26517 matches found
@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.22.11), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.14-next.1) +7 more potentially affected by CVE-2026-32235 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.27.1-next.2)
@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =1.0.0, =1.2.0 -...
@backstage/plugin-auth-backend (>=0.0.0-nightly-20240122021809 <=0.22.11), @backstage/plugin-auth-backend-module-aws-alb-provider (>=0.0.0-nightly-20240126021148 <=0.4.14-next.1) +7 more potentially affected by CVE-2026-32235 via @backstage/plugin-auth-backend (>=0.0.0-nightly-20240929023448 <=0.27.1-next.2)
@backstage/plugin-auth-backend NPM version =0.0.0-nightly-20240929023448, =0.0.0-nightly-20240122021809, =0.0.0-nightly-20240126021148, =0.0.0-nightly-20240122021809, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =0.0.0-nightly-2022122206, =1.0.0, =1.2.0 -...
@withstudiocms/api-spec (>=0.3.0 <=0.3.1), @withstudiocms/effect (=0.4.0) +1 more potentially affected by CVE-2026-32103 via effectify (=0.1.1)
effectify NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on effectify and may be impacted: - @withstudiocms/api-spec =0.3.0, =0.4.0, =0.4.3 Source cves: CVE-2026-32103 Source advisory: SNYK:JS-EFFECTIFY-15627223...
@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-32103 via studiocms (>=0.2.0 <=0.3.0)
studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-32103 Source advisory: SNYK:JS-STUDIOCMS-15627222...
@studiocms/migrator (>=0.1.0 <=0.2.1), @withstudiocms/auth-kit (>=0.1.0 <=0.1.3) +2 more potentially affected by CVE-2026-32103 via @withstudiocms/effect (>=0.1.0-beta.1 <=0.3.0)
@withstudiocms/effect NPM version =0.1.0-beta.1, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 Source cves: CVE-2026-32103 Source advisory: SNYK:JS-WITHSTUDIOCMSEFFECT-15627226...
leaf-playground (>=0.4.0 <=0.6.0), lightrft (=0.1.0) +1 more potentially affected by CVE-2026-3060 via sglang (>=0.1.26 <=0.4.6.post5)
sglang PYPI version =0.1.26, =0.4.0, =0.6.0 - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3060 Source advisory: SNYK:PYTHON-SGLANG-15470991...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-34506 +1 more via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-34506, CVE-2026-34509 Source advisory: SNYK:JS-OPENCLAW-15480640...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by CVE-2026-33574 via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: CVE-2026-33574 Source advisory: SNYK:JS-OPENCLAW-15480297...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.0-beta.7) +13 more potentially affected by unknown CVE via openclaw (>=2026.3.22 <=2026.3.31)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 - tokaroo-openclaw-provider =0.1.1 Source cves: unknown CVE Source advisory: SNYK:JS-OPENCLAW-15480396...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32098 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32098 Source advisory: OSV:GHSA-J7MM-F4RV-6Q6Q...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-32098 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-32098 Source advisory: OSV:GHSA-J7MM-F4RV-6Q6Q...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +887 more potentially affected by CVE-2026-31958 via tornado (>=3.0.0 <=6.5.4)
tornado PYPI version =3.0.0, =0.0.0, =0.0.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.0.0, =1.3.0, =3.3.3, =0.1.23, =0.0.9.1, =0.20.0, =0.21.0 and more Source cves: CVE-2026-31958 Source advisory: OSV:GHSA-QJXF-F2MG-C6MC...
@saasmakers/ui (>=0.1.88 <=1.4.38), @styleframe/app (>=0.0.1 <=0.1.1) +13 more potentially affected by CVE-2026-31860 via unhead (>=2.0.0-alpha.0 <=2.1.10)
unhead NPM version =2.0.0-alpha.0, =0.1.88, =0.0.1, =1.1.0, =2.0.0, =2.0.0, =2.0.0-alpha.0, =2.0.0, =2.0.0, =2.0.0, =1.2.0, =0.0.2, =0.17.0, =2.0.0-alpha.8, =0.1.0-beta.10, =0.1.0-beta.14 Source cves: CVE-2026-31860 Source advisory: SNYK:JS-UNHEAD-15627227...
org.webjars.npm:unhead__vue (>=1.11.20 <=2.1.10), org.webjars.npm:vueuse__head (=1.0.22) potentially affected by CVE-2026-31860 via org.webjars.npm:unhead (>=1.11.20 <=2.1.10)
org.webjars.npm:unhead MAVEN version =1.11.20, =1.11.20, =2.1.10 - org.webjars.npm:vueusehead =1.0.22 Source cves: CVE-2026-31860 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15627228...
3nit-utils (>=0.30.0 <=1.0.2), 6ix (=0.0.0-canary.0) +1015 more potentially affected by CVE-2026-30226 via devalue (>=1.1.1 <=5.6.3)
devalue NPM version =1.1.1, =0.30.0, =0.0.0-canary.0, =0.1.0, =1.1.0, =1.1.0, =0.0.27, =1.0.0, =0.0.1, =0.1.0, =0.2.2, =0.2.2, =0.2.2, =0.3.0, =0.4.2 and more Source cves: CVE-2026-30226 Source advisory: OSV:GHSA-CFW5-2VXH-HR84...
lightrft (=0.1.0), rl-square (=0.0.1.post1) potentially affected by CVE-2026-3989 via sglang (>=0.4.5 <=0.4.6.post5)
sglang PYPI version =0.4.5, =0.4.6.post5 is affected by a known vulnerability. The following packages have a transitive dependency on sglang and may be impacted: - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3989 Source advisory: OSV:GHSA-HVWJ-8W5G-28RG...
@backingman/keycloak (=0.0.0-alpha), @backstage-community/plugin-catalog-backend-module-keycloak (>=3.1.1 <=3.17.2) +86 more potentially affected by CVE-2026-2366 via @keycloak/keycloak-admin-client (>=15.1.0 <=26.5.5)
@keycloak/keycloak-admin-client NPM version =15.1.0, =3.1.1, =0.1.1, =0.1.1, =0.1.1, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =2.0.2 and more Source cves: CVE-2026-2366 Source advisory: OSV:GHSA-R8JR-WG88-FQ5C...
lightrft (=0.1.0), rl-square (=0.0.1.post1) potentially affected by CVE-2026-3059 via sglang (>=0.4.5 <=0.4.6.post5)
sglang PYPI version =0.4.5, =0.4.6.post5 is affected by a known vulnerability. The following packages have a transitive dependency on sglang and may be impacted: - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3059 Source advisory: OSV:GHSA-RGQ9-FQF5-FV58...
lightrft (=0.1.0), rl-square (=0.0.1.post1) potentially affected by CVE-2026-3060 via sglang (>=0.4.5 <=0.4.6.post5)
sglang PYPI version =0.4.5, =0.4.6.post5 is affected by a known vulnerability. The following packages have a transitive dependency on sglang and may be impacted: - lightrft =0.1.0 - rl-square =0.0.1.post1 Source cves: CVE-2026-3060 Source advisory: OSV:GHSA-JX93-G359-86WM...
@acabai/android (>=1.0.0 <=1.0.1), @addfox/cli (>=0.1.1 <=0.1.1-beta.16) +169 more potentially affected by CVE-2026-31988 via yauzl (=3.2.0)
yauzl NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on yauzl and may be impacted: - @acabai/android =1.0.0, =0.1.1, =0.1.1, =1.6.10, =3.4.26, =2.1.83, =1.2.7, =1.1.22, =8.0.0, =10.0.0, =10.0.0, =1.0.0, =1.0.1, =8.9.4, =9.10.1,...
@arikdpc/chrome-devtools-mcp (>=0.12.1 <=0.12.4), @bachstudio/chrome-devtools-mcp (=0.10.3) +5 more potentially affected by CVE-2026-3941 via chrome-devtools-frontend (>=1.0.1532884 <=1.0.1555430)
chrome-devtools-frontend NPM version =1.0.1532884, =0.12.1, =1.0.2, =0.12.2, =0.3.17, =0.3.17, =0.3.33 Source cves: CVE-2026-3941 Source advisory: SNYK:JS-CHROMEDEVTOOLSFRONTEND-15467463...
@acabai/android (>=1.0.0 <=1.0.1), @addfox/cli (>=0.1.1 <=0.1.1-beta.16) +169 more potentially affected by CVE-2026-31988 via yauzl (=3.2.0)
yauzl NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on yauzl and may be impacted: - @acabai/android =1.0.0, =0.1.1, =0.1.1, =1.6.10, =3.4.26, =2.1.83, =1.2.7, =1.1.22, =8.0.0, =10.0.0, =10.0.0, =1.0.0, =1.0.1, =8.9.4, =9.10.1,...
@24hr/ettapi (>=0.0.1 <=0.2.5), @dzangolab/fastify-s3 (>=0.48.0 <=0.87.0) +1 more potentially affected by CVE-2025-65587 via graphql-upload-minimal (>=1.5.3 <=1.6.1)
graphql-upload-minimal NPM version =1.5.3, =0.0.1, =0.48.0, =0.88.0, =0.93.4 Source cves: CVE-2025-65587 Source advisory: SNYK:JS-GRAPHQLUPLOADMINIMAL-15682460...
@snyk/snyk-cocoapods-plugin (=2.6.0), snyk-docker-plugin (>=8.0.0 <=8.4.0) potentially affected by CVE-2026-32094 via shescape (=2.1.0)
shescape NPM version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on shescape and may be impacted: - @snyk/snyk-cocoapods-plugin =2.6.0 - snyk-docker-plugin =8.0.0, =8.4.0 Source cves: CVE-2026-32094 Source advisory: SNYK:JS-SHESCAPE-15467452...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-32098 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-32098 Source advisory: SNYK:JS-PARSESERVER-15469210...
@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-32106 via studiocms (>=0.2.0 <=0.3.0)
studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-32106 Source advisory: SNYK:JS-STUDIOCMS-15666774...
@studiocms/migrator (>=0.2.0 <=0.2.1) potentially affected by CVE-2026-32104 via studiocms (>=0.2.0 <=0.3.0)
studiocms NPM version =0.2.0, =0.2.0, =0.2.1 Source cves: CVE-2026-32104 Source advisory: SNYK:JS-STUDIOCMS-15665373...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +656 more potentially affected by CVE-2026-35536 via tornado (>=6.0.0 <=6.5.4)
tornado PYPI version =6.0.0, =0.0.0, =0.7.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.3.0, =0.1.23, =0.0.9.1, =0.20.0, =0.9.5, =22.5.13, =26.2.0 and more Source cves: CVE-2026-35536 Source advisory: SNYK:PYTHON-TORNADO-15467448...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +887 more potentially affected by unknown CVE via tornado (>=3.0.0 <=6.5.4)
tornado PYPI version =3.0.0, =0.0.0, =0.0.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.0.0, =1.3.0, =3.3.3, =0.1.23, =0.0.9.1, =0.20.0, =0.21.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-78CV-MQJ4-43F7...
@aabelmann/ui-layer (=0.0.1), @adinvadim/convex-vue (>=1.1.0 <=1.3.0) +734 more potentially affected by CVE-2026-30226 via devalue (>=4.0.1 <=5.6.3)
devalue NPM version =4.0.1, =1.1.0, =1.0.0, =0.0.1, =0.1.0, =0.2.2, =0.2.2, =0.2.2, =0.3.0, =0.5.7, =0.0.1-beta.3, =0.0.1-alpha.1, =0.0.17, =0.0.2, =0.0.10 and more Source cves: CVE-2026-30226 Source advisory: SNYK:JS-DEVALUE-15467451...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +656 more potentially affected by CVE-2026-31958 via tornado (>=6.0.0 <=6.5.4)
tornado PYPI version =6.0.0, =0.0.0, =0.7.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.3.0, =0.1.23, =0.0.9.1, =0.20.0, =0.9.5, =22.5.13, =26.2.0 and more Source cves: CVE-2026-31958 Source advisory: SNYK:PYTHON-TORNADO-15467447...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +887 more potentially affected by CVE-2026-31958 via tornado (>=3.0.0 <=6.5.4)
tornado PYPI version =3.0.0, =0.0.0, =0.0.3, =0.0.5, =1.0.0, =1.0.0, =0.31.0, =1.0.0, =1.3.0, =3.3.3, =0.1.23, =0.0.9.1, =0.20.0, =0.21.0 and more Source cves: CVE-2026-31958 Source advisory: OSV:PYSEC-2026-140...
@adobe/git-server (>=1.0.1 <=1.0.5), @adobe/helix-cli (>=5.7.7 <=6.1.0) +29 more potentially affected by CVE-2026-32094 via shescape (>=1.6.1 <=2.1.0)
shescape NPM version =1.6.1, =1.0.1, =5.7.7, =2.16.1, =1.0.0, =0.1.3, =0.0.7, =0.1.0, =2.3.2, =2.3.2, =2.5.3, =2.6.0 - @snyk/snyk-hex-plugin =1.1.6 - @w3sec/w3security-gradle-plugin =2.27.0 - @xeserv/nixexpr =0.1.0 - addons-linter =1.15.3 and more Source cves: CVE-2026-32094 Source advisory:...
@0xwork/connect (>=0.1.0 <=0.1.9), @agenr/agenr-plugin (>=1.6.0 <=3.2.0) +159 more potentially affected by CVE-2026-30741 via openclaw (>=0.0.1 <=2026.6.5)
openclaw NPM version =0.0.1, =0.1.0, =1.6.0, =1.1.0, =0.1.0, =1.0.5, =0.3.5, =1.0.3, =0.0.1, =0.1.0, =1.0.9, =2026.2.4, =2026.3.3 and more Source cves: CVE-2026-30741 Source advisory: SNYK:JS-OPENCLAW-15627890...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-3429 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.6)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-3429 Source advisory: OSV:GHSA-8G9R-9WJW-37J4https://vulners.com/osv/OSV:GHSA-8G9R-9WJW-...
acril (=0.1.0), acril-http (=0.1.0) +883 more potentially affected by unknown CVE via http-types (>=1.3.1 <=2.12.0)
http-types CARGO version =1.3.1, =4.0.0, =0.1.0, =0.1.0, =0.3.0, =0.10.0, =0.3.0, =0.1.0, =0.1.0, =0.6.0, =0.0.1, =0.0.6 - aquadoggo =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0174...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-3911 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.5)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-3911 Source advisory: OSV:GHSA-XH32-C9WX-PHRPhttps://vulners.com/osv/OSV:GHSA-XH32-C9WX-...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31901 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31901 Source advisory: SNYK:JS-PARSESERVER-15468746...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31901 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31901 Source advisory: OSV:GHSA-W54V-HF9P-8856...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-31901 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-31901 Source advisory: OSV:GHSA-W54V-HF9P-8856...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31875 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31875 Source advisory: SNYK:JS-PARSESERVER-15469015...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31875 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31875 Source advisory: OSV:GHSA-4HF6-3X24-C9M8...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-31875 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-31875 Source advisory: OSV:GHSA-4HF6-3X24-C9M8...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31872 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31872 Source advisory: SNYK:JS-PARSESERVER-15468853...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31872 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31872 Source advisory: OSV:GHSA-R2M8-PXM9-9C4G...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-31872 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-31872 Source advisory: OSV:GHSA-R2M8-PXM9-9C4G...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31871 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31871 Source advisory: SNYK:JS-PARSESERVER-15469164...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.4) potentially affected by CVE-2026-31871 via parse-server (>=9.6.0-alpha.37 <=9.6.0-alpha.43)
parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.4 Source cves: CVE-2026-31871 Source advisory: OSV:GHSA-GQPP-XGVH-9H7H...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-31871 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-31871 Source advisory: OSV:GHSA-GQPP-XGVH-9H7H...
@openinc/parse-server-opendash (>=4.0.0 <=4.0.3) potentially affected by CVE-2026-31868 via parse-server (=9.6.0-alpha.37)
parse-server NPM version =9.6.0-alpha.37 is affected by a known vulnerability. The following packages have a transitive dependency on parse-server and may be impacted: - @openinc/parse-server-opendash =4.0.0, =4.0.3 Source cves: CVE-2026-31868 Source advisory: SNYK:JS-PARSESERVER-15468614...