OSV:GHSA-W3W2-MPP5-92GM...
org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-41044 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)
org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-41044 Source advisory: OSV:GHSA-MR6M-XJ7V-3CV3...
org.apache.dolphinscheduler:dolphinscheduler-alert-server (>=3.2.1 <=3.3.0-alpha), org.apache.dolphinscheduler:dolphinscheduler-extract-alert (>=3.2.1 <=3.3.0-alpha) +13 more potentially affected by CVE-2025-62233 via org.apache.dolphinscheduler:dolphinscheduler-extract-base (>=3.2.1 <=3.3.0-alpha)
org.apache.dolphinscheduler:dolphinscheduler-extract-base MAVEN version =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.2.1, =3.3.0-alpha - o...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-41044 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.4)
org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-41044 Source advisory:...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-41358 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-41358 Source advisory: SNYK:JS-OPENCLAW-16206250...
companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3), corporateai (=2026.328.0-canary.0) +3 more potentially affected by CVE-2026-41679 via @paperclipai/server (>=2026.318.0-canary.0 <=2026.416.0-canary.1)
@paperclipai/server NPM version =2026.318.0-canary.0, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: CVE-2026-41679 Source advisory: SNYK:JS-PAPERCLIPAISERVER-16189082...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2026-3960 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2026-3960 Source advisory: OSV:GHSA-QMCV-HH7C-3M56...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +21083 more potentially affected by CVE-2026-40977 via org.springframework.boot:spring-boot (>=3.0.0 <=3.5.13)
org.springframework.boot:spring-boot MAVEN version =3.0.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo =0.1.0 -...
@deviceinsight/ng-ui-scale-lib (>=9.14.0 <=10.1.0), @namiq/chat-widget (>=0.0.11 <=0.0.15) +6 more potentially affected by CVE-2026-41886 via locize (>=0.0.3 <=4.0.16)
locize NPM version =0.0.3, =9.14.0, =0.0.11, =1.5.0, =0.0.3, =1.0.0, =0.0.1, =0.0.7 Source cves: CVE-2026-41886 Source advisory: OSV:GHSA-W937-FG2H-XHQ2...
2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +4860 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (>=0.7.0 <=0.8.12)
@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.0, =1.2.13 and more Source cves: CVE-2026-41673 Source advisory: OSV:GHSA-2V35-W6HQ-6MFW...
org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41674 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)
org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41674 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16134550...
2c2p-integration (>=0.2.0 <=0.2.2), 4help-shared (>=1.0.8 <=1.0.15) +4860 more potentially affected by CVE-2026-41674 via @xmldom/xmldom (>=0.7.0 <=0.8.12)
@xmldom/xmldom NPM version =0.7.0, =0.2.0, =1.0.8, =0.1.3, =0.0.7, =0.3.31, =0.1.3, =1.0.4, =1.0.0, =1.2.13 and more Source cves: CVE-2026-41674 Source advisory: SNYK:JS-XMLDOMXMLDOM-16134549...
@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41675 via @xmldom/xmldom (=0.9.0)
@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41675 Source advisory:...
@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41672 via @xmldom/xmldom (=0.9.0)
@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41672 Source advisory:...
@nocobase/actions (>=0.4.0-alpha.1 <=2.0.38), @nocobase/api (>=0.4.0-alpha.1 <=0.4.0-alpha.7) +37 more potentially affected by CVE-2026-41640 via @nocobase/database (>=0.10.0-alpha.2 <=2.0.38)
@nocobase/database NPM version =0.10.0-alpha.2, =0.4.0-alpha.1, =0.4.0-alpha.1, =0.14.0-alpha.4, =0.7.0-alpha.1, =0.10.0-alpha.2, =0.14.0-alpha.4, =0.20.0-alpha.1, =0.18.0-alpha.1, =0.7.0-alpha.1, =0.4.0-alpha.1, =0.7.1-alpha.4, =0.10.1-alpha.1, =0.4.0-alpha.1, =0.4.0-alpha.1, =0.10.1-alpha.1 and...
@marko/compiler (=5.0.0-next.0), @marko/translator-default (=5.0.0-next.0) +1 more potentially affected by CVE-2026-41591 via marko (>=5.0.0-next.0 <=5.20.9)
marko NPM version =5.0.0-next.0, =1.1.4, =1.2.1 Source cves: CVE-2026-41591 Source advisory: SNYK:JS-MARKO-16421453...
@marko/translator-interop-class-tags (>=0.1.1 <=0.2.24), @marko/translator-tags (>=0.1.1 <=0.4.8) potentially affected by CVE-2026-41591 via @marko/runtime-tags (>=0.1.25 <=0.3.86)
@marko/runtime-tags NPM version =0.1.25, =0.1.1, =0.1.1, =0.4.8 Source cves: CVE-2026-41591 Source advisory: OSV:GHSA-X9FJ-57FH-C8WQ...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +14 more potentially affected by CVE-2026-34067 via nimiq-transaction (>=0.1.0 <=0.2.0)
nimiq-transaction CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-34067 Source advisory: OSV:GHSA-264V-M8FM-76JM...
011xwztpjn (=1.0.0), 02y9dg4qm3 (=1.0.0) +11431 more potentially affected by CVE-2026-41240 via dompurify (>=0.6.6 <=3.3.3)
dompurify NPM version =0.6.6, =3.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on dompurify and may be impacted: - 011xwztpjn =1.0.0 - 02y9dg4qm3 =1.0.0 - 04tw75kmd9 =1.0.0 - 0650teqqly =1.0.0 - 097oi25ils =1.0.0 - 0a0fpniotn =1.0.0 - 0c7j76u46q...
011xwztpjn (=1.0.0), 02y9dg4qm3 (=1.0.0) +11393 more potentially affected by CVE-2026-41239 via dompurify (>=1.0.10 <=3.3.3)
dompurify NPM version =1.0.10, =3.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on dompurify and may be impacted: - 011xwztpjn =1.0.0 - 02y9dg4qm3 =1.0.0 - 04tw75kmd9 =1.0.0 - 0650teqqly =1.0.0 - 097oi25ils =1.0.0 - 0a0fpniotn =1.0.0 - 0c7j76u46q...
1router (>=0.3.96 <=1.0.2), 9router-custom (=0.3.55) +2166 more potentially affected by CVE-2026-41238 via dompurify (>=3.0.1 <=3.3.3)
dompurify NPM version =3.0.1, =0.3.96, =0.3.33, =0.5.0, =1.0.0, =1.5.1, =0.18.0-beta.0, =0.0.1, =0.1.0-alpha.1, =0.1.0, =0.1.0, =0.0.0-dev-20240828032938, =0.2.8-experimental.0, =1.2.0, =1.5.1 and more Source cves: CVE-2026-41238 Source advisory: OSV:GHSA-V9JR-RG53-9PGP...
devqubit-cudaq (=0.1.12), el-loom (>=0.1.1 <=0.1.2) potentially affected by CVE-2026-24189 via cudaq (>=0.12.0.post1 <=0.13.0)
cudaq PYPI version =0.12.0.post1, =0.1.1, =0.1.2 Source cves: CVE-2026-24189 Source advisory: SNYK:PYTHON-CUDAQ-16636605...
@saltcorn/admin-models (>=1.6.0-alpha.0 <=1.6.0-alpha.17), @saltcorn/base-plugin (>=1.6.0-alpha.0 <=1.6.0-alpha.17) +5 more potentially affected by unknown CVE via @saltcorn/data (>=1.6.0-alpha.0 <=1.6.0-alpha.9)
@saltcorn/data NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.17 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNDATA-16318351...
be.appify.prefab:prefab-security (>=0.2.0 <=0.7.5), ch.admin.bit.jeap:jeap-audit-command-builder (>=7.0.0-alpha-springboot4 <=7.1.0-alpha-springboot4) +835 more potentially affected by CVE-2026-22753 via org.springframework.security:spring-security-config (>=7.0.0-M1 <=7.0.4)
org.springframework.security:spring-security-config MAVEN version =7.0.0-M1, =0.2.0, =7.0.0-alpha-springboot4, =2.0.0-alpha-springboot4, =5.0.0-alpha-springboot4, =9.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4,...
be.appify.prefab:prefab-security (>=0.2.0 <=0.7.5), ch.admin.bit.jeap:jeap-audit-command-builder (>=7.0.0-alpha-springboot4 <=7.1.0-alpha-springboot4) +1099 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=7.0.0-M1 <=7.0.4)
org.springframework.security:spring-security-core MAVEN version =7.0.0-M1, =0.2.0, =7.0.0-alpha-springboot4, =2.0.0-alpha-springboot4, =5.0.0-alpha-springboot4, =9.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4,...
be.appify.prefab:prefab-security (>=0.2.0 <=0.7.5), ch.admin.bit.jeap:jeap-audit-command-builder (>=7.0.0-alpha-springboot4 <=7.1.0-alpha-springboot4) +835 more potentially affected by CVE-2026-22754 via org.springframework.security:spring-security-config (>=7.0.0-M1 <=7.0.4)
org.springframework.security:spring-security-config MAVEN version =7.0.0-M1, =0.2.0, =7.0.0-alpha-springboot4, =2.0.0-alpha-springboot4, =5.0.0-alpha-springboot4, =9.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4,...
hickory-server (>=0.24.0 <=0.25.0-alpha.1) potentially affected by unknown CVE via hickory-recursor (>=0.24.4 <=0.25.0-alpha.1)
hickory-recursor CARGO version =0.24.4, =0.24.0, =0.25.0-alpha.1 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0106...
ch.admin.bit.jeap:jeap-archrepo-instance (>=1.24.0 <=1.29.1), ch.admin.bit.jeap:jeap-archrepo-test (>=1.24.0 <=1.29.1) +276 more potentially affected by CVE-2026-22748 via org.springframework.security:spring-security-oauth2-jose (>=6.5.0 <=6.5.1)
org.springframework.security:spring-security-oauth2-jose MAVEN version =6.5.0, =1.24.0, =1.24.0, =1.24.0, =1.0.0, =2.8.0, =2.8.0, =3.10.0, =3.10.0, =8.15.0, =1.2.0, =17.39.0, =17.39.0, =17.39.0, =17.39.0, =17.39.0, =17.39.3 and more Source cves: CVE-2026-22748 Source advisory: OSV:GHSA-CVC6-Q...
be.jidoka:jdk-keycloak-admin (=2.5.0), br.com.consultdg:database-module (>=1.0.1 <=1.0.10) +1147 more potentially affected by CVE-2026-22746 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.13)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =1.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =4.11.3, =4.11.3, =4.11.3, =4.11.3, =4.11.5 and more Source cves: CVE-2026-22746 Source advisory: OSV:GHSA-VXF7-QJ7Q-83FH...
be.appify.prefab:prefab-security (>=0.4.0 <=0.7.5), ch.admin.bit.jeap:jeap-audit-command-builder (>=7.0.0-alpha-springboot4 <=7.1.0-alpha-springboot4) +538 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=7.0.3 <=7.0.4)
org.springframework.security:spring-security-core MAVEN version =7.0.3, =0.4.0, =7.0.0-alpha-springboot4, =2.0.0-alpha-springboot4, =5.0.0-alpha-springboot4, =9.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4, =22.0.0-alpha-springboot4,...
be.jidoka:jdk-keycloak-admin (=2.5.0), br.com.consultdg:database-module (>=1.0.1 <=1.0.10) +1147 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=6.4.0 <=6.4.13)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =1.0.1, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =3.4.0.0, =4.11.3, =4.11.3, =4.11.3, =4.11.3, =4.11.5 and more Source cves: CVE-2026-22751 Source advisory: OSV:GHSA-X2WQ-9X2F-FHJ7...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-34282 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-34282 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-22018 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-22018 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...
com.aegisql:conveyor-configurator (>=1.5.1 <=1.5.2), com.datastax.oss.quarkus:cassandra-quarkus-client (>=1.0.1 <=1.0.4) +2043 more potentially affected by CVE-2026-34268 via org.graalvm.sdk:graal-sdk (>=21.0.0 <=21.0.0.2)
org.graalvm.sdk:graal-sdk MAVEN version =21.0.0, =1.5.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.1, =1.0.3, =1.0.1, =1.0.1, =1.0.1, =4.11.0, =1.2.0, =1.2.0, =1.4.0 and more Source cves: CVE-2026-34268 Source advisory: SNYK:JAVA-ORGGRAALVMSDK-...
app.valuationcontrol:library (>=0.5.8 <=0.5.9), at.aimon.ops:aimon-ops-api (>=0.0.1 <=0.0.2) +3054 more potentially affected by CVE-2026-22751 via org.springframework.security:spring-security-core (>=6.4.0 <=6.5.1)
org.springframework.security:spring-security-core MAVEN version =6.4.0, =0.5.8, =0.0.1, =55.v51410e712e0c, =1.5.4.RELEASE, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.1.18 and more Source cves: CVE-2026-22751 Source advisory:...
1shot (>=0.0.1 <=0.0.9), @3030-labs/wotw (>=0.8.4 <=0.9.0) +376 more potentially affected by CVE-2026-39861 via @anthropic-ai/claude-code (>=0.2.126 <=2.1.63)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.1, =0.8.4, =1.0.0, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.1.18, =1.0.0, =0.4.0, =0.11.0 - @arach/hooked =1.1.1 and more Source cves: CVE-2026-39861 Source advisory: OSV:GHSA-VP62-R36R-9XQP...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-40045 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-40045 Source advisory: SNYK:JS-OPENCLAW-16115370...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-41301 via openclaw (>=2026.3.22 <=2026.3.28)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-41301 Source advisory: SNYK:JS-OPENCLAW-16115371...
core-aws (>=1.1.0 <=1.3.0), mind-castle (=0.4.7) potentially affected by CVE-2026-6550 via aws-encryption-sdk (>=4.0.0 <=4.0.3)
aws-encryption-sdk PYPI version =4.0.0, =1.1.0, =1.3.0 - mind-castle =0.4.7 Source cves: CVE-2026-6550 Source advisory: SNYK:PYTHON-AWSENCRYPTIONSDK-16115497...
ai.pipestream:account-service (>=0.0.10 <=0.0.18), ai.pipestream:connector-admin-service (>=0.1.10 <=0.1.18) +537 more potentially affected by CVE-2026-33557 via org.apache.kafka:kafka-clients (>=4.1.0 <=4.1.1)
org.apache.kafka:kafka-clients MAVEN version =4.1.0, =0.0.10, =0.1.10, =0.1.3, =0.7.21, =0.7.21, =0.7.21, =0.1.21, =0.7.2, =0.7.2, =0.2.0, =0.2.0, =0.7.5 and more Source cves: CVE-2026-33557 Source advisory: SNYK:JAVA-ORGAPACHEKAFKA-16207346...
ai.pipestream:account-service (>=0.0.10 <=0.0.18), ai.pipestream:connector-admin-service (>=0.1.10 <=0.1.18) +537 more potentially affected by CVE-2026-33557 via org.apache.kafka:kafka-clients (>=4.1.0 <=4.1.1)
org.apache.kafka:kafka-clients MAVEN version =4.1.0, =0.0.10, =0.1.10, =0.1.3, =0.7.21, =0.7.21, =0.7.21, =0.1.21, =0.7.2, =0.7.2, =0.2.0, =0.2.0, =0.7.5 and more Source cves: CVE-2026-33557 Source advisory: OSV:GHSA-28JG-CGG7-J4WC...
aqueduct-llm (=0.0.1) potentially affected by CVE-2026-6607 via fschat (=0.2.2)
fschat PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on fschat and may be impacted: - aqueduct-llm =0.0.1 Source cves: CVE-2026-6607 Source advisory: OSV:GHSA-5H65-JX66-J7P5...
adclaw (>=1.0.0 <=1.0.32), agentscope-runtime (=1.0.5.post1) +14 more potentially affected by CVE-2026-6606 via agentscope (>=0.1.0 <=1.0.18)
agentscope PYPI version =0.1.0, =1.0.0, =1.0.0.post2, =0.1.0, =0.1.0, =0.0.1, =0.1.0.post1, =1.1.0, =1.0.2, =0.1.7, =1.0.1, =1.0.0.4, =0.83.0, =0.99.32 and more Source cves: CVE-2026-6606 Source advisory: OSV:GHSA-CRX8-WPV6-JRJ2...
@brikcss/rollup-config-generator (>=0.0.15 <=0.0.16), @brikcss/stakcss (>=0.0.0 <=0.9.1) +9 more potentially affected by CVE-2026-6594 via @brikcss/merge (>=1.0.7 <=1.3.0)
@brikcss/merge NPM version =1.0.7, =0.0.15, =0.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.4, =0.0.1, =0.2.0, =0.10.0 Source cves: CVE-2026-6594 Source advisory: OSV:GHSA-3JC6-6R48-V6QF...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-25917 via apache-airflow-core (>=3.0.0 <=3.1.8rc2)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-25917 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-16119148...
dagster-snowflake-pandas (>=0.17.3 <=0.29.0), dagster-snowflake-polars (>=0.27.2 <=0.29.0) +2 more potentially affected by CVE-2026-41490 via dagster-snowflake (>=0.17.21 <=0.29.0)
dagster-snowflake PYPI version =0.17.21, =0.17.3, =0.27.2, =0.17.21, =1.0.0, =1.1.0 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERSNOWFLAKE-16109579...
dagster-duckdb-pandas (>=0.17.3 <=0.29.0), dagster-duckdb-polars (>=0.17.21 <=0.29.0) +6 more potentially affected by CVE-2026-41490 via dagster-duckdb (>=0.17.21 <=0.29.0)
dagster-duckdb PYPI version =0.17.21, =0.17.3, =0.17.21, =0.17.3, =0.1.1, =0.1.0, =0.1.0, =0.1.1 - lung-sarg =1.0.0 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERDUCKDB-16109580...
dagster-deltalake-pandas (>=0.21.9 <=0.29.0), dagster-deltalake-polars (>=0.21.9 <=0.29.0) potentially affected by CVE-2026-41490 via dagster-deltalake (>=0.21.9 <=0.29.0)
dagster-deltalake PYPI version =0.21.9, =0.21.9, =0.21.9, =0.29.0 Source cves: CVE-2026-41490 Source advisory: OSV:GHSA-MJW2-V2HM-WJ34...
built-in-math-eval (>=0.1.0 <=0.3.1), function-plot (>=1.0.0 <=1.14.0) +1 more potentially affected by CVE-2026-41507 via math-codegen (>=0.2.5 <=0.4.2)
math-codegen NPM version =0.2.5, =0.1.0, =1.0.0, =0.2.0, =0.5.2 Source cves: CVE-2026-41507 Source advisory: OSV:GHSA-P6X5-P4XF-CC4R...