26517 matches found
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30229 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30229 Source advisory: OSV:GHSA-79WJ-8RQV-JVP5...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30228 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30228 Source advisory: OSV:GHSA-XFH7-PHR7-GR2X...
@ekairos/dataset (>=1.21.32-beta.0 <=1.22.34-beta.development.0), @ekairos/events (>=1.22.4-beta.development.0 <=1.22.34-beta.development.0) +27 more potentially affected by unknown CVE via @workflow/core (>=4.0.1-beta.0 <=4.1.0-beta.63)
@workflow/core NPM version =4.0.1-beta.0, =1.21.32-beta.0, =1.22.4-beta.development.0, =1.21.32-beta.0, =1.21.53-beta.0, =1.21.88-beta.0, =0.0.0-dev-20260121145510, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =0.0.0-dev-20260115183047, =4.0.0-beta.2, =4.0.1-beta.4, =4.0.1-beta.0,...
@chrisleekr/mcp-server-playground (>=1.1.0 <=1.1.2-dev-ed23132.1), @intlayer/backend (>=7.0.9-canary.2 <=7.5.9) +29 more potentially affected by CVE-2026-30827 via express-rate-limit (=8.2.1)
express-rate-limit NPM version =8.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @chrisleekr/mcp-server-playground =1.1.0, =7.0.9-canary.2, =1.597.450, =4.0.0, =3.1.0, =0.0.1-canary.1, =0.42.0, =0.20.0,...
@chrisleekr/mcp-server-playground (>=1.1.0 <=1.1.2-dev-ed23132.1), @intlayer/backend (>=7.0.9-canary.2 <=7.5.9) +29 more potentially affected by CVE-2026-30827 via express-rate-limit (=8.2.1)
express-rate-limit NPM version =8.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @chrisleekr/mcp-server-playground =1.1.0, =7.0.9-canary.2, =1.597.450, =4.0.0, =3.1.0, =0.0.1-canary.1, =0.42.0, =0.20.0,...
@igea/oac_backend (>=1.0.35 <=1.0.115), @igea/oac_frontend (>=1.0.31 <=1.0.111) +12 more potentially affected by CVE-2026-30827 via express-rate-limit (=8.1.0)
express-rate-limit NPM version =8.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @igea/oacbackend =1.0.35, =1.0.31, =7.0.0, =2.0.0-test.19, =0.1.0, =0.29.0, =0.16.0, =0.42.0, =0.27.0, =0.42.0, =0.70.0,...
@igea/oac_backend (>=1.0.35 <=1.0.115), @igea/oac_frontend (>=1.0.31 <=1.0.111) +12 more potentially affected by CVE-2026-30827 via express-rate-limit (=8.1.0)
express-rate-limit NPM version =8.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @igea/oacbackend =1.0.35, =1.0.31, =7.0.0, =2.0.0-test.19, =0.1.0, =0.29.0, =0.16.0, =0.42.0, =0.27.0, =0.42.0, =0.70.0,...
@chrisleekr/mcp-server-playground (>=1.1.0-dev-1d08adb.1 <=1.1.0-dev-ff904e8.1) potentially affected by CVE-2026-30827 via express-rate-limit (=8.0.1)
express-rate-limit NPM version =8.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @chrisleekr/mcp-server-playground =1.1.0-dev-1d08adb.1, =1.1.0-dev-ff904e8.1 Source cves: CVE-2026-30827 Source advisory:...
@chrisleekr/mcp-server-playground (>=1.1.0-dev-1d08adb.1 <=1.1.0-dev-ff904e8.1) potentially affected by CVE-2026-30827 via express-rate-limit (=8.0.1)
express-rate-limit NPM version =8.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on express-rate-limit and may be impacted: - @chrisleekr/mcp-server-playground =1.1.0-dev-1d08adb.1, =1.1.0-dev-ff904e8.1 Source cves: CVE-2026-30827 Source advisory:...
@george.talusan/node-red-contrib-copilot (>=0.0.5 <=1.0.5), @github/copilot-sdk (>=0.1.9 <=0.1.31-unstable.0) +19 more potentially affected by CVE-2026-29783 via @github/copilot (>=0.0.375 <=0.0.421)
@github/copilot NPM version =0.0.375, =0.0.5, =0.1.9, =1.1.0, =0.0.0, =0.13.0, =0.0.1, =1.2.3, =0.6.0, =1.0.1, =0.1.0, =1.0.0, =1.0.0, =1.0.15 - devdoctor-js =0.1.0 and more Source cves: CVE-2026-29783 Source advisory: SNYK:JS-GITHUBCOPILOT-15468228...
ifood2-github-io (=9.9.9) potentially affected by unknown CVE via ifood-github-io (=9.9.9)
ifood-github-io NPM version =9.9.9 is affected by a known vulnerability. The following packages have a transitive dependency on ifood-github-io and may be impacted: - ifood2-github-io =9.9.9 Source cves: unknown CVE Source advisory: SNYK:JS-IFOODGITHUBIO-16300296...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +53 more potentially affected by unknown CVE via sagemaker-core (=2.13.1)
sagemaker-core PYPI version =2.13.1 is affected by a known vulnerability. The following packages have a transitive dependency on sagemaker-core and may be impacted: - admet-workbench =0.1.0, =0.4.4, =1.3.16, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +84 more potentially affected by unknown CVE via sagemaker (>=1.52.1 <=3.13.1)
sagemaker PYPI version =1.52.1, =0.1.0, =0.4.4, =1.0.29, =1.3.24, =0.1.1b20230324, =0.0.2, =0.4.6, =0.1.13, =5.118.1, =0.1.0, =5.11.0, =5.11.0a0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5R2P-PJR8-7FH7...
caver (=0.0.1), distilbert-punctuator (>=0.2.0 <=0.3.0) +1 more potentially affected by CVE-2026-30244 via plane (=0.2.1)
plane PYPI version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on plane and may be impacted: - caver =0.0.1 - distilbert-punctuator =0.2.0, =0.0.5, =0.0.8 Source cves: CVE-2026-30244 Source advisory: OSV:GHSA-87X4-J8VH-P5QF...
caver (=0.0.1), distilbert-punctuator (>=0.2.0 <=0.3.0) +1 more potentially affected by CVE-2026-30242 via plane (=0.2.1)
plane PYPI version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on plane and may be impacted: - caver =0.0.1 - distilbert-punctuator =0.2.0, =0.0.5, =0.0.8 Source cves: CVE-2026-30242 Source advisory: OSV:GHSA-FPX8-73GF-7X73...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +160 more potentially affected by CVE-2026-3009 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.4)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-3009 Source advisory: OSV:GHSA-M297-3JV9-M927https://vulners.com/osv/OSV:GHSA-M297-3JV9-...
org.keycloak:keycloak-dependencies-server-all (>=1.2.0.CR1 <=1.8.1.Final) potentially affected by CVE-2026-3047 via org.keycloak:keycloak-broker-saml (>=1.2.0.CR1 <=1.8.1.Final)
org.keycloak:keycloak-broker-saml MAVEN version =1.2.0.CR1, =1.2.0.CR1, =1.8.1.Final Source cves: CVE-2026-3047 Source advisory: OSV:GHSA-8CR3-VPXX-92CX...
langevals-ragas (>=0.1.10 <=0.1.17), mmore (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-45691 via ragas (>=0.2.6 <=0.2.9)
ragas PYPI version =0.2.6, =0.1.10, =1.0.0, =1.0.1 Source cves: CVE-2025-45691 Source advisory: OSV:GHSA-V2XR-WVRV-P969...
@amedia/brick-mcp (>=0.0.0-vSNAPSHOT-20260217144000 <=1.0.0), @area15/ticket-component (=0.1.0) +73 more potentially affected by CVE-2026-3419 via fastify (>=5.7.2 <=5.7.4)
fastify NPM version =5.7.2, =0.0.0-vSNAPSHOT-20260217144000, =0.5.2, =0.5.2, =0.5.2, =0.5.2, =0.2.11, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.11.6, =5.1.19, =2.21.2, =2.21.2, =2.21.3 and more Source cves: CVE-2026-3419 Source advisory: OSV:GHSA-573F-X89G-HQP9...
@amedia/brick-mcp (>=0.0.0-vSNAPSHOT-20260217144000 <=1.0.0), @area15/ticket-component (=0.1.0) +73 more potentially affected by CVE-2026-3419 via fastify (>=5.7.2 <=5.7.4)
fastify NPM version =5.7.2, =0.0.0-vSNAPSHOT-20260217144000, =0.5.2, =0.5.2, =0.5.2, =0.5.2, =0.2.11, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.4.2-next.143, =2.11.6, =5.1.19, =2.21.2, =2.21.2, =2.21.3 and more Source cves: CVE-2026-3419 Source advisory: SNYK:JS-FASTIFY-15428269...
01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +924 more potentially affected by CVE-2026-0848 via nltk (>=2.0.4 <=3.9.2)
nltk PYPI version =2.0.4, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0848 Source advisory: OSV:PYSEC-2026-99...
org.glassfish.mq:mq-client (>=6.4.0 <=6.8.0), org.glassfish.mq:mq-cluster (>=6.4.0 <=6.8.0) +13 more potentially affected by CVE-2026-24457 via org.glassfish.mq:mqbroker-comm (>=6.4.0 <=6.8.0)
org.glassfish.mq:mqbroker-comm MAVEN version =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.8.0 Source cves: CVE-2026-24457 Source advisory: SNYK:JAVA-ORGGLASSFISHMQ-15468292...
org.glassfish.mq:mq-client (>=6.4.0 <=6.8.0), org.glassfish.mq:mq-cluster (>=6.4.0 <=6.8.0) +12 more potentially affected by CVE-2026-24457 via org.glassfish.mq:mqbroker-core (>=6.4.0 <=6.8.0)
org.glassfish.mq:mqbroker-core MAVEN version =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.4.0, =6.8.0 Source cves: CVE-2026-24457 Source advisory: SNYK:JAVA-ORGGLASSFISHMQ-16438943...
adxp-cli (>=0.1.1 <=0.1.21), ag-ui-langgraph (>=0.0.14 <=0.0.29) +115 more potentially affected by CVE-2026-28277 via langgraph (>=1.0.0 <=1.0.10)
langgraph PYPI version =1.0.0, =0.1.1, =0.0.14, =0.0.2, =0.1.0, =0.2.1, =0.1.0, =0.1.0, =0.0.48, =0.0.54, =0.1.2, =0.1.4, =0.2.0 - chatlas-frontend =1.0.0 and more Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPH-15433492...
agent-nexus-cli (>=0.1.0 <=0.1.31), agentiva (>=0.1.0 <=0.1.5) potentially affected by CVE-2026-28277 via langgraph-checkpoint (>=4.0.0 <=4.0.1)
langgraph-checkpoint PYPI version =4.0.0, =0.1.0, =0.1.0, =0.1.5 Source cves: CVE-2026-28277 Source advisory: SNYK:PYTHON-LANGGRAPHCHECKPOINT-15433491...
01os (=0.0.14), aa-rag (>=0.4.2 <=0.4.3) +922 more potentially affected by CVE-2026-0848 via nltk (>=3.0.0 <=3.9.2)
nltk PYPI version =3.0.0, =0.4.2, =0.2.3, =0.2.0, =0.0.4, =0.0.1, =0.1.0, =0.1.0, =0.0.9, =0.1.0 and more Source cves: CVE-2026-0848 Source advisory: SNYK:PYTHON-NLTK-15763329...
a-mailx (=0.1.0), a2a-client-handler (=0.1.0) +366 more potentially affected by CVE-2026-28277 via langgraph (>=0.1.15 <=1.0.1)
langgraph PYPI version =0.1.15, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.0.1, =2.1.7, =0.0.2, =0.0.1, =0.1.1, =0.1.2, =0.0.4, =0.5.10 and more Source cves: CVE-2026-28277 Source advisory: OSV:GHSA-G48C-2WQR-H844...
a-mailx (=0.1.0), a2a-client-handler (=0.1.0) +429 more potentially affected by CVE-2026-28277 via langgraph (>=0.1.15 <=1.0.10)
langgraph PYPI version =0.1.15, =0.1.5, =0.1.0, =0.1.1, =0.1.1, =0.0.1, =2.1.7, =0.0.2, =0.0.1, =0.1.1, =0.1.2, =0.0.4, =0.5.10 and more Source cves: CVE-2026-28277 Source advisory: OSV:PYSEC-2026-83...
ado-vllm-performance (>=1.2.2 <=1.3.3), agentclinic (=0.1.0) +73 more potentially affected by CVE-2026-25048 via xgrammar (>=0.1.11 <=0.1.29)
xgrammar PYPI version =0.1.11, =1.2.2, =0.0.0, =2.3.5, =0.8.4, =0.2.2, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.2, =0.1.1, =0.1.1, =0.0.2, =0.1.0 and more Source cves: CVE-2026-25048 Source advisory: OSV:GHSA-7RGV-GQHR-FXG3...
01os (=0.0.14), 10xscale-agentflow-cli (>=0.3.0 <=0.3.1) +11448 more potentially affected by CVE-2025-69534 via markdown (>=3.0.0 <=3.8.0)
markdown PYPI version =3.0.0, =0.3.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.4.80, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 and more Source cves: CVE-2025-69534 Source advisory: SNYK:PYTHON-MARKDOWN-15428352...
01os (=0.0.14), 10xscale-agentflow-cli (>=0.3.0 <=0.3.1) +11623 more potentially affected by CVE-2025-69534 via markdown (>=2.1.1 <=3.8.0)
markdown PYPI version =2.1.1, =0.3.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.4.80, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 and more Source cves: CVE-2025-69534 Source advisory: OSV:GHSA-5WMX-573V-2QWQ...
01os (=0.0.14), 10xscale-agentflow-cli (>=0.3.0 <=0.3.1) +11611 more potentially affected by CVE-2025-69534 via markdown (>=2.1.1 <=3.7.0)
markdown PYPI version =2.1.1, =0.3.0, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.4.80, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 and more Source cves: CVE-2025-69534 Source advisory: OSV:PYSEC-2026-89...
django-daiquiri (>=1.3.0 <=1.3.2), django-jwt-allauth (>=1.0.3 <=1.2.0) +13 more potentially affected by CVE-2026-27982 via django-allauth (>=65.0.1 <=65.13.1)
django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =2.0.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.2.0, =1.1.1, =1.1.3 Source cves: CVE-2026-27982 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-15426544...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +97 more potentially affected by CVE-2026-27982 via django-allauth (>=0.24.1 <=65.13.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2026-27982 Source advisory: OSV:GHSA-2JPR-83RG-V67J...
aleksis (>=2022.6.0.post0 <=2023.6.1), aleksis-app-alsijil (>=2.0.0 <=3.0.1) +97 more potentially affected by CVE-2026-27982 via django-allauth (>=0.24.1 <=65.13.1)
django-allauth PYPI version =0.24.1, =2022.6.0.post0, =2.0.0, =1.0.0, =2.0.0, =2.1.0, =2.0.0, =1.0.0.dev0, =0.1.0, =2.0.0, =2.0.0, =0.1.0, =2.0.0, =1.0.0, =0.1.1, =2.0.0.dev0, =2.0.0.dev2 and more Source cves: CVE-2026-27982 Source advisory: OSV:PYSEC-2026-56...
ba.sake:pac4j-testkit (>=0.1.0 <=0.2.0), com.baomidou:shaun-core (=2.0.0) +5 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=6.0.3 <=6.2.2)
org.pac4j:pac4j-jwt MAVEN version =6.0.3, =0.1.0, =7.1.0, =7.1.0, =7.3.4 Source cves: CVE-2026-29000 Source advisory: SNYK:JAVA-ORGPAC4J-15428218...
com.efluid.oss:efluid-datagate-app (>=3.1.3 <=6.1.5), com.efluid.oss:efluid-datagate-app-cucumber (>=3.1.3 <=6.1.5) +5 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=5.0.1 <=5.7.8)
org.pac4j:pac4j-jwt MAVEN version =5.0.1, =3.1.3, =3.1.3, =0.8.0, =0.8.0, =2.0.6, =2.2.1, =2.0.6, =2.1.0 Source cves: CVE-2026-29000 Source advisory: SNYK:JAVA-ORGPAC4J-15428218...
com.baomidou:shaun-core (>=1.0 <=1.4), com.baomidou:shaun-spring-boot-starter (>=1.0 <=1.4) +37 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=4.0.0-RC1 <=4.5.8)
org.pac4j:pac4j-jwt MAVEN version =4.0.0-RC1, =1.0, =1.0, =1.1, =1.1.0, =1.1.1, =1.1.1, =1.1.1, =1.0.0.RELEASE, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.9.0 and more Source cves: CVE-2026-29000 Source advisory: SNYK:JAVA-ORGPAC4J-15428218...
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +60383 more potentially affected by CVE-2026-29085 via hono (>=3.8.4 <=4.12.3)
hono NPM version =3.8.4, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =2.0.0, =1.0.0, =0.3.2, =0.1.0, =0.3.8 and more Source cves: CVE-2026-29085 Source advisory: SNYK:JS-HONO-15423717...
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +60381 more potentially affected by CVE-2026-29045 via hono (>=4.0.0 <=4.12.3)
hono NPM version =4.0.0, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =2.0.0, =1.0.0, =0.3.2, =0.1.0, =0.3.8 and more Source cves: CVE-2026-29045 Source advisory: SNYK:JS-HONO-15419466...
0agent (>=1.0.1 <=1.1.5), 0dot (=0.6.0) +60601 more potentially affected by CVE-2026-29086 via hono (>=0.5.10 <=4.12.3)
hono NPM version =0.5.10, =1.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.6, =0.1.0, =2.0.0, =1.0.0, =0.3.2, =0.1.0, =0.3.8 and more Source cves: CVE-2026-29086 Source advisory: SNYK:JS-HONO-15418360...
dbt-databricks (>=1.11.1 <=1.11.3) potentially affected by CVE-2026-29790 via dbt-common (=1.36.0)
dbt-common PYPI version =1.36.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbt-common and may be impacted: - dbt-databricks =1.11.1, =1.11.3 Source cves: CVE-2026-29790 Source advisory: OSV:GHSA-W75W-9QV4-J5XJ...
dbt-databricks (>=1.11.1 <=1.11.3) potentially affected by unknown CVE via dbt-common (=1.36.0)
dbt-common PYPI version =1.36.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbt-common and may be impacted: - dbt-databricks =1.11.1, =1.11.3 Source cves: unknown CVE Source advisory: SNYK:PYTHON-DBTCOMMON-15426567...
acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9), airflow-dbt-python (=2.1.0) +49 more potentially affected by unknown CVE via dbt-common (>=1.0.0b2 <=1.33.0)
dbt-common PYPI version =1.0.0b2, =0.1.7, =0.1.5, =0.21.7, =0.0.1rc1, =0.1.0a1, =1.0.9, =1.8.0, =1.5.2, =1.8.0, =1.8.0, =1.8.15 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-DBTCOMMON-15426567...
acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9), airflow-dbt-python (=2.1.0) +49 more potentially affected by CVE-2026-29790 via dbt-common (>=0.1.6 <=1.33.0)
dbt-common PYPI version =0.1.6, =0.1.7, =0.1.5, =0.21.7, =0.0.1rc1, =0.1.0a1, =1.0.9, =1.8.0, =1.5.2, =1.8.0, =1.8.0, =1.8.15 and more Source cves: CVE-2026-29790 Source advisory: OSV:GHSA-W75W-9QV4-J5XJ...
better-auth-cloudflare (=0.1.0), next-ai-draw-io (=0.4.10) potentially affected by CVE-2025-6087 +1 more via @opennextjs/cloudflare (>=1.0.1 <=1.14.8)
@opennextjs/cloudflare NPM version =1.0.1, =1.14.8 is affected by a known vulnerability. The following packages have a transitive dependency on @opennextjs/cloudflare and may be impacted: - better-auth-cloudflare =0.1.0 - next-ai-draw-io =0.4.10 Source cves: CVE-2025-6087, CVE-2026-3125 Source...
@adenta/cms (>=0.0.6 <=1.1.1-0), @adobe/helix-deploy (>=11.0.19 <=11.1.15) +284 more potentially affected by CVE-2026-29786 via tar (>=7.0.0 <=7.5.1)
tar NPM version =7.0.0, =0.0.6, =11.0.19, =1.0.0, =1.0.2, =0.1.1, =0.1.1, =2.17.11, =1.9.5, =8.8.3, =0.0.2, =0.0.22 and more Source cves: CVE-2026-29786 Source advisory: SNYK:JS-TAR-15416075...
org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-29786 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)
org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-29786 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15416076...
com.efluid.oss:efluid-datagate-app (>=3.1.3 <=6.1.5), com.efluid.oss:efluid-datagate-app-cucumber (>=3.1.3 <=6.1.5) +5 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=5.0.1 <=5.7.8)
org.pac4j:pac4j-jwt MAVEN version =5.0.1, =3.1.3, =3.1.3, =0.8.0, =0.8.0, =2.0.6, =2.2.1, =2.0.6, =2.1.0 Source cves: CVE-2026-29000 Source advisory: OSV:GHSA-PM7G-W2CF-Q238...
cc.akkaha:asura-play_2.12 (>=0.5.0 <=0.6.0), cc.akkaha:pea_2.12 (>=0.1.0 <=0.7.0) +305 more potentially affected by CVE-2026-29000 via org.pac4j:pac4j-jwt (>=1.8.2 <=4.5.8)
org.pac4j:pac4j-jwt MAVEN version =1.8.2, =0.5.0, =0.1.0, =1.0, =1.0, =1.1, =1.1.0, =1.1.1, =1.1.1, =1.1.1, =1.0.0-beta-21, =1.0.0-beta-21, =1.0.0.RELEASE, =0.2.0, =0.2.0, =0.2.0, =0.9.0 and more Source cves: CVE-2026-29000 Source advisory: OSV:GHSA-PM7G-W2CF-Q238...