26517 matches found
be.atbash.test:integration-testing (=2.2.0), be.atbash.test:integration-testing-database (=2.2.0) +641 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=4.0.0 <=4.0.6)
org.apache.cxf:cxf-core MAVEN version =4.0.0, =1.0.0, =12.1-7-21, =0.0.1, =2.70.0, =2.71.1 - com.codbex.kronos:codbex-kronos-commons =2.70.0 - com.codbex.kronos:codbex-kronos-components-api-parent =2.69.0 - com.codbex.kronos:codbex-kronos-components-engine-xsjob =2.69.0 and more Source cves:...
com.axonivy.ivy.tool.soap:cxf-client-codegen (=1.0.0), cv.igrp:igrp-core (>=1.7.3.230801 <=1.7.3.230802) +378 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=3.6.0 <=3.6.5)
org.apache.cxf:cxf-core MAVEN version =3.6.0, =1.7.3.230801, =3.0-M3, =3.0-M3, =3.0-M3, =3.0-M3, =2.0, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =3.0.5, =3.0.6 - net.tirasa.connid.bundles:net.tirasa.connid.bundles.servicenow =1.0.4 and more Source cves:...
ai.idylnlp:idylnlp-nlp-language-detection-tika (>=1.0.0 <=1.1.0), ai.stainless:grails-tika (=0.1.0) +2893 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=3.0.0-milestone1 <=3.5.10)
org.apache.cxf:cxf-core MAVEN version =3.0.0-milestone1, =1.0.0, =11.4-37, =3.6.1, =3.11.0, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.1.0.RELEASE - cloud.testload:jmeter-clickhouse-listener =2.00 and more Source cves: CVE-2025-48795 Source...
@altipla/directus-sdk-utils (=0.7.2), @bicou/directus-extension-imagga (>=1.6.3 <=1.6.6) +9 more potentially affected by CVE-2025-53887 via directus (>=10.10.0 <=11.8.0)
directus NPM version =10.10.0, =1.6.3, =11.16.1-depup.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 - lease-directus-template =0.0.0 Source cves: CVE-2025-53887 Source advisory: OSV:GHSA-RMJH-CF9Q-PV7Q...
@altipla/directus-sdk-utils (=0.7.2), @bicou/directus-extension-imagga (>=1.6.3 <=1.6.6) +9 more potentially affected by CVE-2025-53886 via directus (>=10.10.0 <=11.8.0)
directus NPM version =10.10.0, =1.6.3, =11.16.1-depup.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 - lease-directus-template =0.0.0 Source cves: CVE-2025-53886 Source advisory: OSV:GHSA-F24X-RM6G-3W5V...
com.axonivy.ivy.tool.soap:cxf-client-codegen (=1.0.0), cv.igrp:igrp-core (>=1.7.3.230801 <=1.7.3.230802) +378 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=3.6.0 <=3.6.5)
org.apache.cxf:cxf-core MAVEN version =3.6.0, =1.7.3.230801, =3.0-M3, =3.0-M3, =3.0-M3, =3.0-M3, =2.0, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =4.4.6.hyte-24270, =3.0.5, =3.0.6 - net.tirasa.connid.bundles:net.tirasa.connid.bundles.servicenow =1.0.4 and more Source cves:...
ai.idylnlp:idylnlp-nlp-language-detection-tika (>=1.0.0 <=1.1.0), ai.stainless:grails-tika (=0.1.0) +2893 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=3.0.0-milestone1 <=3.5.10)
org.apache.cxf:cxf-core MAVEN version =3.0.0-milestone1, =1.0.0, =11.4-37, =3.6.1, =3.11.0, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.0.0.RELEASE, =3.1.0.RELEASE - cloud.testload:jmeter-clickhouse-listener =2.00 and more Source cves: CVE-2025-48795 Source...
com.codbex.atlas:codbex-atlas-application (>=1.1.0 <=2.3.0), cv.igrp:igrp-core (=2.0.0.250321-GA) +416 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (=4.1.0)
org.apache.cxf:cxf-core MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-core and may be impacted: - com.codbex.atlas:codbex-atlas-application =1.1.0, =4.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0...
be.atbash.test:integration-testing (=2.2.0), be.atbash.test:integration-testing-database (=2.2.0) +641 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=4.0.0 <=4.0.6)
org.apache.cxf:cxf-core MAVEN version =4.0.0, =1.0.0, =12.1-7-21, =0.0.1, =2.70.0, =2.71.1 - com.codbex.kronos:codbex-kronos-commons =2.70.0 - com.codbex.kronos:codbex-kronos-components-api-parent =2.69.0 - com.codbex.kronos:codbex-kronos-components-engine-xsjob =2.69.0 and more Source cves:...
io.github.mullerhai:storch-mcp_3 (=0.1.0), io.projectreactor.netty:reactor-netty (>=1.3.0-M1 <=1.3.0-M4) +1 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.3.0-M1 <=1.3.0-M4)
io.projectreactor.netty:reactor-netty-http MAVEN version =1.3.0-M1, =1.3.0-M1, =1.3.0-M1, =1.3.0-M4 Source cves: CVE-2025-22227 Source advisory: SNYK:JAVA-IOPROJECTREACTORNETTY-10770514...
africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0) +5879 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.2.7)
io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1...
aba-cli-scrapper (>=0.1.1 <=0.1.6), academic-metrics (>=0.1.0b0 <=1.0.99) +1034 more potentially affected by CVE-2025-53643 via aiohttp (>=0.13.1 <=3.12.13)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =56.0.0, =0.1.0, =0.1.31, =1.0.1, =1.2.0 - ahttp-client =1.0.3 and more Source cves: CVE-2025-53643 Source advisory: OSV:GHSA-9548-QRRJ-X5PJ...
aba-cli-scrapper (>=0.1.1 <=0.1.6), academic-metrics (>=0.1.0b0 <=1.0.99) +905 more potentially affected by CVE-2025-53643 via aiohttp (>=3.0.0b0 <=3.12.13)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =56.0.0, =0.1.0, =0.1.31, =1.0.1, =1.2.0 - ahttp-client =1.0.3 and more Source cves: CVE-2025-53643 Source advisory: SNYK:PYTHON-AIOHTTP-10742466...
trinity (>=0.1.0a28 <=0.1.0a36) potentially affected by CVE-2025-29606 via libp2p (>=0.1.1 <=0.1.5)
libp2p PYPI version =0.1.1, =0.1.0a28, =0.1.0a36 Source cves: CVE-2025-29606 Source advisory: SNYK:PYTHON-LIBP2P-10851401...
trinity (>=0.1.0a28 <=0.1.0a36) potentially affected by CVE-2025-29606 via libp2p (>=0.1.1 <=0.1.5)
libp2p PYPI version =0.1.1, =0.1.0a28, =0.1.0a36 Source cves: CVE-2025-29606 Source advisory: OSV:GHSA-X8C6-GJ59-6RX8...
@bachha2906/better-auth (>=1.0.24 <=1.0.26), @bachha2906/better-auth-expo (=1.0.26) +27 more potentially affected by unknown CVE via better-call (>=0.1.38 <=1.0.11)
better-call NPM version =0.1.38, =1.0.24, =0.0.1, =0.8.2, =1.1.10-fork.1, =1.0.20, =1.1.22, =1.1.22, =0.0.1, =1.1.19-fork.2, =1.0.23, =1.0.23, =0.0.5, =1.2.14, =1.2.15 and more Source cves: unknown CVE Source advisory: OSV:GHSA-HQ75-XG7R-RX6C...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1815 more potentially affected by CVE-2025-3933 via transformers (>=2.10.0 <=4.52.0)
transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3933 Source advisory: OSV:GHSA-37MW-44QP-F5JM...
@kontaa/subgraph (>=1.0.1 <=1.2.3), @kontaa/utils (>=1.2.1 <=1.2.3) +4 more potentially affected by CVE-2025-53364 via parse-server (>=5.6.0 <=6.5.11)
parse-server NPM version =5.6.0, =1.0.1, =1.2.1, =2.4.46, =1.0.0, =1.0.1, =1.0.23 - servable-publishable =1.1.0 Source cves: CVE-2025-53364 Source advisory: OSV:GHSA-48Q3-PRGV-GM4W...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-6211 via llama-index (>=0.10.0 <=0.12.38)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =0.0.61 - intelligent-engine-core =0.1.0 - jiuwen-opensource =0.0.3 and more Source cves: CVE-2025-6211 Source advisory: SNYK:PYTHON-LLAMAINDEX-10691925...
llama-index-packs-docugami-kg-rag (>=0.1.1 <=0.2.0) potentially affected by CVE-2025-6211 via llama-index-readers-docugami (=0.1.4)
llama-index-readers-docugami PYPI version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on llama-index-readers-docugami and may be impacted: - llama-index-packs-docugami-kg-rag =0.1.1, =0.2.0 Source cves: CVE-2025-6211 Source advisory:...
llama-index-packs-docugami-kg-rag (>=0.1.1 <=0.2.0) potentially affected by CVE-2025-6211 via llama-index-readers-docugami (=0.1.4)
llama-index-readers-docugami PYPI version =0.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on llama-index-readers-docugami and may be impacted: - llama-index-packs-docugami-kg-rag =0.1.1, =0.2.0 Source cves: CVE-2025-6211 Source advisory:...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25) +8 more potentially affected by CVE-2025-53651 via org.jenkins-ci.plugins:htmlpublisher (>=1.0 <=1.6)
org.jenkins-ci.plugins:htmlpublisher MAVEN version =1.0, =1.9.2-beta, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.0.0, =1.0.18 Source cves: CVE-2025-53651 Source advisory: OSV:GHSA-367V-5PPJ-2HRX...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=29.v7c3891a_434c3 <=57.v0756db_b_f6926), com.amazon.jenkins.fleet:ec2-fleet (>=1.0 <=4.2.1.515.v100267825939) +109 more potentially affected by CVE-2025-53650 via org.jenkins-ci.plugins:credentials-binding (>=1.10 <=687.v619cb_15e923f)
org.jenkins-ci.plugins:credentials-binding MAVEN version =1.10, =29.v7c3891a434c3, =1.0, =1.6, =1.4, =1.41.0, =377.vc87a13718939, =57.vde5161ec7aba, =0.17, =60.vce1b19770361, =1.0.43, =1.0.0, =1.27.25 and more Source cves: CVE-2025-53650 Source advisory: OSV:GHSA-9768-HPRV-CRJ5...
qwik-lottie (>=0.0.5 <=0.0.6), storybook-framework-qwik (>=0.0.1 <=0.0.4) potentially affected by CVE-2025-53620 via @builder.io/qwik-city (>=0.0.112 <=0.0.128)
@builder.io/qwik-city NPM version =0.0.112, =0.0.5, =0.0.1, =0.0.4 Source cves: CVE-2025-53620 Source advisory: OSV:GHSA-QR9H-J6XG-2J72...
@async-atharv/ipaship (>=1.2.1 <=1.2.2), @bentwnghk/chat (>=1.85.2 <=1.107.2) +94 more potentially affected by CVE-2025-53548 via @clerk/backend (>=2.0.0 <=2.33.5)
@clerk/backend NPM version =2.0.0, =1.2.1, =1.85.2, =0.0.1, =3.0.3, =0.1.0, =2.8.0-snapshot.v20250514155045, =1.5.0-snapshot.v20250514155045, =2.3.0, =6.20.0-snapshot.v20250514155045, =1.7.0, =1.5.0, =4.8.0, =0.16.0, =1.7.0-snapshot.v20250514155045, =1.0.4, =1.0.7 and more Source cves:...
@unhook/cli (>=0.9.3 <=0.14.2) potentially affected by CVE-2025-53548 via @clerk/express (>=1.6.0 <=1.7.37)
@clerk/express NPM version =1.6.0, =0.9.3, =0.14.2 Source cves: CVE-2025-53548 Source advisory: OSV:GHSA-9MP4-77WG-RWX9...
@wix/mcp-remote (=0.0.6) potentially affected by CVE-2025-6514 via mcp-remote (=0.1.13)
mcp-remote NPM version =0.1.13 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-remote and may be impacted: - @wix/mcp-remote =0.0.6 Source cves: CVE-2025-6514 Source advisory: OSV:GHSA-6XPM-GGF7-WC3P...
@toolsdk.ai/registry (=1.0.83) potentially affected by CVE-2025-53355 +1 more via mcp-server-kubernetes (=2.4.3)
mcp-server-kubernetes NPM version =2.4.3 is affected by a known vulnerability. The following packages have a transitive dependency on mcp-server-kubernetes and may be impacted: - @toolsdk.ai/registry =1.0.83 Source cves: CVE-2025-53355, CVE-2025-54073 Source advisory: OSV:GHSA-GJV4-GHM7-Q58Q...
@astrojs/cloudflare (>=13.0.0 <=14.0.0-alpha.1), @decocms/vite-plugin (>=1.0.0-alpha.1 <=1.0.0-alpha.2) +61 more potentially affected by CVE-2025-59427 via @cloudflare/vite-plugin (>=0.0.0-1bae8618b <=1.40.1)
@cloudflare/vite-plugin NPM version =0.0.0-1bae8618b, =13.0.0, =1.0.0-alpha.1, =0.1.2, =0.0.9, =1.0.0, =1.0.0, =1.0.0, =0.8.0, =0.3.0, =0.6.1, =0.20.0 - @iflow-mcp/goperigon-perigon-mcp-server =1.0.0 and more Source cves: CVE-2025-59427 Source advisory: OSV:GHSA-4PFG-2MW5-F8JX...
acryl-datahub-dagster-plugin (>=0.0.0.dev0 <=1.7.0.1rc1), agentflow-runtime (>=1.1.0 <=1.5.0) +235 more potentially affected by CVE-2023-51232 via dagster (>=0.1.1 <=1.5.10)
dagster PYPI version =0.1.1, =0.0.0.dev0, =1.1.0, =0.1.0.dev419, =2.7.1, =2023.12.1, =0.0.1, =0.1.0, =0.0.1, =0.16.0, =0.4.0, =0.0.1, =0.0.1, =0.0.1, =0.0.3 and more Source cves: CVE-2023-51232 Source advisory: OSV:GHSA-Q93C-P2MW-P23F...
acryl-datahub-dagster-plugin (>=0.0.0.dev0 <=1.7.0.1rc1), agentflow-runtime (>=1.1.0 <=1.5.0) +233 more potentially affected by CVE-2023-51232 via dagster (>=1.0.0 <=1.5.10)
dagster PYPI version =1.0.0, =0.0.0.dev0, =1.1.0, =0.1.0.dev419, =2.7.1, =2023.12.1, =0.0.1, =0.1.0, =0.0.1, =0.16.0, =0.4.0, =0.0.1, =0.0.1, =0.0.1, =0.0.3 and more Source cves: CVE-2023-51232 Source advisory: SNYK:PYTHON-DAGSTER-10664501...
aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-6209 via llama-index-core (>=0.10.0 <=0.12.39)
llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-6209 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10648998...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-6209 via llama-index (>=0.10.0 <=0.12.38)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =0.0.61 - intelligent-engine-core =0.1.0 - jiuwen-opensource =0.0.3 and more Source cves: CVE-2025-6209 Source advisory: SNYK:PYTHON-LLAMAINDEX-10648999...
ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +163 more potentially affected by CVE-2025-3262 via transformers (>=4.49.0 <=4.50.3)
transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3262 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658533...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1815 more potentially affected by CVE-2025-3777 via transformers (>=2.10.0 <=4.52.0)
transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3777 Source advisory: OSV:GHSA-PHHR-52QP-3MJ4...
ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +163 more potentially affected by CVE-2025-3262 via transformers (>=4.49.0 <=4.50.3)
transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3262 Source advisory: OSV:GHSA-489J-G2VX-39WF...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1736 more potentially affected by CVE-2025-3263 via transformers (>=2.10.0 <=4.50.3)
transformers PYPI version =2.10.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3263 Source advisory: OSV:GHSA-Q2WP-RJMX-X6X9...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1736 more potentially affected by CVE-2025-3264 via transformers (>=2.10.0 <=4.50.3)
transformers PYPI version =2.10.0, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3264 Source advisory: OSV:GHSA-JJPH-296X-MRCR...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +34 more potentially affected by CVE-2025-3225 via llama-index (>=0.10.0 <=0.12.22)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.1.0, =0.2.0 and more Source cves: CVE-2025-3225 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645575...
airunner (>=3.0.0 <=3.1.14), llama-index-packs-arize-phoenix-query-engine (>=0.0.2 <=0.1.4) +2 more potentially affected by CVE-2025-3225 via llama-index-readers-web (>=0.0.1 <=0.3.5)
llama-index-readers-web PYPI version =0.0.1, =3.0.0, =0.0.2, =0.1.0, =0.1.0, =0.2.8 Source cves: CVE-2025-3225 Source advisory: SNYK:PYTHON-LLAMAINDEXREADERSWEB-10645574...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +34 more potentially affected by CVE-2025-3044 via llama-index (>=0.10.0 <=0.12.22)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.1.0, =0.2.0 and more Source cves: CVE-2025-3044 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645579...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +34 more potentially affected by CVE-2025-3046 via llama-index (>=0.10.0 <=0.12.22)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.7.0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =0.1.2, =0.1.7.dev20240924104148, =0.1.0, =0.2.0 and more Source cves: CVE-2025-3046 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645583...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-6210 via llama-index (>=0.10.0 <=0.12.38)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =0.0.61 - intelligent-engine-core =0.1.0 - jiuwen-opensource =0.0.3 and more Source cves: CVE-2025-6210 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645585...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +39 more potentially affected by CVE-2025-5472 via llama-index (>=0.10.0 <=0.12.36)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =1.0.9, =1.0.3.post1, =1.0.23.post1 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645587...
aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-5472 via llama-index-core (>=0.10.0 <=0.12.37)
llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-5472 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10645586...
3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1812 more potentially affected by CVE-2025-3777 via transformers (>=2.10.0 <=4.51.3)
transformers PYPI version =2.10.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.1, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.2.11 and more Source cves: CVE-2025-3777 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658536...
ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +163 more potentially affected by CVE-2025-3264 via transformers (>=4.49.0 <=4.50.3)
transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3264 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658534...
ace-step (=0.1.0), agent-memory-jojo (=0.1.3) +163 more potentially affected by CVE-2025-3263 via transformers (>=4.49.0 <=4.50.3)
transformers PYPI version =4.49.0, =3.2.0, =2.2.0, =0.0.5, =2026.3.1, =0.1.0, =1.2.1b20250404, =1.2.1b20250404, =1.2.1b20250404, =0.1.2, =0.1.8 - azureml-metrics =0.0.25.post1 and more Source cves: CVE-2025-3263 Source advisory: SNYK:PYTHON-TRANSFORMERS-10658535...
aiqtoolkit-llama-index (>=1.1.0 <=1.2.0rc4), airunner (>=3.0.0 <=3.1.14) +42 more potentially affected by CVE-2025-3108 via llama-index (>=0.10.0 <=0.12.38)
llama-index PYPI version =0.10.0, =1.1.0, =3.0.0, =1.0.5, =1.7.0, =0.2.53, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.0.52, =0.0.61 - intelligent-engine-core =0.1.0 - jiuwen-opensource =0.0.3 and more Source cves: CVE-2025-3108 Source advisory: SNYK:PYTHON-LLAMAINDEX-10645588...
aider-chat (=0.43.0), aimon-llamaindex (>=0.0.6 <=0.0.9) +686 more potentially affected by CVE-2025-3108 via llama-index-core (>=0.10.0 <=0.12.39)
llama-index-core PYPI version =0.10.0, =0.0.6, =1.1.0, =3.0.0, =1.7.0, =1.0.0, =0.0.3, =0.2.1, =0.2.1.dev0, =0.1.3, =0.1.169, =0.1.0, =0.3.0, =0.1.0, =0.4.0.dev2 and more Source cves: CVE-2025-3108 Source advisory: SNYK:PYTHON-LLAMAINDEXCORE-10645589...