26517 matches found
@nocobase/devtools (>=2.0.0-alpha.2 <=2.0.0-alpha.51), @nocobase/server (>=2.0.0-alpha.2 <=2.0.0-alpha.51) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=2.0.0-alpha.10 <=2.0.0-alpha.51)
@nocobase/auth NPM version =2.0.0-alpha.10, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.51 Source cves: CVE-2025-13877 Source advisory: OSV:GHSA-MV7P-34FV-4874...
@nocobase/app (>=1.0.0-alpha.1 <=1.4.0-alpha.20240914095808), @nocobase/cli (>=1.0.0-alpha.1 <=1.4.0-alpha.20240914095808) +3 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=1.0.0-alpha.1 <=1.9.0-beta.17)
@nocobase/auth NPM version =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.9.0-beta.17 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...
@nocobase/devtools (>=1.9.0 <=1.9.21), @nocobase/server (>=1.9.0 <=1.9.21) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=1.9.0 <=1.9.21)
@nocobase/auth NPM version =1.9.0, =1.9.0, =1.9.0, =1.9.0, =1.9.21 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...
@nocobase/devtools (>=2.0.0-alpha.2 <=2.0.0-alpha.51), @nocobase/server (>=2.0.0-alpha.2 <=2.0.0-alpha.51) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=2.0.0-alpha.2 <=2.0.0-alpha.51)
@nocobase/auth NPM version =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.51 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...
com.zgamelogic:spring-boot-starter-discord (>=5.0.2 <=5.0.4), enterprises.iwakura:jda-interactables (>=2.0.0 <=2.1.2) +7 more potentially affected by unknown CVE via net.dv8tion:JDA (>=6.0.0 <=6.1.0)
net.dv8tion:JDA MAVEN version =6.0.0, =5.0.2, =2.0.0, =1.2.0, =2.0.0-rc.2 - io.github.freya022:BotCommands =3.0.0-beta.7 - io.github.freya022:BotCommands-core =3.0.0-beta.7 - io.github.freya022:BotCommands-jda-ktx =3.0.0-beta.7 - io.github.freya022:BotCommands-spring =3.0.0-beta.7 -...
@228-fund/elysia-effect (=0.0.1), @228-fund/elysia-msgpack (>=0.0.1 <=0.0.3) +117 more potentially affected by CVE-2025-66456 +1 more via elysia (>=0.1.2 <=1.4.17)
elysia NPM version =0.1.2, =0.0.1, =0.0.1, =0.0.7, =0.0.1-0, =0.0.1, =0.0.3, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.1.4, =0.1.0, =0.1.0, =1.0.0-next.4, =1.0.0-next.6 and more Source cves: CVE-2025-66456, CVE-2025-66457 Source advisory: OSV:GHSA-8VCH-M3F4-Q8JF...
@dockstat/plugin-builder (>=1.0.3 <=1.0.8), @dockstat/typings (>=1.1.0 <=1.1.2) +8 more potentially affected by CVE-2025-66456 +1 more via elysia (>=1.4.11 <=1.4.16)
elysia NPM version =1.4.11, =1.0.3, =1.1.0, =0.1.29, =0.0.21-alpha.3, =2.0.0, =1.2.11, =0.0.1, =0.1.0, =0.6.0 - nautika-types =1.6.0 Source cves: CVE-2025-66456, CVE-2025-66457 Source advisory: OSV:GHSA-HXJ9-33PP-J2CC...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2025-66645 via nicegui (>=0.9.11 <=3.3.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2025-66645 Source advisory: OSV:GHSA-HXP3-63HC-5366...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2025-66645 via nicegui (>=3.0.4 <=3.3.1)
nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2025-66645 Source advisory: SNYK:PYTHON-NICEGUI-14236612...
agent-lifecycle-toolkit (=0.2.1.10102025), copilot-ollama-windows (>=1.0.0 <=1.0.2) +33 more potentially affected by CVE-2025-14546 via fastapi-sso (>=0.10.0 <=0.18.0)
fastapi-sso PYPI version =0.10.0, =1.0.0, =0.1.7, =2.5.43, =0.17.0, =1.0.0, =0.2.0, =2.13.3, =0.50.0, =0.5.0, =0.1.0, =0.0.1, =0.0.1, =0.2.0 - jaseci =2.0.0 and more Source cves: CVE-2025-14546 Source advisory: SNYK:PYTHON-FASTAPISSO-14386403...
@c0va23/react-router-dev (=7.8.3-alpha.2), @catmint/cli (>=0.0.0-prealpha.1 <=0.0.0-prealpha.26) +34 more potentially affected by CVE-2025-67489 via @vitejs/plugin-rsc (>=0.4.11 <=0.5.27)
@vitejs/plugin-rsc NPM version =0.4.11, =0.0.0-prealpha.1, =0.0.0-prealpha.1, =0.2.0, =0.0.1-alpha.0, =16.2.6, =0.0.9, =0.6.0, =0.5.0, =0.0.0-experimental.1, =0.1.0, =0.0.1, =0.0.0-1ae0b37, =0.0.0-experimental.00a81282, =0.0.0-experimental-2a6c7bc, =7.8.2-pre.1 and more Source cves: CVE-2025-6748...
wasmi_c_api_impl (=0.50.0), wasmi_runtime_layer (=0.50.0) potentially affected by CVE-2025-66627 via wasmi (=0.50.0)
wasmi CARGO version =0.50.0 is affected by a known vulnerability. The following packages have a transitive dependency on wasmi and may be impacted: - wasmicapiimpl =0.50.0 - wasmiruntimelayer =0.50.0 Source cves: CVE-2025-66627 Source advisory: OSV:GHSA-G4V2-CJQP-RFMQ...
pepl-codegen (>=0.1.1 <=0.1.2), pepl-compiler (>=0.1.1 <=0.1.2) +2 more potentially affected by CVE-2025-66627 via wasmi (>=0.42.1 <=0.46.0)
wasmi CARGO version =0.42.1, =0.1.1, =0.1.1, =0.42.0, =0.42.0, =0.46.0 Source cves: CVE-2025-66627 Source advisory: OSV:GHSA-G4V2-CJQP-RFMQ...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2025-66470 via nicegui (>=0.9.11 <=3.3.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2025-66470 Source advisory: OSV:GHSA-2M4F-CG75-76W2...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2025-66470 via nicegui (>=3.0.4 <=3.3.1)
nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2025-66470 Source advisory: SNYK:PYTHON-NICEGUI-14222431...
@levo-so/react (>=0.1.15 <=0.1.43), @levo-so/react-collection (>=0.0.1 <=0.1.86) +2 more potentially affected by CVE-2025-65849 via altcha (>=1.0.7 <=2.0.2)
altcha NPM version =1.0.7, =0.1.15, =0.0.1, =0.1.91, =0.0.23, =0.0.34 Source cves: CVE-2025-65849 Source advisory: OSV:GHSA-MPMC-QCHH-R9Q8...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +257 more potentially affected by CVE-2025-66469 via nicegui (>=0.9.11 <=3.3.1)
nicegui PYPI version =0.9.11, =0.2.0, =1.0.0, =0.0.1, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 and more Source cves: CVE-2025-66469 Source advisory: OSV:GHSA-72QC-WXCH-74MG...
acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2025-66469 via nicegui (>=3.0.4 <=3.3.1)
nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2025-66469 Source advisory: SNYK:PYTHON-NICEGUI-14222432...
@klardaten/n8n-nodes-datevconnect (>=1.0.1 <=1.0.2), @n8n/ai-workflow-builder (>=0.2.0 <=0.28.0) +15 more potentially affected by CVE-2025-65964 via @n8n/config (>=1.15.0 <=1.60.0)
@n8n/config NPM version =1.15.0, =1.0.1, =0.2.0, =1.3.0, =0.23.8, =1.51.0, =1.65.0, =1.65.0, =1.0.1, =0.3.3, =0.1.3, =0.2.0, =0.2.0, =0.1.0, =0.1.1 - n8n-nodes-tiny-request =0.1.0 and more Source cves: CVE-2025-65964 Source advisory: SNYK:JS-N8NCONFIG-14222433...
@levo-so/react (>=0.1.15 <=0.1.43), @levo-so/react-collection (>=0.0.1 <=0.1.86) +2 more potentially affected by CVE-2025-65849 via altcha (>=1.0.7 <=2.0.2)
altcha NPM version =1.0.7, =0.1.15, =0.0.1, =0.1.91, =0.0.23, =0.0.34 Source cves: CVE-2025-65849 Source advisory: SNYK:JS-ALTCHA-14236435...
nostr-dvm (=0.7.14) potentially affected by CVE-2025-65548 via cashu (=0.16.0)
cashu PYPI version =0.16.0 is affected by a known vulnerability. The following packages have a transitive dependency on cashu and may be impacted: - nostr-dvm =0.7.14 Source cves: CVE-2025-65548 Source advisory: OSV:PYSEC-2025-89...
@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @anyauth/design-system (>=0.5.0 <=0.5.1) +19 more potentially affected by CVE-2025-64765 +1 more via astro (>=5.0.0-beta.5 <=5.16.2)
astro NPM version =5.0.0-beta.5, =1.0.0, =0.5.0, =0.0.1, =0.1.0, =0.0.1, =2.18.7, =0.1.2-alpha.1, =0.0.28, =0.0.28, =1.5.1, =1.13.2, =0.1.8, =1.0.21, =1.0.22 and more Source cves: CVE-2025-64765, CVE-2025-66202 Source advisory: SNYK:JS-ASTRO-14235580...
@ampt/astro (=0.0.1-beta.1), @antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1) +383 more potentially affected by CVE-2025-64765 +1 more via astro (>=0.20.12 <=5.15.6)
astro NPM version =0.20.12, =1.0.0, =0.5.0, =1.0.0, =0.0.17, =0.0.2, =0.0.1, =0.2.0, =0.0.0-experimental-7c2f356, =0.0.0-experimental-7c2f356, =0.5.1 - @astro-sanctuary/toolbar-drupal =0.1.1 - @astrojs/og =0.0.1 and more Source cves: CVE-2025-64765, CVE-2025-66202 Source advisory:...
@adeunis/codecs (>=1.3.0 <=1.4.0), @andrewcturing/todoist (=0.0.1) +53 more potentially affected by CVE-2026-9673 via json-2-csv (>=3.20.0 <=5.5.1)
json-2-csv NPM version =3.20.0, =1.3.0, =1.8.0, =5.0.2, =0.0.1, =0.2.3, =0.1.0, =0.1.0, =0.5.1, =1.0.2, =1.3.1, =3.0.7, =1.0.5, =3.0.9-beta.0 and more Source cves: CVE-2026-9673 Source advisory: SNYK:JS-JSON2CSV-14221326...
langflow-nightly (=1.8.0.dev24) potentially affected by CVE-2025-34291 via langflow-base (=0.7.2)
langflow-base PYPI version =0.7.2 is affected by a known vulnerability. The following packages have a transitive dependency on langflow-base and may be impacted: - langflow-nightly =1.8.0.dev24 Source cves: CVE-2025-34291 Source advisory: SNYK:PYTHON-LANGFLOWBASE-14221425...
ae.teletronics.nlp:categorisation (>=1.3 <=1.6), ae.teletronics.nlp:entityextraction (>=1.3 <=1.4) +4956 more potentially affected by CVE-2025-12183 +1 more via net.jpountz.lz4:lz4 (>=1.1.0 <=1.3.0)
net.jpountz.lz4:lz4 MAVEN version =1.1.0, =1.3, =1.3, =0.42.1, =1.3.0, =0.13.0, =1.1.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.10.0, =0.13.0, =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2025-12183, CVE-2025-66566 Source advisory: SNYK:JAVA-NETJPOUNTZLZ4-14219377...
ae.teletronics.nlp:categorisation (>=1.3 <=1.6), ae.teletronics.nlp:entityextraction (>=1.3 <=1.4) +4956 more potentially affected by CVE-2025-66566 via net.jpountz.lz4:lz4 (>=1.1.0 <=1.3.0)
net.jpountz.lz4:lz4 MAVEN version =1.1.0, =1.3, =1.3, =0.42.1, =1.3.0, =0.13.0, =1.1.0, =0.13.0, =0.13.0, =0.13.0, =0.7.0, =0.10.0, =0.13.0, =v1.1.0-226-g847ecff2d8e26f249422247d7665fe15f07b1744 and more Source cves: CVE-2025-66566 Source advisory: OSV:GHSA-CMP6-M4WJ-Q63Q...
com.rabbitmq:stream-client (=1.4.0), org.qubership.profiler:qubership-profiler-cli (>=3.0.3 <=3.0.4) +6 more potentially affected by CVE-2025-12183 +1 more via at.yawk.lz4:lz4-java (=1.10.0)
at.yawk.lz4:lz4-java MAVEN version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on at.yawk.lz4:lz4-java and may be impacted: - com.rabbitmq:stream-client =1.4.0 - org.qubership.profiler:qubership-profiler-cli =3.0.3, =3.0.3, =3.0.3, =3.0.3,...
cc.ddrpa.dorian.polystash:polystash-spring-boot-starter (=1.0.0), com.alibaba.fastjson2:fastjson2-extension (>=2.0.27 <=2.0.62) +39 more potentially affected by CVE-2025-12183 +1 more via org.lz4:lz4-pure-java (=1.8.0)
org.lz4:lz4-pure-java MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.lz4:lz4-pure-java and may be impacted: - cc.ddrpa.dorian.polystash:polystash-spring-boot-starter =1.0.0 - com.alibaba.fastjson2:fastjson2-extension =2.0.27,...
cc.ddrpa.dorian.polystash:polystash-spring-boot-starter (=1.0.0), com.alibaba.fastjson2:fastjson2-extension (>=2.0.27 <=2.0.62) +39 more potentially affected by CVE-2025-66566 via org.lz4:lz4-pure-java (=1.8.0)
org.lz4:lz4-pure-java MAVEN version =1.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.lz4:lz4-pure-java and may be impacted: - cc.ddrpa.dorian.polystash:polystash-spring-boot-starter =1.0.0 - com.alibaba.fastjson2:fastjson2-extension =2.0.27,...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +15057 more potentially affected by CVE-2025-12183 +1 more via org.lz4:lz4-java (>=1.4 <=1.8.1)
org.lz4:lz4-java MAVEN version =1.4, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =1.2.10 and more Source cves: CVE-2025-12183, CVE-2025-66566 Source advisory: SNYK:JAVA-ORGLZ4-14219384...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +15057 more potentially affected by CVE-2025-66566 via org.lz4:lz4-java (>=1.4 <=1.8.1)
org.lz4:lz4-java MAVEN version =1.4, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =1.2.10 and more Source cves: CVE-2025-66566 Source advisory: OSV:GHSA-CMP6-M4WJ-Q63Q...
0lever-utils (>=0.0.2 <=0.0.7), 0xdegenmo-lighter-mcp (=0.1.1) +16246 more potentially affected by CVE-2025-66471 via urllib3 (>=1.10.2 <=2.5.0)
urllib3 PYPI version =1.10.2, =0.0.2, =0.3.0, =0.0.1a0, =1.1.2, =0.1.0, =0.1.0, =0.0.2, =0.0.5, =0.0.7 - a-mailx =0.1.0 - a-texam =1.1.0 - a16z =0.0.1 and more Source cves: CVE-2025-66471 Source advisory: OSV:GHSA-2XPW-W6GG-JR37...
0lever-utils (>=0.0.2 <=0.0.7), 0xdegenmo-lighter-mcp (=0.1.1) +15770 more potentially affected by CVE-2025-66418 via urllib3 (>=1.24.0 <=2.5.0)
urllib3 PYPI version =1.24.0, =0.0.2, =0.3.0, =0.0.1a0, =1.1.2, =0.1.0, =0.1.0, =0.0.2, =0.0.5, =0.0.7 - a-mailx =0.1.0 - a-texam =1.1.0 - a16z =0.0.1 and more Source cves: CVE-2025-66418 Source advisory: OSV:GHSA-GM62-XV2J-4W53...
0lever-utils (>=0.0.2 <=0.0.7), 0xdegenmo-lighter-mcp (=0.1.1) +15770 more potentially affected by CVE-2025-66418 via urllib3 (>=1.24.0 <=2.5.0)
urllib3 PYPI version =1.24.0, =0.0.2, =0.3.0, =0.0.1a0, =1.1.2, =0.1.0, =0.1.0, =0.0.2, =0.0.5, =0.0.7 - a-mailx =0.1.0 - a-texam =1.1.0 - a16z =0.0.1 and more Source cves: CVE-2025-66418 Source advisory: SNYK:PYTHON-URLLIB3-14192443...
0lever-utils (>=0.0.2 <=0.0.7), 0xdegenmo-lighter-mcp (=0.1.1) +16246 more potentially affected by CVE-2025-66471 via urllib3 (>=1.10.2 <=2.5.0)
urllib3 PYPI version =1.10.2, =0.0.2, =0.3.0, =0.0.1a0, =1.1.2, =0.1.0, =0.1.0, =0.0.2, =0.0.5, =0.0.7 - a-mailx =0.1.0 - a-texam =1.1.0 - a16z =0.0.1 and more Source cves: CVE-2025-66471 Source advisory: SNYK:PYTHON-URLLIB3-14192442...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +181 more potentially affected by CVE-2025-14083 via org.keycloak:keycloak-services (>=10.0.0 <=26.4.7)
org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65959 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65959 Source advisory: SNYK:PYTHON-OPENWEBUI-14189879...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: SNYK:PYTHON-OPENWEBUI-14190245...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-65958 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-65958 Source advisory: OSV:GHSA-C6XV-RCVW-V685...
org.sonatype.nexus.api.extdirect:nexus-api-extdirect-selfhosted (>=3.83.0-08 <=3.86.3-01), org.sonatype.nexus.api.rest:nexus-api-rest-common (>=3.83.0-08 <=3.86.3-01) +4 more potentially affected by CVE-2025-13488 via org.sonatype.nexus.plugins:nexus-blobstore-s3 (>=3.83.0-08 <=3.86.3-01)
org.sonatype.nexus.plugins:nexus-blobstore-s3 MAVEN version =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.83.0-08, =3.86.3-01 Source cves: CVE-2025-13488 Source advisory: SNYK:JAVA-ORGSONATYPENEXUSPLUGINS-14221327...
ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7) +3954 more potentially affected by CVE-2025-54988 +1 more via org.apache.tika:tika-core (>=1.13 <=3.2.1)
org.apache.tika:tika-core MAVEN version =1.13, =1.3, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.0.0, =1.1.0 - ai.konduit.serving:konduit-serving-cli =0.1.0 - ai.konduit.serving:konduit-serving-distro-bom =0.1.0 - ai.platon.pulsar:pulsar-agentic =4.6.0 and...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +324 more potentially affected by CVE-2025-54988 +1 more via org.apache.tika:tika-parser-pdf-module (>=2.0.0 <=3.2.1)
org.apache.tika:tika-parser-pdf-module MAVEN version =2.0.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.2.0, =1.0.3.1-JDK21, =1.0.0, =1.0.0, =1.0, =1.4 and more Source cves: CVE-2025-54988, CVE-2025-66516 Source advisory: OSV:GHSA-F58C-GQ56-VJJF...
ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.stainless:grails-tika (=0.1.0) +739 more potentially affected by CVE-2025-54988 +1 more via org.apache.tika:tika-parsers (>=1.13 <=1.9)
org.apache.tika:tika-parsers MAVEN version =1.13, =1.3, =1.0.1, =3.6.1, =3.11.0, =4.6.0, =8.10.1.3, =8.10.1.3, =8.10.1.3, =0.1, =3.0.0, =3.0.1 and more Source cves: CVE-2025-54988, CVE-2025-66516 Source advisory: OSV:GHSA-F58C-GQ56-VJJF...
openwebui-token-tracking (=0.1.7) potentially affected by CVE-2025-63681 via open-webui (=0.6.0)
open-webui PYPI version =0.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on open-webui and may be impacted: - openwebui-token-tracking =0.1.7 Source cves: CVE-2025-63681 Source advisory: OSV:GHSA-FRV8-GFFC-37PX...
libcrux-aesgcm (=0.0.4-pre.1), libcrux-ml-dsa (=0.0.3) +1 more potentially affected by unknown CVE via libcrux-intrinsics (>=0.0.3 <=0.0.4-pre.1)
libcrux-intrinsics CARGO version =0.0.3, =0.0.3, =0.0.3-alpha.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2CGV-28VR-RV6J...
@bigchaindb/jwt (>=0.0.18 <=0.0.20), @compas/store (>=0.0.172 <=0.20.0) +35 more potentially affected by CVE-2025-65945 via jws (=4.0.0)
jws NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - @bigchaindb/jwt =0.0.18, =0.0.172, =11.8.0, =1.0.0-beta.2, =1.1.0, =0.0.22, =15.2.0, =17.1.6, =13.0.0, =10.1.0, =10.4.0, =10.1.0, =10.3.0-snapshot, =0.1.1...
@bigchaindb/jwt (>=0.0.18 <=0.0.20), @compas/store (>=0.0.172 <=0.20.0) +35 more potentially affected by CVE-2025-65945 via jws (=4.0.0)
jws NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - @bigchaindb/jwt =0.0.18, =0.0.172, =11.8.0, =1.0.0-beta.2, =1.1.0, =0.0.22, =15.2.0, =17.1.6, =13.0.0, =10.1.0, =10.4.0, =10.1.0, =10.3.0-snapshot, =0.1.1...
00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +3901 more potentially affected by CVE-2025-65945 via jws (>=0.0.2 <=3.2.2)
jws NPM version =0.0.2, =3.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 -...
00ld8nuivn (=2.1.0), 00rqiw31nd (=2.1.0) +3710 more potentially affected by CVE-2025-65945 via jws (>=3.0.0 <=3.2.2)
jws NPM version =3.0.0, =3.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - 00ld8nuivn =2.1.0 - 00rqiw31nd =2.1.0 - 01dk01majk =2.1.0 - 02rjq8i863 =1.1.0 - 02vx8qsp01 =2.1.0 - 05y6tjgmws =1.1.0 - 066m7q8o0z =2.1.0 -...