26517 matches found
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-28779 via apache-airflow-core (>=3.0.0 <=3.1.8)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-28779 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15674486...
airflow-tools (>=0.9.0 <=0.11.0), dataflow-airflow (>=2.10.3 <=2.10.9) +2 more potentially affected by CVE-2026-28779 via apache-airflow-providers-amazon (>=9.0.0 <=9.17.0)
apache-airflow-providers-amazon PYPI version =9.0.0, =0.9.0, =2.10.3, =0.0.1rc1, =2.10.7, =2.10.11rc5 Source cves: CVE-2026-28779 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSAMAZON-15674487...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plug (=1.6.2) +39 more potentially affected by CVE-2026-30911 via apache-airflow-core (>=3.0.0 <=3.1.8)
apache-airflow-core PYPI version =3.0.0, =0.7.0, =1.5.0, =0.6.1, =1.10.7, =0.6.0, =0.1.0, =1.4.3, =0.2.0, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =1.28.0rc1 and more Source cves: CVE-2026-30911 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15674482...
apache-airflow-core (>=3.1.0 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-30911 via apache-airflow (>=3.1.0 <=3.1.7)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-30911 Source advisory: OSV:GHSA-8X34-9Q3V-H7G8...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-28563 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-28563 Source advisory: OSV:GHSA-X3FV-96QH-67M7...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-28779 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-28779 Source advisory: OSV:GHSA-4FHM-P86V-HWPX...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-26929 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-26929 Source advisory: OSV:GHSA-4M3H-WP5W-5HQH...
bitcode (>=0.2.0 <=0.5.1), bitcode_lightyear_patch (>=0.4.0 <=0.5.1) +25 more potentially affected by CVE-2026-32829 via lz4_flex (=0.10.0)
lz4flex CARGO version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on lz4flex and may be impacted: - bitcode =0.2.0, =0.4.0, =0.16.0, =3.0.0, =8.0.0, =0.1.1, =0.1.0, =0.1.0, =0.25.0, =0.5.0, =4.0.1, =4.4.2 and more Source cves: CVE-2026-32829...
apache-airflow-core (>=3.1.0 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-30911 via apache-airflow (>=3.1.0 <=3.1.7)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-30911 Source advisory: OSV:PYSEC-2026-17...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-28779 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-28779 Source advisory: OSV:PYSEC-2026-16...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-26929 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-26929 Source advisory: OSV:PYSEC-2026-14...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-28563 via apache-airflow (>=3.0.0 <=3.1.7)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-28563 Source advisory: OSV:PYSEC-2026-15...
ai.telosforge:kimaira-starter-agentic (>=1.2.4 <=1.2.6), ai.telosforge:kimaira-starter-agentic-factory (>=1.2.4 <=1.2.6) +169 more potentially affected by CVE-2026-22729 via org.springframework.ai:spring-ai-vector-store (>=1.1.0-M1 <=1.1.2)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.1.0-M1, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =25.4.0, =1.21.2, =0.1.0, =0.3.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.0.0, =1.1.2.3 and more Source cves: CVE-2026-22729 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15679673...
org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.1.0 <=1.1.2) potentially affected by CVE-2026-22730 via org.springframework.ai:spring-ai-mariadb-store (>=1.1.0-M1 <=1.1.2)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.1.0-M1, =1.1.0, =1.1.2 Source cves: CVE-2026-22730 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15679672...
com.alibaba.cloud.ai:spring-ai-alibaba-analyticdb-store (=2.0.0-M1.1), com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-dashscope (=2.0.0-M1.1) +83 more potentially affected by CVE-2026-22729 via org.springframework.ai:spring-ai-vector-store (>=2.0.0-M1 <=2.0.0-M2)
org.springframework.ai:spring-ai-vector-store MAVEN version =2.0.0-M1, =2.0.0-M2 is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.ai:spring-ai-vector-store and may be impacted: - com.alibaba.cloud.ai:spring-ai-alibaba-analyticdb-stor...
org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=2.0.0-M1 <=2.0.0-M2) potentially affected by CVE-2026-22730 via org.springframework.ai:spring-ai-mariadb-store (>=2.0.0-M1 <=2.0.0-M2)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =2.0.0-M1, =2.0.0-M1, =2.0.0-M2 Source cves: CVE-2026-22730 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15679672...
org.springframework.ai:spring-ai-mariadb-store-spring-boot-starter (>=1.0.0-M5 <=1.0.0-M6), org.springframework.ai:spring-ai-starter-vector-store-mariadb (>=1.0.0 <=1.0.3) potentially affected by CVE-2026-22730 via org.springframework.ai:spring-ai-mariadb-store (>=1.0.0-M5 <=1.0.3)
org.springframework.ai:spring-ai-mariadb-store MAVEN version =1.0.0-M5, =1.0.0-M5, =1.0.0, =1.0.3 Source cves: CVE-2026-22730 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15679672...
ai.driftkit:driftkit-vector-spring-ai (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-vector-spring-ai-starter (>=0.6.0 <=0.8.7) +187 more potentially affected by CVE-2026-22729 via org.springframework.ai:spring-ai-vector-store (>=1.0.0-M7 <=1.0.3)
org.springframework.ai:spring-ai-vector-store MAVEN version =1.0.0-M7, =0.6.0, =0.6.0, =1.0.0.1, =1.0.0.1, =1.0.0.3, =1.0.0.3, =1.0.0.1, =1.0.0.4 - com.alibaba.cloud.ai:spring-ai-alibaba-autoconfigure-nacos-mcp-client =1.0.0.1 and more Source cves: CVE-2026-227...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +225 more potentially affected by CVE-2026-28490 via authlib (>=1.0.0 <=1.6.8)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.5.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-28490 Source advisory:...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +225 more potentially affected by CVE-2026-28498 via authlib (>=1.0.0 <=1.6.8)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.5.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-28498 Source advisory:...
aenvironment (=0.1.7rc1), agent-mcp-server (=0.0.4.0) +256 more potentially affected by CVE-2025-69196 via fastmcp (>=2.0.0 <=2.14.1)
fastmcp PYPI version =2.0.0, =0.4.6, =1.8.0, =0.1.1, =3.2.0, =3.2.0, =4.2.2, =3.0.2, =0.1.0, =0.2.7, =1.0.0rc1, =0.1.0, =0.2.7, =0.3.1 and more Source cves: CVE-2025-69196 Source advisory: SNYK:PYTHON-FASTMCP-15674454...
aad-fastapi-dl37 (>=1.0.0 <=1.0.2), agentiq (>=1.2.0a20250730 <=1.2.0rc4) +225 more potentially affected by CVE-2026-27962 via authlib (>=1.0.0 <=1.6.8)
authlib PYPI version =1.0.0, =1.0.0, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.5.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0a20250730, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-27962 Source advisory:...
bitcode (>=0.2.0 <=0.5.1), bitcode_lightyear_patch (>=0.4.0 <=0.5.1) +25 more potentially affected by CVE-2026-32829 via lz4_flex (=0.10.0)
lz4flex CARGO version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on lz4flex and may be impacted: - bitcode =0.2.0, =0.4.0, =0.16.0, =3.0.0, =8.0.0, =0.1.1, =0.1.0, =0.1.0, =0.25.0, =0.5.0, =4.0.1, =4.4.2 and more Source cves: CVE-2026-32829...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32728 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32728 Source advisory: OSV:GHSA-42PH-PF9Q-CR72...
awslabs-core-mcp-server (>=1.0.8 <=1.0.27), awslabs-dynamodb-mcp-server (>=2.0.4 <=2.1.3) +1 more potentially affected by CVE-2026-4270 via awslabs-aws-api-mcp-server (>=1.0.2 <=1.3.43)
awslabs-aws-api-mcp-server PYPI version =1.0.2, =1.0.8, =2.0.4, =2.1.3 - dungngo-awslabs-core-mcp-server =1.0.9 Source cves: CVE-2026-4270 Source advisory: OSV:PYSEC-2026-162...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-32723 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-32723 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15674478...
arlbench (=0.1.3), backend-ai-appproxy-coordinator (>=25.13.0 <=26.4.4rc7) +3 more potentially affected by CVE-2026-32722 via memray (>=1.12.0 <=1.17.2)
memray PYPI version =1.12.0, =25.13.0, =25.13.0, =26.2.0, =26.4.4rc7 - feluda-image-vec-rep-resnet =0.1.0 Source cves: CVE-2026-32722 Source advisory: OSV:GHSA-R5PR-887V-M2W9...
@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-32638 via studiocms (>=0.2.0 <=0.3.0)
studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-32638 Source advisory: SNYK:JS-STUDIOCMS-15682412...
@studiocms/migrator (>=0.1.0 <=0.2.1), @withstudiocms/auth-kit (>=0.1.0 <=0.1.3) +2 more potentially affected by CVE-2026-32638 via @withstudiocms/effect (>=0.1.0-beta.1 <=0.3.0)
@withstudiocms/effect NPM version =0.1.0-beta.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 Source cves: CVE-2026-32638 Source advisory: SNYK:JS-WITHSTUDIOCMSEFFECT-15682415...
@withstudiocms/api-spec (>=0.3.0 <=0.3.1), @withstudiocms/effect (=0.4.0) +1 more potentially affected by CVE-2026-32638 via effectify (=0.1.1)
effectify NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on effectify and may be impacted: - @withstudiocms/api-spec =0.3.0, =0.4.0, =0.4.3 Source cves: CVE-2026-32638 Source advisory: SNYK:JS-EFFECTIFY-15682413...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32634 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32634 Source advisory: OSV:GHSA-VX5F-957P-QPVM...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32633 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32633 Source advisory: OSV:GHSA-R297-P3V4-WP8M...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32632 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32632 Source advisory: OSV:GHSA-HHCG-R27J-FHV9...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32611 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32611 Source advisory: OSV:GHSA-49G7-2WW7-3VF5...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32610 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32610 Source advisory: OSV:GHSA-9JFM-9RC6-2HFQ...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32609 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32609 Source advisory: OSV:GHSA-CVWP-R2G2-J824...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32608 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32608 Source advisory: OSV:GHSA-VCV2-Q258-WRG7...
croparray (>=0.1.0 <=0.1.1) potentially affected by CVE-2026-32596 via glances (=3.2.7)
glances PYPI version =3.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on glances and may be impacted: - croparray =0.1.0, =0.1.1 Source cves: CVE-2026-32596 Source advisory: OSV:GHSA-WVXV-4J8Q-4WJQ...
a2 (>=0.10.7 <=0.10.13), aad2onnx (=0.1.4) +1430 more potentially affected by CVE-2026-28500 via onnx (>=0.2.0 <=1.21.0)
onnx PYPI version =0.2.0, =0.10.7, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.4, =0.4.4, =0.1.0, =0.0.0, =1.0.1 and more Source cves: CVE-2026-28500 Source advisory: OSV:GHSA-HQMJ-H5C6-369M...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +370 more potentially affected by CVE-2026-28500 via onnx (>=0.2.0 <=1.20.1)
onnx PYPI version =0.2.0, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.1.0, =0.1.8, =1.7.0, =1.3.0, =0.10.0, =0.3.1, =1.0.2 and more Source cves: CVE-2026-28500 Source advisory: SNYK:PYTHON-ONNX-15674461...
a10-octavia (>=1.0.0 <=2.2.0), a2grunnerp (>=0.1.0 <=0.1.8) +1177 more potentially affected by CVE-2026-27459 via pyopenssl (>=22.0.0 <=25.3.0)
pyopenssl PYPI version =22.0.0, =1.0.0, =0.1.0, =0.9.2, =2.3.36, =2.0.0, =2.4.15, =0.1.17, =0.1.0, =0.3.4, =0.2.0, =0.1.1, =1.0.0, =1.0.1 and more Source cves: CVE-2026-27459 Source advisory: SNYK:PYTHON-PYOPENSSL-15674459...
a10-octavia (>=1.0.0 <=2.2.0), a2grunnerp (>=0.1.0 <=0.1.8) +1177 more potentially affected by CVE-2026-27459 via pyopenssl (>=22.0.0 <=25.3.0)
pyopenssl PYPI version =22.0.0, =1.0.0, =0.1.0, =0.9.2, =2.3.36, =2.0.0, =2.4.15, =0.1.17, =0.1.0, =0.3.4, =0.2.0, =0.1.1, =1.0.0, =1.0.1 and more Source cves: CVE-2026-27459 Source advisory: OSV:GHSA-5PWR-322W-8JR4...
aad-fastapi (>=1.0.0 <=1.1.2), aad-fastapi-dl37 (>=1.0.0 <=1.0.3) +283 more potentially affected by CVE-2026-28498 via authlib (>=0.10.0 <=1.6.8)
authlib PYPI version =0.10.0, =1.0.0, =1.0.0, =0.0.1, =1.0.2, =1.0.2, =1.2.0a20250730, =1.1.0, =1.2.0a20250730, =0.4.0, =0.1.0, =0.5.0, =0.1.0a1, =1.2.0, =1.2.0a20250730, =1.2.0a20250730, =1.2.0rc4 and more Source cves: CVE-2026-28498 Source advisory: OSV:GHSA-M344-F55W-2M6J...
cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4229 via vanna (>=0.0.30 <=2.0.2)
vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4229 Source advisory: OSV:GHSA-6MJ8-JMP2-G8Q7...
ae.teletronics.nlp:entityextraction (=1.3), ae.teletronics.nlp:w2vec (=1.0) +1722 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.11 (>=1.2.0 <=2.4.8)
org.apache.spark:spark-core2.11 MAVEN version =1.2.0, =0.25-rc1, =0.25, =0.25, =0.0.25, =0.0.25, =0.0.25, =0.0.86, =0.0.1, =0.0.1, =0.42.1, =1.4.1, =1.4.3 - ai.grakn:grakn-dist =1.4.1 and more Source cves: CVE-2025-54920 Source advisory: OSV:GHSA-JWP6-CVJ8-FW65...
ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.3_2.13 (>=1.1.1 <=1.2.10) +457 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.13 (>=3.2.0 <=3.5.6)
org.apache.spark:spark-core2.13 MAVEN version =3.2.0, =1.0.6, =1.1.1, =1.2, =1.2.3, =0.0.25, =0.0.25, =chaining-0.0.46-dev, =0.0.86, =0.0.14, =6.5.0, =1.3.3, =0.20, =0.2, =2.0.3, =1.1.3, =1.1.4 and more Source cves: CVE-2025-54920 Source advisory: OSV:GHSA-JWP6-CVJ8-FW65...
ai.grakn:client-java (=1.3.0), ai.grakn:grakn-bootup (>=1.1.0 <=v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744) +677 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.10 (>=0.9.0-incubating <=2.2.3)
org.apache.spark:spark-core2.10 MAVEN version =0.9.0-incubating, =1.1.0, =0.7.0, =0.12.0, =1.2.0, =0.12.0, =1.0.0, =1.0.0, =0.10.0, =0.15.0, =0.6.1, =0.17.0, =1.1.0 and more Source cves: CVE-2025-54920 Source advisory: OSV:GHSA-JWP6-CVJ8-FW65https://vulners.com/osv/OSV:GHSA-J...
a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +952 more potentially affected by CVE-2025-14287 via mlflow (>=0.8.2 <=3.6.0rc0)
mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-14287 Source advisory: OSV:GHSA-XCH3-2F9X-WH9F...
ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.4_2.12 (>=0.25 <=1.2.7) +1748 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.12 (>=2.4.0 <=3.5.6)
org.apache.spark:spark-core2.12 MAVEN version =2.4.0, =0.25-rc1, =0.25, =0.25, =1.0.1, =1.0.6, =1.1, =1.2, =1.2.3, =0.0.25, =0.0.25, =0.0.62, =0.0.25, =0.0.86, =0.0.8, =0.0.6, =0.0.9 and more Source cves: CVE-2025-54920 Source advisory: OSV:GHSA-JWP6-CVJ8-FW65...
org.apache.spark:spark-tools_2.9.3 (=0.8.1-incubating) potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.9.3 (=0.8.1-incubating)
org.apache.spark:spark-core2.9.3 MAVEN version =0.8.1-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.spark:spark-core2.9.3 and may be impacted: - org.apache.spark:spark-tools2.9.3 =0.8.1-incubating Source cves: CVE-2025-54920...