26517 matches found
@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23967 via sm-crypto (>=0.0.9 <=0.3.13)
sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23967 Source advisory: OSV:GHSA-QV7W-V773-3XQM...
@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23967 via sm-crypto (>=0.0.9 <=0.3.13)
sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23967 Source advisory: SNYK:JS-SMCRYPTO-15060560...
cn.herodotus.engine:oauth2-authentication-autoconfigure (>=3.5.5.3 <=3.5.6.2), cn.herodotus.engine:oauth2-authorization-server-autoconfigure (>=3.3.0.5 <=3.5.5.2) +2 more potentially affected by CVE-2026-23967 via org.webjars.npm:sm-crypto (=0.3.13)
org.webjars.npm:sm-crypto MAVEN version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:sm-crypto and may be impacted: - cn.herodotus.engine:oauth2-authentication-autoconfigure =3.5.5.3, =3.3.0.5, =3.3.0.5, =3.5.5.3, =3.5.6.2...
@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23966 via sm-crypto (>=0.0.9 <=0.3.13)
sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23966 Source advisory: SNYK:JS-SMCRYPTO-15054679...
cn.herodotus.engine:oauth2-authentication-autoconfigure (>=3.5.5.3 <=3.5.6.2), cn.herodotus.engine:oauth2-authorization-server-autoconfigure (>=3.3.0.5 <=3.5.5.2) +2 more potentially affected by CVE-2026-23966 via org.webjars.npm:sm-crypto (=0.3.13)
org.webjars.npm:sm-crypto MAVEN version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:sm-crypto and may be impacted: - cn.herodotus.engine:oauth2-authentication-autoconfigure =3.5.5.3, =3.3.0.5, =3.3.0.5, =3.5.5.3, =3.5.6.2...
@arkxos/arkos-app-gateway-manage (=0.1.0), @arkxos/arkos-app-system (>=0.1.0 <=0.1.1) +80 more potentially affected by CVE-2026-23966 via sm-crypto (>=0.0.9 <=0.3.13)
sm-crypto NPM version =0.0.9, =0.1.0, =1.0.30, =0.1.26, =1.0.0, =1.0.0, =1.0.9, =1.0.1, =1.1.1, =3.0.0, =4.0.0, =4.3.0 and more Source cves: CVE-2026-23966 Source advisory: OSV:GHSA-PGX9-497M-6C4V...
@aexol/opencode-tui (>=0.2.5 <=0.2.10), @alcyone-labs/arg-parser (>=2.11.0 <=2.13.4) +90 more potentially affected by CVE-2026-23737 via seroval (>=1.0.7 <=1.3.2)
seroval NPM version =1.0.7, =0.2.5, =2.11.0, =1.0.0, =1.1.54, =1.1.54, =1.0.24, =0.1.0, =0.3.0, =1.0.0, =1.1.1 - @gettrace/agent =1.0.0 and more Source cves: CVE-2026-23737 Source advisory: SNYK:JS-SEROVAL-15054506...
@aexol/opencode-tui (>=0.2.5 <=0.2.10), @agent-embed/js (>=0.0.1 <=0.0.45) +292 more potentially affected by CVE-2026-23737 via seroval (>=0.10.4 <=1.3.2)
seroval NPM version =0.10.4, =0.2.5, =0.0.1, =2.11.0, =1.0.0, =0.0.1, =0.0.1, =0.0.7, =0.0.1, =0.0.1, =1.0.0, =0.1.26, =0.0.1, =1.1.54, =1.1.55 and more Source cves: CVE-2026-23737 Source advisory: OSV:GHSA-3RXJ-6CGF-8CFW...
org.webjars.npm:solid-js (=1.9.5) potentially affected by CVE-2026-23737 via org.webjars.npm:seroval (=1.2.1)
org.webjars.npm:seroval MAVEN version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:seroval and may be impacted: - org.webjars.npm:solid-js =1.9.5 Source cves: CVE-2026-23737 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15054507...
@aexol/opencode-tui (>=0.2.5 <=0.2.10), @agent-embed/js (>=0.0.1 <=0.0.45) +292 more potentially affected by CVE-2026-23736 via seroval (>=0.10.4 <=1.3.2)
seroval NPM version =0.10.4, =0.2.5, =0.0.1, =2.11.0, =1.0.0, =0.0.1, =0.0.1, =0.0.7, =0.0.1, =0.0.1, =1.0.0, =0.1.26, =0.0.1, =1.1.54, =1.1.55 and more Source cves: CVE-2026-23736 Source advisory: OSV:GHSA-HJ76-42VX-JWP4...
org.webjars.npm:solid-js (=1.9.5) potentially affected by CVE-2026-23736 via org.webjars.npm:seroval (=1.2.1)
org.webjars.npm:seroval MAVEN version =1.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:seroval and may be impacted: - org.webjars.npm:solid-js =1.9.5 Source cves: CVE-2026-23736 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15054524...
@aexol/opencode-tui (>=0.2.5 <=0.2.10), @alcyone-labs/arg-parser (>=2.11.0 <=2.13.4) +90 more potentially affected by CVE-2026-23736 via seroval (>=1.0.7 <=1.3.2)
seroval NPM version =1.0.7, =0.2.5, =2.11.0, =1.0.0, =1.1.54, =1.1.54, =1.0.24, =0.1.0, =0.3.0, =1.0.0, =1.1.1 - @gettrace/agent =1.0.0 and more Source cves: CVE-2026-23736 Source advisory: SNYK:JS-SEROVAL-15054523...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +137 more potentially affected by CVE-2025-14083 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.5)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2025-14083 Source advisory:...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +149 more potentially affected by CVE-2025-14559 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.4.7)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.1.7 and more Source cves: CVE-2025-14559 Source advisory: OSV:GHSA-WV3H-X6C4-R867...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +137 more potentially affected by CVE-2026-1035 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.2.5)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.1, =1.0.2 - com.kleegroup.accelerator:accelerator-security-keycloakmfa =1.0.1 and more Source cves: CVE-2026-1035 Source advisory:...
@orval/angular (>=8.0.0 <=8.0.1), @orval/axios (>=8.0.0 <=8.0.1) +9 more potentially affected by CVE-2026-23947 +1 more via @orval/core (>=8.0.0-rc.0 <=8.0.1)
@orval/core NPM version =8.0.0-rc.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.1 Source cves: CVE-2026-23947, CVE-2026-25141 Source advisory: OSV:GHSA-H526-WF6G-67JV...
@beshkenadze/orval-mcp (=7.11.2-fix.2), @dohyper/cli.hyper (>=0.0.1 <=0.0.10) +26 more potentially affected by CVE-2026-23947 +1 more via @orval/core (>=6.11.0-alpha.1 <=7.18.0)
@orval/core NPM version =6.11.0-alpha.1, =0.0.1, =0.0.0-20240306223335, =1.0.0, =0.1.0, =1.0.0, =1.2.0, =1.9.101, =1.9.101, =6.11.0, =6.11.0, =6.30.0, =6.26.0, =7.18.0 and more Source cves: CVE-2026-23947, CVE-2026-25141 Source advisory: OSV:GHSA-H526-WF6G-67JV...
@kimuson/claude-code-viewer (>=0.4.2 <=0.5.9), @netlify/agent-runner-cli (>=1.31.0 <=1.58.1-alpha) +14 more potentially affected by CVE-2026-21852 via @anthropic-ai/claude-code (>=2.0.0 <=2.0.64)
@anthropic-ai/claude-code NPM version =2.0.0, =0.4.2, =1.31.0, =0.0.1-rc.1, =0.12.0, =0.5.2, =0.12.1, =0.0.0, =0.1.2, =0.11.1, =0.11.0, =1.0.0, =0.10.2, =0.11.5-2 and more Source cves: CVE-2026-21852 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-15046268...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +234 more potentially affected by CVE-2026-21852 via @anthropic-ai/claude-code (>=0.2.126 <=2.0.64)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2026-21852 Source advisory: OSV:GHSA-JH7P-QR78-84P7...
@abuiles/vite-plugin (>=1.8.0 <=1.10.0), @anyauth/design-system (>=0.5.0 <=0.5.1) +18 more potentially affected by CVE-2026-0933 via wrangler (>=4.0.0 <=4.59.0)
wrangler NPM version =4.0.0, =1.8.0, =0.5.0, =12.6.6, =0.1.11, =0.8.0, =0.2.0, =0.0.0, =0.0.0-snapshot-0ac76b86f5045e62447317d6844f3c9c364df5e8, =1.0.6, =0.16.0, =0.37.0, =0.37.0, =0.1.0, =0.2.9 and more Source cves: CVE-2026-0933 Source advisory: SNYK:JS-WRANGLER-15046269...
@astrojs/cloudflare (=0.4.0), @cfpreview/pages-e2e-test-runner-cli (>=0.0.1 <=0.0.8) +20 more potentially affected by CVE-2026-0933 via wrangler (>=2.0.23 <=3.114.1)
wrangler NPM version =2.0.23, =0.0.1, =1.0.387, =0.5.41, =2.1.0, =0.0.0-next-20230221055802, =1.0.0, =0.0.3, =0.0.47, =1.0.0, =1.0.0, =0.1.1, =0.1.106 and more Source cves: CVE-2026-0933 Source advisory: SNYK:JS-WRANGLER-15046269...
2jcie-ble-decode (>=0.0.1 <=0.1.0), @agc93/pak-reader (>=0.0.1 <=0.0.3) +161 more potentially affected by CVE-2026-1245 via binary-parser (>=1.1.5 <=2.2.1)
binary-parser NPM version =1.1.5, =0.0.1, =0.0.1, =0.38.0, =0.38.0, =0.38.0, =0.30.0-beta.1, =0.38.0, =0.38.0, =0.38.0, =0.0.1, =1.0.0, =0.4.41, =0.5.2 - @emergencyx/e4p =1.1.1 - @eschoellhorn/deadlights =0.6.0 and more Source cves: CVE-2026-1245 Source advisory: OSV:GHSA-M39P-34QH-RH3W...
@dylan1951/polywallet (>=0.22.0 <=0.28.0) potentially affected by CVE-2025-66692 via @trustwallet/wallet-core (=4.3.6)
@trustwallet/wallet-core NPM version =4.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on @trustwallet/wallet-core and may be impacted: - @dylan1951/polywallet =0.22.0, =0.28.0 Source cves: CVE-2025-66692 Source advisory:...
aegis-game (>=2.0.0 <=2.9.9), bittrade-binance-websocket (>=0.2.3 <=0.4.8) +28 more potentially affected by CVE-2025-66902 via websocket-server (>=0.4.0 <=0.6.4)
websocket-server PYPI version =0.4.0, =2.0.0, =0.2.3, =0.1.7, =0.2.0, =0.1.0, =0.1.1, =0.1.0, =0.7.0, =0.0.11, =0.2.0, =0.2.39 and more Source cves: CVE-2025-66902 Source advisory: SNYK:PYTHON-WEBSOCKETSERVER-15046798...
@alephium/cli (>=0.38.0 <=0.45.0), @alephium/get-extension-wallet (>=0.38.0 <=0.45.0) +19 more potentially affected by CVE-2026-1245 via binary-parser (>=2.0.3 <=2.2.1)
binary-parser NPM version =2.0.3, =0.38.0, =0.38.0, =0.38.0, =0.30.0-beta.1, =0.38.0, =0.38.0, =0.38.0, =0.22.0, =0.0.2, =1.4.1, =0.8.0, =1.13.0, =1.0.0, =2.1.1 and more Source cves: CVE-2026-1245 Source advisory: SNYK:JS-BINARYPARSER-15046328...
@bagisto-native/core (=1.0.2), @bagisto-native/react (>=1.0.0 <=1.0.1) potentially affected by CVE-2025-66803 via @hotwired/turbo (=8.0.17)
@hotwired/turbo NPM version =8.0.17 is affected by a known vulnerability. The following packages have a transitive dependency on @hotwired/turbo and may be impacted: - @bagisto-native/core =1.0.2 - @bagisto-native/react =1.0.0, =1.0.1 Source cves: CVE-2025-66803 Source advisory:...
abjad (>=3.20.0 <=3.31.0), abjad-ext-nauert (>=3.20.0 <=3.21.0) +2179 more potentially affected by CVE-2025-56005 via ply (>=3.10.0 <=3.8.0)
ply PYPI version =3.10.0, =3.20.0, =3.20.0, =3.20.0, =1.1.0, =0.1.0.post1, =0.5.1, =4.2.0, =1.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2025-56005 Source advisory: SNYK:PYTHON-PLY-15046763...
chatterbot-voice (>=0.1.3 <=0.1.5), shynabot (=0.0.1) +1 more potentially affected by CVE-2026-23842 via chatterbot (>=0.6.3 <=1.0.4)
chatterbot PYPI version =0.6.3, =0.1.3, =0.1.5 - shynabot =0.0.1 - shynataskmanager =0.0.1 Source cves: CVE-2026-23842 Source advisory: OSV:GHSA-V4W8-49PV-MF72...
br.com.jarch:jarch-apt (>=20.3.0 <=24.1.0), br.com.jarch:jarch-core (>=20.3.0 <=24.1.0) +15 more potentially affected by CVE-2025-64087 via fr.opensagres.xdocreport:fr.opensagres.xdocreport.template.freemarker (>=0.9.5 <=2.1.0)
fr.opensagres.xdocreport:fr.opensagres.xdocreport.template.freemarker MAVEN version =0.9.5, =20.3.0, =20.3.0, =2.23.5, =24.2.0, =23.1.0, =2.23.0, =1.0.4, =1.0.2, =1.0.1, =1.3.0, =1.3.0, =0.9.5, =1.0.6-1, =2.0.0-M3, =1.16.0, =1.16.2 and more Source cves: CVE-2025-64087 Source advisory:...
br.com.jarch:jarch-apt (>=20.3.0 <=24.1.0), br.com.jarch:jarch-core (>=20.3.0 <=24.1.0) +50 more potentially affected by CVE-2025-65482 via fr.opensagres.xdocreport:fr.opensagres.xdocreport.document (>=0.9.2 <=2.0.3)
fr.opensagres.xdocreport:fr.opensagres.xdocreport.document MAVEN version =0.9.2, =20.3.0, =20.3.0, =2.23.5, =24.2.0, =23.1.0, =2.23.0, =2.0, =2.0, =2.0, =2.2.4, =2.0, =2.2.4, =2.2.4, =2.2.4, =2.2.7 and more Source cves: CVE-2025-65482 Source advisory: OSV:GHSA-7JC7-G598-2P64...
actpdf (>=0.1.0 <=0.12.0), agenticmem (>=0.1.4.1 <=0.1.5.0) +200 more potentially affected by CVE-2025-68616 via weasyprint (>=0.28.0 <=67.0.0)
weasyprint PYPI version =0.28.0, =0.1.0, =0.1.4.1, =0.5.0, =0.1.1, =0.1.1, =0.1.0, =0.5.0, =1.1.0, =0.1.0, =0.7.0, =0.10.0a68 and more Source cves: CVE-2025-68616 Source advisory: OSV:GHSA-983W-RHVV-GWMV...
br.com.jarch:jarch-apt (>=20.3.0 <=24.1.0), br.com.jarch:jarch-core (>=20.3.0 <=24.1.0) +15 more potentially affected by CVE-2025-64087 via fr.opensagres.xdocreport:fr.opensagres.xdocreport.template.freemarker (>=0.9.5 <=2.1.0)
fr.opensagres.xdocreport:fr.opensagres.xdocreport.template.freemarker MAVEN version =0.9.5, =20.3.0, =20.3.0, =2.23.5, =24.2.0, =23.1.0, =2.23.0, =1.0.4, =1.0.2, =1.0.1, =1.3.0, =1.3.0, =0.9.5, =1.0.6-1, =2.0.0-M3, =1.16.0, =1.16.2 and more Source cves: CVE-2025-64087 Source advisory:...
br.com.jarch:jarch-apt (>=20.3.0 <=24.1.0), br.com.jarch:jarch-core (>=20.3.0 <=24.1.0) +32 more potentially affected by CVE-2025-65482 via fr.opensagres.xdocreport:fr.opensagres.xdocreport.document.docx (>=0.9.5 <=2.2.0)
fr.opensagres.xdocreport:fr.opensagres.xdocreport.document.docx MAVEN version =0.9.5, =20.3.0, =20.3.0, =2.23.5, =24.2.0, =23.1.0, =2.23.0, =2.0, =2.0, =2.0, =2.2.4, =2.0, =2.2.4, =2.2.4, =2.2.4, =2.2.7 and more Source cves: CVE-2025-65482 Source advisory: SNYK:JAVA-FROPENSAGRESXDOCREPORT-1504671...
cn.sparrowmini:sparrow-keycloak-adapter (>=0.0.1 <=0.0.2), com.abavilla:fpi-bot-api (>=1.5.1 <=1.8.0) +232 more potentially affected by CVE-2026-1180 via org.keycloak:keycloak-adapter-core (>=1.0-alpha-1 <=25.0.3)
org.keycloak:keycloak-adapter-core MAVEN version =1.0-alpha-1, =0.0.1, =1.5.1, =1.5.1, =1.6.2, =1.6.2, =1.5.2, =1.5.2, =1.7.2, =1.7.2, =1.0.22, =1.0.22, =1.4.3, =1.4.3, =1.2.9, =1.2.9, =1.5.0 and more Source cves: CVE-2026-1180 Source advisory: OSV:GHSA-7VW6-5Q2F-7W5R...
10minions-engine (>=0.0.1 <=0.0.4), 3ui (>=0.1.0 <=0.1.8) +1277 more potentially affected by CVE-2026-12866 via expr-eval (>=0.12.0 <=2.0.2)
expr-eval NPM version =0.12.0, =0.0.1, =0.1.0, =1.0.2, =1.2.0, =1.0.0, =0.1.4, =0.0.1, =0.4.2, =0.2.3, =0.2.4 - @activepieces/piece-apitable =0.1.5 and more Source cves: CVE-2026-12866 Source advisory: SNYK:JS-EXPREVAL-15054690...
@beshkenadze/orval-mcp (=7.11.2-fix.2), @orval/angular (>=7.10.0 <=7.18.0) +11 more potentially affected by CVE-2026-23947 via @orval/core (>=7.10.0 <=7.18.0)
@orval/core NPM version =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =1.0.1, =7.10.0, =7.10.0, =7.13.2 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...
@orval/angular (>=8.0.0 <=8.0.1), @orval/axios (>=8.0.0 <=8.0.1) +9 more potentially affected by CVE-2026-23947 via @orval/core (>=8.0.0-rc.0 <=8.0.1)
@orval/core NPM version =8.0.0-rc.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.1 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...
org.webjars.npm:canvas (>=2.5.0 <=2.6.0), org.webjars.npm:color-thief (=2.2.5) +12 more potentially affected by CVE-2026-23950 via org.webjars.npm:tar (>=0.1.20 <=4.4.19)
org.webjars.npm:tar MAVEN version =0.1.20, =2.5.0, =0.97.5, =0.2.0, =3.4.0, =0.6.19, =2.0.0, =3.1.4, =3.4.1 - org.webjars.npm:tar.gz =1.0.7 Source cves: CVE-2026-23950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15038582...
0pflow (>=0.1.0-dev.0de2bc6 <=0.1.0-dev.f5622ac), 10t-images-to-pdf (=1.0.3) +13747 more potentially affected by CVE-2026-23950 via tar (>=7.0.0 <=7.5.3)
tar NPM version =7.0.0, =0.1.0-dev.0de2bc6, =0.2.0, =0.0.1, =3.1.2, =1.0.1, =4.11.0, =1.0.1, =1.31.1, =2.0.0, =0.1.0, =0.1.0, =1.7.0-beta.7, =1.7.0-beta.58 - @0x706b/tsplus-installer =0.0.190 and more Source cves: CVE-2026-23950 Source advisory: SNYK:JS-TAR-15038581...
agentengine-sdk-python (>=0.2.0 <=0.4.0), agentic-chat-ui (>=0.1.0 <=0.2.4) +45 more potentially affected by CVE-2026-22219 via chainlit (>=1.0.0 <=2.6.3)
chainlit PYPI version =1.0.0, =0.2.0, =0.1.0, =0.3.0, =0.0.3, =0.14.0, =0.0.0, =0.1.1, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =0.1.0, =0.1.2 and more Source cves: CVE-2026-22219 Source advisory: OSV:GHSA-2G59-M95P-PGFQ...
agentengine-sdk-python (>=0.2.0 <=0.4.0), agentic-chat-ui (>=0.1.0 <=0.2.4) +42 more potentially affected by CVE-2026-22219 via chainlit (>=2.0.0 <=2.6.3)
chainlit PYPI version =2.0.0, =0.2.0, =0.1.0, =0.3.0, =0.0.3, =0.14.0, =0.0.0, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =0.1.1, =0.1.0, =1.3.0 and more Source cves: CVE-2026-22219 Source advisory: SNYK:PYTHON-CHAINLIT-15037182...
shynabot (=0.0.1), shynataskmanager (=0.0.1) potentially affected by CVE-2026-23842 via chatterbot (=1.0.4)
chatterbot PYPI version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on chatterbot and may be impacted: - shynabot =0.0.1 - shynataskmanager =0.0.1 Source cves: CVE-2026-23842 Source advisory: SNYK:PYTHON-CHATTERBOT-15038747...
@cmmn/tools (>=3.0.0-alpha-1 <=3.0.0-alpha-6) potentially affected by CVE-2026-22037 via @fastify/express (=4.0.2)
@fastify/express NPM version =4.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @fastify/express and may be impacted: - @cmmn/tools =3.0.0-alpha-1, =3.0.0-alpha-6 Source cves: CVE-2026-22037 Source advisory: SNYK:JS-FASTIFYEXPRESS-15038741...
actpdf (>=0.1.0 <=0.12.0), agenticmem (>=0.1.4.1 <=0.1.5.0) +200 more potentially affected by CVE-2025-68616 via weasyprint (>=0.28.0 <=67.0.0)
weasyprint PYPI version =0.28.0, =0.1.0, =0.1.4.1, =0.5.0, =0.1.1, =0.1.1, =0.1.0, =0.5.0, =1.1.0, =0.1.0, =0.7.0, =0.10.0a68 and more Source cves: CVE-2025-68616 Source advisory: SNYK:PYTHON-WEASYPRINT-15035957...
@bechara/crux (>=6.0.0 <=6.6.2), @cappa/cli (>=0.1.0 <=0.4.3) +10 more potentially affected by CVE-2026-22031 via @fastify/middie (>=9.0.2 <=9.0.3)
@fastify/middie NPM version =9.0.2, =6.0.0, =0.1.0, =0.1.0, =1.0.0, =1.0.11, =0.1.51, =1.0.36, =11.0.0, =1.3.0, =5.0.0, =0.6.1-dev, =1.1.48 Source cves: CVE-2026-22031 Source advisory: SNYK:JS-FASTIFYMIDDIE-15038725...
scalyc (>=0.0.2 <=0.0.5) potentially affected by unknown CVE via scaly (>=0.0.2 <=0.0.5)
scaly CARGO version =0.0.2, =0.0.2, =0.0.5 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0080...
ai.hyacinth.framework:core-service-jpa-support (>=0.5.2 <=0.5.21), ai.hyacinth.framework:core-service-trigger-server (>=0.5.2 <=0.5.21) +3479 more potentially affected by CVE-2026-0603 via org.hibernate:hibernate-core (>=5.0.0.Beta1 <=5.3.37.Final)
org.hibernate:hibernate-core MAVEN version =5.0.0.Beta1, =0.5.2, =0.5.2, =1.0.0, =1.0.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.6 and more Source cves: CVE-2026-0603 Source advisory: SNYK:JAVA-ORGHIBERNATE-15038759...
org.apache.linkis:linkis-public-enhancements (>=1.0.3 <=1.7.0) potentially affected by CVE-2025-59355 via org.apache.linkis:linkis-metadata (>=1.0.3 <=1.7.0)
org.apache.linkis:linkis-metadata MAVEN version =1.0.3, =1.0.3, =1.7.0 Source cves: CVE-2025-59355 Source advisory: SNYK:JAVA-ORGAPACHELINKIS-15035880...
com.webank.wedatasphere.dss:dolphinscheduler-prod-metrics (>=1.1.2 <=1.2.2), com.webank.wedatasphere.dss:dss-apiservice-server (>=1.1.2 <=1.2.2) +166 more potentially affected by CVE-2025-29847 via org.apache.linkis:linkis-common (>=1.3.0 <=1.8.0)
org.apache.linkis:linkis-common MAVEN version =1.3.0, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.2.2 and more Source cves: CVE-2025-29847 Source advisory: SNYK:JAVA-ORGAPACHELINKIS-15035881https://vulners.com/snyk...
org.apache.linkis:linkis-public-enhancements (>=1.0.3 <=1.7.0) potentially affected by CVE-2025-59355 via org.apache.linkis:linkis-metadata (>=1.0.3 <=1.7.0)
org.apache.linkis:linkis-metadata MAVEN version =1.0.3, =1.0.3, =1.7.0 Source cves: CVE-2025-59355 Source advisory: OSV:GHSA-6VFR-P2HX-6V32...