26517 matches found
apache-airflow (>=3.1.0b1 <=3.1.7), apache-airflow-providers-common-compat (>=1.6.0rc1 <=1.7.3rc1) +14 more potentially affected by CVE-2026-22922 via apache-airflow-core (>=3.1.0b1 <=3.1.7)
apache-airflow-core PYPI version =3.1.0b1, =3.1.0b1, =1.6.0rc1, =1.5.3rc1, =1.26.0rc1, =2.0.2rc1, =0.4.0rc1, =1.1.0b1, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.18rc1 and more Source cves: CVE-2026-22922 Source advisory: SNYK:PYTHON-APACHEAIRFLOWCORE-15267374...
airflow-balancer (>=0.7.0 <=0.7.6), airflow-clickhouse-plugin (=1.5.0) +29 more potentially affected by CVE-2026-24098 via apache-airflow (>=3.0.0 <=3.1.6)
apache-airflow PYPI version =3.0.0, =0.7.0, =0.6.1, =1.10.7, =0.1.0, =1.4.3, =1.2.10, =0.1.1, =3.0.0, =1.6.0, =1.5.3, =1.25.0, =3.12.0, =0.0.4, =2.0.2, =2.3.0rc1 and more Source cves: CVE-2026-24098 Source advisory: OSV:PYSEC-2026-12...
apache-airflow-core (>=3.1.0 <=3.1.6), apache-airflow-providers-common-compat (>=1.6.0 <=1.7.3rc1) +14 more potentially affected by CVE-2026-22922 via apache-airflow (>=3.1.0 <=3.1.6)
apache-airflow PYPI version =3.1.0, =3.1.0, =1.6.0, =1.5.3, =1.26.0, =2.0.2, =0.4.0, =1.1.0, =12.0.0, =7.0.0, =1.15.0, =0.34.0, =1.9.0, =1.37.0, =1.26.0, =1.26.8 and more Source cves: CVE-2026-22922 Source advisory: OSV:PYSEC-2026-11...
repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25905 via mcp-run-python (=0.0.22)
mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25905 Source advisory: SNYK:PYTHON-MCPRUNPYTHON-15250553...
repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25905 via mcp-run-python (=0.0.22)
mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25905 Source advisory: OSV:GHSA-PFV4-WMPH-5GC6...
repository-manager (>=1.2.10 <=1.2.15) potentially affected by CVE-2026-25904 via mcp-run-python (=0.0.22)
mcp-run-python PYPI version =0.0.22 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-run-python and may be impacted: - repository-manager =1.2.10, =1.2.15 Source cves: CVE-2026-25904 Source advisory: OSV:GHSA-6FGP-M6Q4-J3Q5...
ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5), ca.ibodrov.mica.docker:mica-standalone (>=0.0.27 <=0.0.34) +273 more potentially affected by CVE-2026-23903 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.0.6)
org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-23903 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-15253617...
org.webjars.npm:asn1.js (>=4.0.0 <=5.4.1), org.webjars.npm:asn1.js-rfc5280 (=3.0.0) +26 more potentially affected by CVE-2026-2739 via org.webjars.npm:bn.js (>=4.11.6 <=5.2.0)
org.webjars.npm:bn.js MAVEN version =4.11.6, =4.0.0, =4.0.1, =4.0.0, =5.0.0, =6.2.3, =6.6.1 - org.webjars.npm:ethereum-cryptography =0.1.3 - org.webjars.npm:ethers =5.4.6 - org.webjars.npm:ethersprojectaddress =5.4.0 - org.webjars.npm:ethersprojectbignumber =5.4.1 and more Source cves:...
1inch-agent-kit (=1.0.53), 1matrix-amino (>=1.0.0 <=1.0.1) +4820 more potentially affected by CVE-2026-2739 via bn.js (>=5.0.0 <=5.2.2)
bn.js NPM version =5.0.0, =1.0.0, =1.0.1, =1.0.1, =1.0.0, =1.0.1, =1.0.0, =1.0.1, =1.0.1, =1.0.2 and more Source cves: CVE-2026-2739 Source advisory: SNYK:JS-BNJS-15274301...
003-gas-convert (=1.0.1), 0x-hunter-core (>=1.0.0 <=1.0.1-5) +13848 more potentially affected by CVE-2026-2739 via bn.js (>=4.10.3 <=4.12.0)
bn.js NPM version =4.10.3, =1.0.0, =0.0.3, =0.0.3, =0.0.11, =1.1.0, =0.0.2, =0.9.9, =0.10.33 - 108-gas-convert =1.0.0 - 2.typescript-init =1.0.0 - 260f-check-balance =1.0.0 - 260f-gas-convert =1.0.0 and more Source cves: CVE-2026-2739 Source advisory: SNYK:JS-BNJS-15274301...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2026-25732 via nicegui (>=0.9.11 <=3.6.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2026-25732 Source advisory: OSV:PYSEC-2026-95...
agentiq-semantic-kernel (>=1.0.0 <=1.1.0a20250428), aiqtoolkit-semantic-kernel (>=1.1.0 <=1.2.0rc4) +4 more potentially affected by CVE-2026-25592 via semantic-kernel (>=1.0.0rc1 <=1.35.3)
semantic-kernel PYPI version =1.0.0rc1, =1.0.0, =1.1.0, =0.1.1, =0.2.0, =1.2.0, =0.0.1, =0.0.4 Source cves: CVE-2026-25592 Source advisory: SNYK:PYTHON-SEMANTICKERNEL-15248428...
1shot (>=0.0.1 <=0.0.9), @3030-labs/wotw (>=0.8.4 <=0.9.0) +375 more potentially affected by CVE-2026-25725 via @anthropic-ai/claude-code (>=0.2.126 <=2.1.170)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.1, =0.8.4, =1.0.0, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.1.18, =1.0.0, =0.4.0, =0.11.0 - @arach/hooked =1.1.1 and more Source cves: CVE-2026-25725 Source advisory: OSV:GHSA-FF64-7W26-62RF...
1shot (>=0.0.1 <=0.0.2), @3030-labs/wotw (>=0.8.4 <=0.9.0) +179 more potentially affected by CVE-2026-25724 via @anthropic-ai/claude-code (>=2.0.0 <=2.1.63)
@anthropic-ai/claude-code NPM version =2.0.0, =0.0.1, =0.8.4, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.0.0-main-260517022600, =0.0.0-main-260517043948, =0.2.5, =4.10.0, =2.1.2, =0.3.0, =0.3.5 and more Source cves: CVE-2026-25724 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15248353...
1shot (>=0.0.1 <=0.0.9), @3030-labs/wotw (>=0.8.4 <=0.9.0) +376 more potentially affected by CVE-2026-25724 via @anthropic-ai/claude-code (>=0.2.126 <=2.1.63)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.1, =0.8.4, =1.0.0, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.1.18, =1.0.0, =0.4.0, =0.11.0 - @arach/hooked =1.1.1 and more Source cves: CVE-2026-25724 Source advisory: OSV:GHSA-4Q92-RFM6-2CQX...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +232 more potentially affected by CVE-2026-25723 via @anthropic-ai/claude-code (>=0.2.126 <=2.0.51)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2026-25723 Source advisory: OSV:GHSA-MHG7-666J-CQG4...
@kimuson/claude-code-viewer (>=0.4.2 <=0.5.9), @netlify/agent-runner-cli (>=1.31.0 <=1.57.0) +11 more potentially affected by CVE-2026-25723 via @anthropic-ai/claude-code (>=2.0.0 <=2.0.51)
@anthropic-ai/claude-code NPM version =2.0.0, =0.4.2, =1.31.0, =0.0.1-rc.1, =0.5.2, =0.0.0, =0.1.2, =0.11.1, =0.11.0, =1.0.0, =0.10.2, =0.11.2, =0.13.3 Source cves: CVE-2026-25723 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15248308...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +234 more potentially affected by CVE-2026-25722 via @anthropic-ai/claude-code (>=0.2.126 <=2.0.55)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2026-25722 Source advisory: OSV:GHSA-66Q4-VFJG-2QHH...
@kimuson/claude-code-viewer (>=0.4.2 <=0.5.9), @netlify/agent-runner-cli (>=1.31.0 <=1.57.0) +14 more potentially affected by CVE-2026-25722 via @anthropic-ai/claude-code (>=2.0.0 <=2.0.55)
@anthropic-ai/claude-code NPM version =2.0.0, =0.4.2, =1.31.0, =0.0.1-rc.1, =0.12.0, =0.5.2, =0.12.1, =0.0.0, =0.1.2, =0.11.1, =0.11.0, =1.0.0, =0.10.2, =0.11.5-2 and more Source cves: CVE-2026-25722 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15248352...
@nelluriramu/oegesbot (=1.0.0) potentially affected by CVE-2026-25651 via client-certificate-auth (=0.3.0)
client-certificate-auth NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on client-certificate-auth and may be impacted: - @nelluriramu/oegesbot =1.0.0 Source cves: CVE-2026-25651 Source advisory: SNYK:JS-CLIENTCERTIFICATEAUTH-15248346...
@nelluriramu/oegesbot (=1.0.0) potentially affected by CVE-2026-25651 via client-certificate-auth (=0.3.0)
client-certificate-auth NPM version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on client-certificate-auth and may be impacted: - @nelluriramu/oegesbot =1.0.0 Source cves: CVE-2026-25651 Source advisory: OSV:GHSA-M4W9-GCH5-C2G4...
aws-ai-capacity (>=0.1.0 <=0.1.3), clai (>=1.3.0 <=1.50.0) +2 more potentially affected by CVE-2026-25640 via pydantic-ai (>=1.34.0 <=1.50.0)
pydantic-ai PYPI version =1.34.0, =0.1.0, =1.3.0, =0.4.3b0, =0.7.0, =0.7.9.dev1 Source cves: CVE-2026-25640 Source advisory: OSV:GHSA-WJP5-868J-WQV7...
agent-runtimes (=0.0.9), aws-ai-capacity (>=0.1.0 <=0.1.3) +12 more potentially affected by CVE-2026-25640 via pydantic-ai-slim (>=1.34.0 <=1.50.0)
pydantic-ai-slim PYPI version =1.34.0, =0.1.0, =1.3.0, =1.0.0, =0.4.3b0, =1.3.0, =1.3.0, =1.3.0, =0.7.0, =0.45.2, =2.0.0, =2.1.0 Source cves: CVE-2026-25640 Source advisory: OSV:GHSA-WJP5-868J-WQV7...
agent-runtimes (=0.0.9), aws-ai-capacity (>=0.1.0 <=0.1.3) +12 more potentially affected by CVE-2026-25640 via pydantic-ai-slim (>=1.34.0 <=1.50.0)
pydantic-ai-slim PYPI version =1.34.0, =0.1.0, =1.3.0, =1.0.0, =0.4.3b0, =1.3.0, =1.3.0, =1.3.0, =0.7.0, =0.45.2, =2.0.0, =2.1.0 Source cves: CVE-2026-25640 Source advisory: SNYK:PYTHON-PYDANTICAISLIM-15248298...
agentiq-semantic-kernel (>=1.0.0 <=1.1.0a20250428), agixt (>=1.1.76b0 <=1.3.71) +9 more potentially affected by CVE-2026-25592 via semantic-kernel (>=0.2.9.dev0 <=1.35.3)
semantic-kernel PYPI version =0.2.9.dev0, =1.0.0, =1.1.76b0, =1.1.0, =0.1.1, =0.1.0, =0.3.0, =1.2.0, =0.2.0, =0.0.1, =1.0.0, =1.0.9 Source cves: CVE-2026-25592 Source advisory: OSV:GHSA-2WW3-72RP-WPP4...
@es-joy/jsoe (>=0.0.1 <=0.16.0) potentially affected by CVE-2026-25581 via sceditor (=3.2.0)
sceditor NPM version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on sceditor and may be impacted: - @es-joy/jsoe =0.0.1, =0.16.0 Source cves: CVE-2026-25581 Source advisory: SNYK:JS-SCEDITOR-15248349...
a2cli (>=0.1.0 <=0.2.1), a2py (>=0.2.1 <=0.2.3) +425 more potentially affected by CVE-2026-25580 via pydantic-ai (>=0.0.30 <=1.55.0)
pydantic-ai PYPI version =0.0.30, =0.1.0, =0.2.1, =0.1.0, =0.2.5, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-25580 Source advisory: OSV:GHSA-2JRP-274C-JHV3...
a2cli (>=0.1.0 <=0.2.1), a2py (>=0.2.1 <=0.2.3) +686 more potentially affected by CVE-2026-25580 via pydantic-ai-slim (>=0.0.26 <=1.55.0)
pydantic-ai-slim PYPI version =0.0.26, =0.1.0, =0.2.1, =0.9.0, =0.1.0, =0.2.15, =0.1.0, =0.0.1.dev1, =0.1.0, =0.0.4, =0.1.0, =0.2.5, =0.1.0, =0.0.3, =1.0.3 and more Source cves: CVE-2026-25580 Source advisory: OSV:GHSA-2JRP-274C-JHV3...
a2cli (>=0.1.0 <=0.2.1), a2py (>=0.2.1 <=0.2.3) +686 more potentially affected by CVE-2026-25580 via pydantic-ai-slim (>=0.0.26 <=1.55.0)
pydantic-ai-slim PYPI version =0.0.26, =0.1.0, =0.2.1, =0.9.0, =0.1.0, =0.2.15, =0.1.0, =0.0.1.dev1, =0.1.0, =0.0.4, =0.1.0, =0.2.5, =0.1.0, =0.0.3, =1.0.3 and more Source cves: CVE-2026-25580 Source advisory: SNYK:PYTHON-PYDANTICAISLIM-15248301...
br.com.caelum.vraptor:vraptor-neo4j (=0.9.0), com.catify.bpmn:bpmn-engine-core (=1.1) +109 more potentially affected by CVE-2026-1337 via org.neo4j:neo4j (>=1.3 <=2025.09.0)
org.neo4j:neo4j MAVEN version =1.3, =0.1, =1.9-1.1, =1.0, =0.1, =0.2, =2.4, =2.9.1, =1.2, =2.6.0 and more Source cves: CVE-2026-1337 Source advisory: OSV:GHSA-XR72-G735-4VWP...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-25641 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-25641 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15248293...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2026-25732 via nicegui (>=0.9.11 <=3.6.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2026-25732 Source advisory: OSV:GHSA-9FFM-FXG3-XRHH...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2026-25732 via nicegui (>=3.0.4 <=3.6.1)
nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2026-25732 Source advisory: SNYK:PYTHON-NICEGUI-15248175...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-25142 +1 more via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-25142, CVE-2026-25587 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15248292...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-25586 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-25586 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15248294...
@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +76 more potentially affected by CVE-2026-25574 via payload (>=0.12.3 <=3.74.0-internal.9c378de)
payload NPM version =0.12.3, =0.0.1-251008.90016, =0.0.6, =0.0.1, =1.0.1-beta.0, =1.0.1, =1.0.0, =1.0.6, =1.0.0, =0.1.0, =1.0.0, =0.0.1, =0.0.17 and more Source cves: CVE-2026-25574 Source advisory: OSV:GHSA-JQ29-R496-R955...
@01.software/sdk (>=0.0.1-251008.90016 <=0.1.4), @adenta/cms (>=0.0.6 <=1.1.1-0) +32 more potentially affected by CVE-2026-25574 via payload (>=3.0.0-alpha.46 <=3.74.0-internal.9c378de)
payload NPM version =3.0.0-alpha.46, =0.0.1-251008.90016, =0.0.6, =0.0.3, =1.0.1-beta.0, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =3.64.0, =0.0.1-beta.0, =0.2.0, =0.2.14 - @remy90/payload-conditions-plugin =0.2.2 and more Source cves: CVE-2026-25574 Source advisory: SNYK:JS-PAYLOAD-15239949...
@adenta/cms (>=0.0.6 <=1.1.1-0), @ainsleydev/payload-helper (>=0.0.6 <=0.1.2) +23 more potentially affected by CVE-2026-25544 via @payloadcms/drizzle (>=3.0.0-beta.100 <=3.73.0-internal.783bc97)
@payloadcms/drizzle NPM version =3.0.0-beta.100, =0.0.6, =0.0.6, =3.22.1, =3.37.0, =1.0.0, =3.53.0, =3.61.1-2, =3.50.0-internal.ca62628, =3.0.0, =3.0.0, =3.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSDRIZZLE-15240185...
@adenta/cms (>=0.0.6 <=1.1.1-0), @ainsleydev/payload-helper (>=0.0.6 <=0.1.2) +23 more potentially affected by CVE-2026-25544 via @payloadcms/drizzle (>=3.0.0-beta.100 <=3.73.0-internal.783bc97)
@payloadcms/drizzle NPM version =3.0.0-beta.100, =0.0.6, =0.0.6, =3.22.1, =3.37.0, =1.0.0, =3.53.0, =3.61.1-2, =3.50.0-internal.ca62628, =3.0.0, =3.0.0, =3.0.0, =1.0.1, =1.0.2 and more Source cves: CVE-2026-25544 Source advisory: OSV:GHSA-XX6W-JXG9-2WH8...
@adenta/cms (>=0.0.6 <=1.1.1-0), @anjy7/navbar-cms (=0.0.5) +21 more potentially affected by CVE-2026-25544 via @payloadcms/next (>=3.0.0-alpha.46 <=3.73.0-internal.783bc97)
@payloadcms/next NPM version =3.0.0-alpha.46, =0.0.6, =0.1.2, =1.0.2, =0.1.0, =3.2.0, =0.2.0, =1.0.54, =0.1.0, =0.1.4, =1.0.0, =0.0.5, =0.0.1, =0.0.4 and more Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSNEXT-15240192...
@adenta/cms (>=0.0.6 <=1.1.1-0), @anjy7/navbar-cms (=0.0.5) +8 more potentially affected by CVE-2026-25544 via @payloadcms/db-postgres (>=3.0.0-alpha.46 <=3.61.0)
@payloadcms/db-postgres NPM version =3.0.0-alpha.46, =0.0.6, =1.0.0, =0.0.5, =0.0.1, =0.0.9-alpha.52, =0.0.5, =1.0.3 - npm-payload-test =2.6.4 - payload-auth-plugin =0.7.5 Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSDBPOSTGRES-15240187...
@ainsleydev/payload-helper (>=0.0.6 <=0.1.2), @davincicoding/payload-plugin-kit (=0.0.4) +9 more potentially affected by CVE-2026-25544 via @payloadcms/db-sqlite (>=3.0.0-beta.116 <=3.72.0)
@payloadcms/db-sqlite NPM version =3.0.0-beta.116, =0.0.6, =1.1.10, =1.2.0 - payload-smart-deletion =1.0.7 - simple-shop =1.0.0 Source cves: CVE-2026-25544 Source advisory: SNYK:JS-PAYLOADCMSDBSQLITE-15240188...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-25520 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-25520 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15248295...
@enclave-vm/broker (>=0.0.1 <=2.10.0), @enclave-vm/runtime (>=0.0.1 <=2.10.0) potentially affected by CVE-2026-25533 via @enclave-vm/core (>=0.0.1 <=2.10.0)
@enclave-vm/core NPM version =0.0.1, =0.0.1, =0.0.1, =2.10.0 Source cves: CVE-2026-25533 Source advisory: OSV:GHSA-X39W-8VM5-5M3P...
@frontmcp/adapters (>=0.5.0 <=0.8.0), @frontmcp/plugin-approval (>=0.7.1 <=0.8.0) +9 more potentially affected by CVE-2026-25533 via enclave-vm (>=1.0.3 <=2.7.0)
enclave-vm NPM version =1.0.3, =0.5.0, =0.7.1, =0.7.1, =0.7.1, =0.7.1, =0.7.1, =0.5.0, =0.5.0, =0.5.0, =0.6.1, =0.8.0 - frontmcp =0.5.0 Source cves: CVE-2026-25533 Source advisory: SNYK:JS-ENCLAVEVM-15248348...
@frontmcp/adapters (>=0.5.0 <=0.8.0), @frontmcp/plugin-approval (>=0.7.1 <=0.8.0) +9 more potentially affected by CVE-2026-25533 via enclave-vm (>=1.0.3 <=2.7.0)
enclave-vm NPM version =1.0.3, =0.5.0, =0.7.1, =0.7.1, =0.7.1, =0.7.1, =0.7.1, =0.5.0, =0.5.0, =0.5.0, =0.6.1, =0.8.0 - frontmcp =0.5.0 Source cves: CVE-2026-25533 Source advisory: OSV:GHSA-X39W-8VM5-5M3P...
@enclave-vm/broker (=2.10.0), @enclave-vm/runtime (=2.10.0) potentially affected by CVE-2026-25533 via @enclave-vm/core (=2.10.0)
@enclave-vm/core NPM version =2.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @enclave-vm/core and may be impacted: - @enclave-vm/broker =2.10.0 - @enclave-vm/runtime =2.10.0 Source cves: CVE-2026-25533 Source advisory:...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2026-25516 via nicegui (>=0.9.11 <=3.6.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2026-25516 Source advisory: OSV:GHSA-V82V-C5X8-W282...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2026-25516 via nicegui (>=3.0.4 <=3.6.1)
nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2026-25516 Source advisory: SNYK:PYTHON-NICEGUI-15248174...
openmls (>=0.4.0-pre.1 <=0.4.0-pre.2), openmls_evercrypt (>=0.1.0-pre.1 <=0.1.0-pre.2) +2 more potentially affected by unknown CVE via hpke-rs (=0.1.2)
hpke-rs CARGO version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on hpke-rs and may be impacted: - openmls =0.4.0-pre.1, =0.1.0-pre.1, =0.1.0, =0.3.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0071...