26517 matches found
aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-6208 via llama-index-core (>=0.10.0 <=0.12.39)
llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-6208 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-15170850...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.1), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.1) +44 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.9 <=3.46.0.1)
ai.h2o:h2o-core MAVEN version =0.1.9, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.1 and more Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...
a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +946 more potentially affected by CVE-2025-10279 via mlflow (>=0.8.2 <=3.4.0)
mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2025-10279 Source advisory: OSV:GHSA-4X5P-F36R-MXXR...
ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.44.0.3), ai.h2o:h2o-algos (>=0.1.9 <=3.44.0.3) +45 more potentially affected by CVE-2024-5986 via ai.h2o:h2o-core (>=0.1.10 <=3.44.0.3)
ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.10.0.1, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.44.0.3 and more Source cves: CVE-2024-5986 Source advisory: SNYK:JAVA-AIH2O-15182774...
fluoriclogppka (>=0.1.0 <=0.2.7), h2o-wave-ml (>=0.3.0 <=0.5.0) +3 more potentially affected by CVE-2024-5986 via h2o (>=3.18.0.8 <=3.44.0.3)
h2o PYPI version =3.18.0.8, =0.1.0, =0.3.0, =0.4.5, =0.0.1, =0.0.102 - tsanalysis =0.1.0 Source cves: CVE-2024-5986 Source advisory: OSV:GHSA-WJ3H-WX8G-X699...
ai4data (=0.0.1), aihero (=0.3.1) +37 more potentially affected by CVE-2026-0599 via text-generation (>=0.6.1 <=0.7.0)
text-generation PYPI version =0.6.1, =3.0.0, =0.114.0, =0.0.1a7, =0.3.6.dev0, =0.0.1a8, =0.14.3, =2.0.0, =0.0.2, =0.1.4, =0.1.0, =0.1.10, =0.1.14 and more Source cves: CVE-2026-0599 Source advisory: OSV:GHSA-J7X9-7J54-2V3H...
a-gpt (>=0.1.0 <=0.4.0), abacuz (=0.1.1) +1061 more potentially affected by unknown CVE via git2 (>=0.10.0 <=0.1.21)
git2 CARGO version =0.10.0, =0.1.0, =1.1.0, =0.0.1, =0.3.0, =1.0.0, =0.1.0, =0.3.3 - amisgitpm =0.0.1 - amp =0.6.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0008...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +219 more potentially affected by CVE-2026-1518 via org.keycloak:keycloak-services (>=10.0.0 <=9.0.3)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =0.1, =0.1, =1.0.1, =0.1, =1.0.1, =0.1, =1.2.0, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +149 more potentially affected by CVE-2025-13881 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.4.7)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.1.7 and more Source cves: CVE-2025-13881 Source advisory: OSV:GHSA-G78X-7VWX-9F58...
amf-fast-inference (=0.0.1), artifex (>=0.7.0 <=0.11.0) +26 more potentially affected by CVE-2026-1839 via transformers (>=5.0.0 <=5.0.0rc2)
transformers PYPI version =5.0.0, =0.7.0, =0.0.10, =0.1.4, =4.9.0, =0.1.2, =1.7.10, =0.14.6, =0.2.0, =0.0.2, =5.2.0, =0.1.0, =0.3.0 and more Source cves: CVE-2026-1839 Source advisory: SNYK:PYTHON-TRANSFORMERS-15166618...
@recombine-ai/bosun (>=0.1.0 <=0.9.1), slimspec (>=0.0.1 <=0.0.3) potentially affected by unknown CVE via promptfoo (>=0.105.1 <=0.112.3)
promptfoo NPM version =0.105.1, =0.1.0, =0.0.1, =0.0.3 Source cves: unknown CVE Source advisory: SNYK:JS-PROMPTFOO-15202496...
01os (>=0.0.1 <=0.0.14), aaf (>=0.3.5 <=0.3.9) +598 more potentially affected by unknown CVE via litellm (>=1.0.0 <=1.80.11)
litellm PYPI version =1.0.0, =0.0.1, =0.3.5, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.1.0, =0.14.1a0, =0.4.1, =0.1.0, =0.4.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-LITELLM-15170825...
@backstage/plugin-search-backend-module-techdocs (>=0.4.9-next.0 <=0.4.9-next.1), @backstage/plugin-techdocs-backend (>=0.0.0-nightly-20251222025103 <=2.1.4-next.2) +2 more potentially affected by CVE-2026-25152 via @backstage/plugin-techdocs-node (>=1.0.0 <=1.13.11-next.0)
@backstage/plugin-techdocs-node NPM version =1.0.0, =0.4.9-next.0, =0.0.0-nightly-20251222025103, =0.11.13, =0.0.0-nightly-20241120023536, =1.10.4-next.2 Source cves: CVE-2026-25152 Source advisory: SNYK:JS-BACKSTAGEPLUGINTECHDOCSNODE-15166605...
@backstage/plugin-search-backend-module-techdocs (>=0.4.9-next.0 <=0.4.9-next.1), @backstage/plugin-techdocs-backend (>=0.0.0-nightly-20251222025103 <=2.1.4-next.2) +2 more potentially affected by CVE-2026-25153 via @backstage/plugin-techdocs-node (>=1.0.0 <=1.13.11-next.0)
@backstage/plugin-techdocs-node NPM version =1.0.0, =0.4.9-next.0, =0.0.0-nightly-20251222025103, =0.11.13, =0.0.0-nightly-20241120023536, =1.10.4-next.2 Source cves: CVE-2026-25153 Source advisory: SNYK:JS-BACKSTAGEPLUGINTECHDOCSNODE-15166604...
acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +274 more potentially affected by CVE-2025-69662 via geopandas (>=0.2.1 <=1.1.1)
geopandas PYPI version =0.2.1, =0.1.0, =0.0.1, =0.1.0, =0.8.3.dev267297206, =0.1.1, =0.2.0, =0.0.3, =1.1.8, =0.0.24, =0.0.10, =0.11.0, =0.1.0, =0.1.0, =0.1.21 and more Source cves: CVE-2025-69662 Source advisory: OSV:GHSA-6497-PRX7-GPMQ...
applier (>=0.1.0 <=0.4.0), elita (>=0.60.0 <=0.64.1) +1 more potentially affected by CVE-2025-62348 via salt (>=2014.1.10 <=3005.5.0)
salt PYPI version =2014.1.10, =0.1.0, =0.60.0, =2020.1.1, =2020.9.0 Source cves: CVE-2025-62348 Source advisory: OSV:GHSA-77W2-V593-VXVV...
acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +182 more potentially affected by CVE-2025-69662 via geopandas (>=1.0.0 <=1.1.1)
geopandas PYPI version =1.0.0, =0.1.0, =0.0.1, =0.8.3.dev267297206, =1.1.8, =0.0.10, =0.11.0, =2.1.0, =0.1.0, =0.1.0, =0.12.0, =1.0.0, =1.1.0 and more Source cves: CVE-2025-69662 Source advisory: SNYK:PYTHON-GEOPANDAS-15170839...
@orval/angular (>=7.1.0 <=7.20.0), @orval/axios (>=7.1.0 <=7.20.0) +10 more potentially affected by CVE-2026-25141 via @orval/core (>=7.19.0 <=7.20.0)
@orval/core NPM version =7.19.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.19.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =0.0.0, =7.1.0, =7.1.0, =7.1.1 Source cves: CVE-2026-25141 Source advisory: OSV:GHSA-GCH2-PHQH-FG9Q...
@bindercli/core (>=0.1.0 <=0.1.7), @localess/cli (>=3.0.1 <=3.0.5-dev.20260428203008) +20 more potentially affected by CVE-2026-23947 +1 more via @orval/core (>=8.0.0-rc.0 <=8.1.0)
@orval/core NPM version =8.0.0-rc.0, =0.1.0, =3.0.1, =8.0.0, =8.0.0, =8.14.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =6.11.0-alpha, =8.0.0, =8.0.0, =8.0.0, =0.5.0, =0.6.1 and more Source cves: CVE-2026-23947, CVE-2026-25141 Source advisory: SNYK:JS-ORVALCORE-15166600...
@beshkenadze/orval-mcp (=7.11.2-fix.2), @orval/angular (>=7.1.0 <=7.20.0) +12 more potentially affected by CVE-2026-23947 +1 more via @orval/core (>=7.10.0 <=7.20.0)
@orval/core NPM version =7.10.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =7.10.0, =7.1.0, =7.1.0, =7.1.0, =7.1.0, =1.0.1, =0.0.0, =7.1.0, =7.1.0, =7.13.2 Source cves: CVE-2026-23947, CVE-2026-25141 Source advisory: SNYK:JS-ORVALCORE-15166600...
@bindercli/core (>=0.1.0 <=0.1.7), @localess/cli (>=3.0.1 <=3.0.5-dev.20260428203008) +20 more potentially affected by CVE-2026-25141 via @orval/core (>=8.0.0 <=8.1.0)
@orval/core NPM version =8.0.0, =0.1.0, =3.0.1, =8.0.0, =8.0.0, =8.14.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =6.11.0-alpha, =8.0.0, =8.0.0, =8.0.0, =0.5.0, =0.6.1 and more Source cves: CVE-2026-25141 Source advisory: OSV:GHSA-GCH2-PHQH-FG9Q...
@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.9), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +990 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)
fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.7.1 and more Source cves: CVE-2026-25128 Source advisory: OSV:GHSA-37QJ-FRW5-HHJH...
heist-salt (>=1.0.0 <=5.3.1), isalt (>=2019.12.0 <=2021.2.2) +9 more potentially affected by CVE-2025-62348 via salt (=3007.14.0)
salt PYPI version =3007.14.0 is affected by a known vulnerability. The following packages have a transitive dependency on salt and may be impacted: - heist-salt =1.0.0, =2019.12.0, =2019.6.28a3, =2.6.2.dev0, =2020.7.0, =1.1.1, =22.9.8.0rc1, =0.3.2, =0.5.7 - slskit =2022.4.0 Source cves:...
@glarus-labs/vendure-social-auth (>=0.0.1 <=0.1.1), @grupo-loja/vendure-banner-plugin (=1.0.0) +96 more potentially affected by CVE-2026-25050 via @vendure/core (>=0.11.1 <=3.4.4)
@vendure/core NPM version =0.11.1, =0.0.1, =1.0.0, =1.0.4, =0.0.1, =1.0.3, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1, =2.2.3 and more Source cves: CVE-2026-25050 Source advisory: OSV:GHSA-6F65-4FV2-WWCH...
acs-nativity (>=0.1.0 <=0.1.4), aiearth-predict (>=0.0.1 <=0.0.2) +274 more potentially affected by CVE-2025-69662 via geopandas (>=0.2.1 <=1.1.1)
geopandas PYPI version =0.2.1, =0.1.0, =0.0.1, =0.1.0, =0.8.3.dev267297206, =0.1.1, =0.2.0, =0.0.3, =1.1.8, =0.0.24, =0.0.10, =0.11.0, =0.1.0, =0.1.0, =0.1.21 and more Source cves: CVE-2025-69662 Source advisory: OSV:PYSEC-2026-62...
@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.9), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +990 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)
fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.7.1 and more Source cves: CVE-2026-25128 Source advisory: SNYK:JS-FASTXMLPARSER-15155603...
com.codbex.atlas:codbex-atlas-application (>=2.108.0 <=2.110.0), com.codbex.hyperion:codbex-hyperion-application (>=2.71.0 <=2.72.0) +11 more potentially affected by CVE-2026-25128 via org.webjars.npm:fast-xml-parser (>=5.2.5 <=5.8.0)
org.webjars.npm:fast-xml-parser MAVEN version =5.2.5, =2.108.0, =2.71.0, =2.70.0, =5.0.0, =5.0.0, =12.91.0, =12.91.0, =12.91.0, =12.91.0, =2.0.0, =2.5.0 Source cves: CVE-2026-25128 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15155604...
@semic/testing (=2.2.11), @vendure/dashboard (>=3.2.2 <=3.4.4) potentially affected by CVE-2026-25050 via @vendure/core (>=3.0.0 <=3.4.4)
@vendure/core NPM version =3.0.0, =3.2.2, =3.4.4 Source cves: CVE-2026-25050 Source advisory: SNYK:JS-VENDURECORE-15166603...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-4027 Source advisory: OSV:GHSA-33HJ-RCMX-86MV...
io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (=2.4.0.Alpha1)
io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...
io.github.rzo1.org.apache.cxf:apache-cxf (=4.2.0-tomee-m0-071068f), io.github.rzo1.org.apache.cxf:cxf-distribution-javadoc (=4.2.0-tomee-m0-071068f) +9 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (=2.4.0.Alpha1)
io.undertow:undertow-core MAVEN version =2.4.0.Alpha1 is affected by a known vulnerability. The following packages have a transitive dependency on io.undertow:undertow-core and may be impacted: - io.github.rzo1.org.apache.cxf:apache-cxf =4.2.0-tomee-m0-071068f -...
africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +3482 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=1.0.0.Alpha1 <=2.2.38.Final)
io.undertow:undertow-core MAVEN version =1.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =0.4.0, =2.0.0, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-4027 Source advisory: OSV:GHSA-33HJ-RCMX-86MV...
africa.absa:inception-application (>=1.0.0 <=1.2.0), app.fmgp:scala-did-docs_3 (>=0.1.0-M16 <=0.1.0-M33) +2475 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.0.0.Alpha1 <=2.2.38.Final)
io.undertow:undertow-core MAVEN version =2.0.0.Alpha1, =1.0.0, =0.1.0-M16, =1.0.0, =1.0.1, =1.0.2, =1.0.0, =1.2.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1 and more Source cves: CVE-2024-4027 Source advisory: SNYK:JAVA-IOUNDERTOW-15166617...
app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:deder-publish-example_3 (=0.0.1) +1362 more potentially affected by CVE-2024-4027 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.20.Final)
io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.10.0, =0.0.7, =1.1.15, =1.0.6, =1.0.6, =1.0.6, =2.0.1, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =1.0.6, =2.1.1 and more Source cves: CVE-2024-4027 Source advisory: SNYK:JAVA-IOUNDERTOW-15166617...
lightspeed-stack (>=0.1.1 <=0.4.2), lightspeed-stack-providers (>=0.1.10 <=0.4.3) +5 more potentially affected by CVE-2026-25211 via llama-stack (>=0.2.10.1 <=0.4.3)
llama-stack PYPI version =0.2.10.1, =0.1.1, =0.1.10, =1.0.1, =0.3.4, =0.1.0, =0.2.0, =0.3.0a0 Source cves: CVE-2026-25211 Source advisory: OSV:GHSA-XMFJ-7PP5-FXR6...
lightspeed-stack (>=0.1.1 <=0.4.0), lightspeed-stack-providers (>=0.1.10 <=0.1.18) +5 more potentially affected by CVE-2026-25211 via llama-stack (>=0.2.10.1 <=0.3.5)
llama-stack PYPI version =0.2.10.1, =0.1.1, =0.1.10, =1.0.1, =0.3.4, =0.1.0, =0.2.0, =0.3.0a0 Source cves: CVE-2026-25211 Source advisory: SNYK:PYTHON-LLAMASTACK-15166608...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71009 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71009 Source advisory: SNYK:PYTHON-ONEFLOW-15147049...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71008 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71008 Source advisory: SNYK:PYTHON-ONEFLOW-15162558...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71011 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71011 Source advisory: SNYK:PYTHON-ONEFLOW-15162560...
@applica-software-guru/cnc-bit-configurator (>=1.0.2 <=1.1.29), @damsenviet/keybits (>=0.0.0 <=0.0.2) +10 more potentially affected by CVE-2026-24888 via makerjs (>=0.11.2 <=0.18.2)
makerjs NPM version =0.11.2, =1.0.2, =0.0.0, =1.0.0, =1.1.0, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.2, =1.0.9 Source cves: CVE-2026-24888 Source advisory: SNYK:JS-MAKERJS-15155931...
autoxx (>=0.0.11 <=0.0.13), vuln-demo-math-ops (=1.0.0) potentially affected by CVE-2026-24780 via agpt (=0.2.2)
agpt PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on agpt and may be impacted: - autoxx =0.0.11, =0.0.13 - vuln-demo-math-ops =1.0.0 Source cves: CVE-2026-24780 Source advisory: OSV:GHSA-R277-3XC5-C79V...
@cedarjs/api-server (>=1.0.0-canary.12863 <=3.0.0-canary.13332), @cedarjs/cli (>=1.0.0-canary.12863 <=3.0.0-canary.13332) +10 more potentially affected by CVE-2026-23864 via react-server-dom-webpack (>=19.2.1 <=19.2.3)
react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...
@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +18 more potentially affected by CVE-2026-23864 via react-server-dom-webpack (>=19.0.0 <=19.0.1)
react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71006 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71006 Source advisory: SNYK:PYTHON-ONEFLOW-15162562...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71007 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71007 Source advisory: SNYK:PYTHON-ONEFLOW-15162564...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71004 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71004 Source advisory: SNYK:PYTHON-ONEFLOW-15162566...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71005 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71005 Source advisory: SNYK:PYTHON-ONEFLOW-15162570...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71003 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71003 Source advisory: SNYK:PYTHON-ONEFLOW-15162568...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71002 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71002 Source advisory: SNYK:PYTHON-ONEFLOW-15162572...
flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71000 via oneflow (=0.9.0)
oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71000 Source advisory: SNYK:PYTHON-ONEFLOW-15162574...