26517 matches found
hakoniwa-pdu (>=1.2.8 <=1.6.1), iflow-mcp-vzeman-odoo-mcp-server (=0.2.0) +5 more potentially affected by CVE-2025-53365 via mcp (=1.0.0)
mcp PYPI version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on mcp and may be impacted: - hakoniwa-pdu =1.2.8, =0.1.0, =1.0.0, =0.2.0, =0.2.2 Source cves: CVE-2025-53365 Source advisory: SNYK:PYTHON-MCP-10734136...
00-merlin-hu-mcpdemo-pipy (>=0.1.0 <=0.1.1), 00-renjing-mcp-server-pypi (=0.1.0) +22634 more potentially affected by CVE-2025-53366 via mcp (>=0.9.1 <=1.9.3)
mcp PYPI version =0.9.1, =0.1.0, =0.1.0, =0.1.2, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.5.3, =0.5.6 and more Source cves: CVE-2025-53366 Source advisory: OSV:GHSA-3QHF-M339-9G5V...
00-merlin-hu-mcpdemo-pipy (>=0.1.0 <=0.1.1), 00-renjing-mcp-server-pypi (=0.1.0) +22632 more potentially affected by CVE-2025-53366 via mcp (>=1.0.0 <=1.9.3)
mcp PYPI version =1.0.0, =0.1.0, =0.1.0, =0.1.2, =0.1.1, =0.1.0, =0.1.0, =0.1.0, =0.5.3, =0.5.6 and more Source cves: CVE-2025-53366 Source advisory: SNYK:PYTHON-MCP-10734137...
astra-assistants (>=2.3.0 <=2.4.5), fiftyone-mcp-server (>=0.1.0 <=0.1.2) +14 more potentially affected by CVE-2025-53365 via mcp (>=0.9.1 <=1.0.0)
mcp PYPI version =0.9.1, =2.3.0, =0.1.0, =1.2.8, =0.1.0, =1.0.0, =3.0.16, =0.2.0, =0.0.4, =0.0.5 - web-browser-mcp =0.1.1 and more Source cves: CVE-2025-53365 Source advisory: OSV:GHSA-J975-95F5-7WQH...
io.zipkin:benchmarks (=2.22.1) potentially affected by CVE-2025-53602 via io.zipkin:zipkin-server (=2.22.1)
io.zipkin:zipkin-server MAVEN version =2.22.1 is affected by a known vulnerability. The following packages have a transitive dependency on io.zipkin:zipkin-server and may be impacted: - io.zipkin:benchmarks =2.22.1 Source cves: CVE-2025-53602 Source advisory: SNYK:JAVA-IOZIPKIN-10639631...
io.zipkin:benchmarks (=2.22.1) potentially affected by CVE-2025-53602 via io.zipkin:zipkin-server (=2.22.1)
io.zipkin:zipkin-server MAVEN version =2.22.1 is affected by a known vulnerability. The following packages have a transitive dependency on io.zipkin:zipkin-server and may be impacted: - io.zipkin:benchmarks =2.22.1 Source cves: CVE-2025-53602 Source advisory: OSV:GHSA-794X-8X6X-QPFC...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2025-52554 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2025-52554 Source advisory: OSV:GHSA-GQ57-V332-7666...
aeiva (>=0.8.1 <=0.8.2.6), ag-ui-crewai (>=0.1.0 <=0.2.0) +214 more potentially affected by CVE-2025-45809 via litellm (>=1.48.7 <=1.74.9)
litellm PYPI version =1.48.7, =0.8.1, =0.1.0, =0.1.0, =0.3.1, =1.1.2, =1.4.3, =0.1.0, =0.2.0, =0.1.1, =0.5.0, =0.1.0, =0.61.0, =0.85.2 and more Source cves: CVE-2025-45809 Source advisory: SNYK:PYTHON-LITELLM-10598343...
@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2025-49595 via n8n (>=0.138.0 <=0.93.0)
n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2025-49595 Source advisory: OSV:GHSA-PR9R-GXGP-9RM8...
org.lucee:aws-sm (>=1.0.0.5-RC <=1.1.0.0-BETA), org.lucee:debugger (=3.0.0.4) +6 more potentially affected by CVE-2025-34074 via org.lucee:lucee (>=6.1.1.118 <=7.0.0.395)
org.lucee:lucee MAVEN version =6.1.1.118, =1.0.0.5-RC, =1.0.0.0-ALPHA, =1.0.0.0-ALPHA, =3.0.0.0-ALPHA, =1.0.0.17-BETA, =2.1.0.0-BETA, =2.1.0.4-BETA Source cves: CVE-2025-34074 Source advisory: SNYK:JAVA-ORGLUCEE-10587798...
eth-utils (>=0.1.1 <=0.2.0), evm (>=0.31.1 <=0.36.0) +11 more potentially affected by CVE-2025-53359 via ethereum (>=0.10.0 <=0.12.0)
ethereum CARGO version =0.10.0, =0.1.1, =0.31.1, =1.0.0, =1.0.1 - ovr-evm-precompile-ed25519 =2.0.0 - ovr-evm-precompile-modexp =2.0.0 - ovr-evm-precompile-sha3fips =2.0.0 - ovr-evm-test-vector-support =1.0.0 - ovr-fp-evm =3.0.0 - uethers =0.1.0 Source cves: CVE-2025-53359 Source advisory:...
@flinkhouse/servers (=0.6.2), @iflow-mcp/leadfarmer-ai-mcp-server-example (>=1.0.0 <=1.0.2) +9 more potentially affected by CVE-2025-34072 via @modelcontextprotocol/server-slack (=2025.4.25)
@modelcontextprotocol/server-slack NPM version =2025.4.25 is affected by a known vulnerability. The following packages have a transitive dependency on @modelcontextprotocol/server-slack and may be impacted: - @flinkhouse/servers =0.6.2 - @iflow-mcp/leadfarmer-ai-mcp-server-example =1.0.0, =1.0.0,...
edu.berkeley.cs:rocket-dsptools_2.12 (>=1.2.0 <=1.2.6) potentially affected by CVE-2025-45006 via edu.berkeley.cs:rocketchip_2.12 (>=1.2.0-RC1 <=1.2.6)
edu.berkeley.cs:rocketchip2.12 MAVEN version =1.2.0-RC1, =1.2.0, =1.2.6 Source cves: CVE-2025-45006 Source advisory: SNYK:JAVA-EDUBERKELEYCS-11188144...
@iflow-mcp/alibabacloud-dataworks-mcp-server (=1.0.43), @mseep/alibabacloud-dataworks-mcp-server (=1.0.36) +1 more potentially affected by CVE-2025-53110 via @modelcontextprotocol/server-filesystem (=2025.3.28)
@modelcontextprotocol/server-filesystem NPM version =2025.3.28 is affected by a known vulnerability. The following packages have a transitive dependency on @modelcontextprotocol/server-filesystem and may be impacted: - @iflow-mcp/alibabacloud-dataworks-mcp-server =1.0.43 -...
@kakashi-ventures-accelerator/catalyst-cli (=0.1.0), @mew-protocol/mew (>=0.5.0 <=0.11.0) +1 more potentially affected by CVE-2025-53110 via @modelcontextprotocol/server-filesystem (=0.6.2)
@modelcontextprotocol/server-filesystem NPM version =0.6.2 is affected by a known vulnerability. The following packages have a transitive dependency on @modelcontextprotocol/server-filesystem and may be impacted: - @kakashi-ventures-accelerator/catalyst-cli =0.1.0 - @mew-protocol/mew =0.5.0,...
@kakashi-ventures-accelerator/catalyst-cli (=0.1.0), @mew-protocol/mew (>=0.5.0 <=0.11.0) +1 more potentially affected by CVE-2025-53109 via @modelcontextprotocol/server-filesystem (=0.6.2)
@modelcontextprotocol/server-filesystem NPM version =0.6.2 is affected by a known vulnerability. The following packages have a transitive dependency on @modelcontextprotocol/server-filesystem and may be impacted: - @kakashi-ventures-accelerator/catalyst-cli =0.1.0 - @mew-protocol/mew =0.5.0,...
@iflow-mcp/alibabacloud-dataworks-mcp-server (=1.0.43), @mseep/alibabacloud-dataworks-mcp-server (=1.0.36) +1 more potentially affected by CVE-2025-53109 via @modelcontextprotocol/server-filesystem (=2025.3.28)
@modelcontextprotocol/server-filesystem NPM version =2025.3.28 is affected by a known vulnerability. The following packages have a transitive dependency on @modelcontextprotocol/server-filesystem and may be impacted: - @iflow-mcp/alibabacloud-dataworks-mcp-server =1.0.43 -...
app.getxray:xray-junit-extensions (=0.10.0), com.android.tools.screenshot:screenshot-validation-junit-engine (>=0.0.1-alpha11 <=0.0.1-alpha15) +23 more potentially affected by CVE-2025-53103 via org.junit.platform:junit-platform-reporting (>=1.12.0-M1 <=1.13.1)
org.junit.platform:junit-platform-reporting MAVEN version =1.12.0-M1, =0.0.1-alpha11, =5.2.0, =4.0.24, =1.12.0, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.1, =0.103.4, =0.103.1, =0.103.1, =0.103.1, =0.104.2 - org.projectnessie.nessie:nessie-versioned-storage-common-tests...
cbs-sentry-dingding (=1.0.24), cbs-sentry-qyweixin (=1.0.1) +47 more potentially affected by CVE-2025-53099 via sentry (=20.8.0)
sentry PYPI version =20.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on sentry and may be impacted: - cbs-sentry-dingding =1.0.24 - cbs-sentry-qyweixin =1.0.1 - csnp =0.0.5, =1.0.0, =0.2.4, =1.0.0, =0.1.0, =0.4.0, =0.1.0, =0.2.0 and more Source cve...
org.graylog.plugins:graylog-plugin-parent (>=6.2.0 <=6.2.14), org.graylog.plugins:graylog-plugin-web-parent (>=6.2.0 <=6.2.14) potentially affected by CVE-2025-53106 via org.graylog2:graylog2-server (>=6.2.0 <=6.2.3)
org.graylog2:graylog2-server MAVEN version =6.2.0, =6.2.0, =6.2.0, =6.2.14 Source cves: CVE-2025-53106 Source advisory: OSV:GHSA-3M86-C9X3-VWM9...
org.graylog.plugins:graylog-plugin-parent (>=6.2.0 <=6.2.14), org.graylog.plugins:graylog-plugin-web-parent (>=6.2.0 <=6.2.14) potentially affected by CVE-2025-53106 via org.graylog2:graylog2-server (>=6.2.0 <=6.2.3)
org.graylog2:graylog2-server MAVEN version =6.2.0, =6.2.0, =6.2.0, =6.2.14 Source cves: CVE-2025-53106 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10571076...
0.app1 (=1.0.52), 0.edsql (>=1.0.49 <=1.0.50) +1809 more potentially affected by CVE-2024-46993 via electron (>=0.1.2 <=28.2.3)
electron NPM version =0.1.2, =1.0.49, =1.0.49, =1.0.49, =1.0.0, =1.0.0, =1.0.6, =1.0.1, =1.0.0, =4.0.23, =0.0.1, =0.0.2 and more Source cves: CVE-2024-46993 Source advisory: OSV:GHSA-6R2X-8PQ8-9489...
@devsoutinho/alfred-currency-converter (>=2.0.0 <=2.1.1), @felixcatto/ui (>=0.0.14 <=0.0.32) +13 more potentially affected by CVE-2025-45143 via string-math (=1.2.2)
string-math NPM version =1.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on string-math and may be impacted: - @devsoutinho/alfred-currency-converter =2.0.0, =0.0.14, =0.4.0-beta.2, =1.5.12, =0.1.47, =0.0.32, =2.0.0, =4.0.0, =1.0.0, =1.2.0, =1.0.8,...
cloud.genesys:web-messaging-sdk (>=3.0.0 <=5.0.0), cn.acooly:acooly-auth-wechat-authenticator (=5.2.1) +557 more potentially affected by CVE-2025-5878 via org.owasp.esapi:esapi (>=2.0GA <=2.6.2.0)
org.owasp.esapi:esapi MAVEN version =2.0GA, =3.0.0, =5.0.0 - cn.acooly:acooly-auth-wechat-authenticator =5.2.1 - cn.dceast.platform:platform-security-starter =2.2.3 - com.acooly:acooly-component-account =5.2.1 - com.acooly:acooly-component-app =5.2.1 - com.acooly:acooly-component-assetmgmt =5.2.1...
com.ing.baker:bakery-interaction-k8s-interaction-manager_2.13 (>=3.6.2 <=5.0.0), com.ing.baker:bakery-state-k8s_2.13 (=3.5.0) +8 more potentially affected by CVE-2025-53393 via com.typesafe.akka:akka-cluster-metrics_2.13 (>=2.6.11 <=2.9.0-M2)
com.typesafe.akka:akka-cluster-metrics2.13 MAVEN version =2.6.11, =3.6.2, =3.5.0, =22.10.0, =0.1.6, =2.9.1, =3.30.0, =3.31.0 Source cves: CVE-2025-53393 Source advisory: SNYK:JAVA-COMTYPESAFEAKKA-10567746...
cc.akkaha:asura-cluster_2.12 (>=0.2.0 <=0.6.0), com.adobe.api.platform.runtime:mesos-actor (>=0.0.8_2.12 <=0.0.33) +42 more potentially affected by CVE-2025-53393 via com.typesafe.akka:akka-cluster-metrics_2.12 (>=2.4.16 <=2.7.0)
com.typesafe.akka:akka-cluster-metrics2.12 MAVEN version =2.4.16, =0.2.0, =0.0.82.12, =3.6.0, =3.3.0, =0.1.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =3.1.0-35emr770 and more Source cves: CVE-2025-53393 Source advisory: SNYK:JAVA-COMTYPESAFEAKKA-10567747...
angr (>=8.18.10.5 <=9.2.221), angr-management (>=9.0.4378 <=9.2.221) +30 more potentially affected by unknown CVE via pyvex (>=8.18.10.25 <=9.2.99)
pyvex PYPI version =8.18.10.25, =8.18.10.5, =9.0.4378, =1.0.0rc2, =1.0.7, =1.0.4, =9.0.4378, =9.0.5610, =1.0.0, =0.2.0, =0.0.1, =9.0.4378, =1.0.3, =0.0.1, =0.1.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:OSV-2025-500...
com.apzda.cloud:apzda-cloud-gsvc-seata (>=1.2.22 <=3.4.0), io.xuxiaowei.seata:seata-server (>=2.1.0 <=2.2.0) +56 more potentially affected by CVE-2024-47552 +1 more via org.apache.seata:seata-config-core (>=2.1.0 <=2.2.0)
org.apache.seata:seata-config-core MAVEN version =2.1.0, =1.2.22, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.2.0 and more Source cves: CVE-2024-47552, CVE-2025-32897 Source advisory: OSV:GHSA-M964-FJRH-XXQ2...
dbgpt-app (=0.8.0rc1), dbgpt-client (>=0.7.0 <=0.8.0rc1) +2 more potentially affected by CVE-2025-6772 via dbgpt (=0.8.0)
dbgpt PYPI version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbgpt and may be impacted: - dbgpt-app =0.8.0rc1 - dbgpt-client =0.7.0, =0.7.0, =0.8.0, =0.8.0rc1 Source cves: CVE-2025-6772 Source advisory: SNYK:PYTHON-DBGPT-10562212...
jllama-py (>=1.0.0 <=1.1.14) potentially affected by CVE-2025-53002 via llamafactory (=0.9.3)
llamafactory PYPI version =0.9.3 is affected by a known vulnerability. The following packages have a transitive dependency on llamafactory and may be impacted: - jllama-py =1.0.0, =1.1.14 Source cves: CVE-2025-53002 Source advisory: OSV:GHSA-XJ56-P8MM-QMXJ...
airflow-oracle-snowflake-plugin (>=0.1.0 <=0.1.2), airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0) +4 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (>=1.1.0 <=6.13.0)
apache-airflow-providers-snowflake PYPI version =1.1.0, =0.1.0, =20221202.9.0, =0.0.4, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source advisory: OSV:GHSA-9R64-3WMC-X8M8...
dtwpy (=0.1.0), pdistributionpy (=0.2.0) +1 more potentially affected by CVE-2013-1424 via matplotlib (>=1.3.1 <=1.4.3)
matplotlib PYPI version =1.3.1, =1.4.3 is affected by a known vulnerability. The following packages have a transitive dependency on matplotlib and may be impacted: - dtwpy =0.1.0 - pdistributionpy =0.2.0 - riboplot =0.1.0 Source cves: CVE-2013-1424 Source advisory: SNYK:PYTHON-MATPLOTLIB-10556355...
@adobe/helix-cli (>=0.10.6 <=0.13.4-pre.13), @koa_web/boot (=2.0.9) +19 more potentially affected by CVE-2025-6624 via snyk (>=0.5.0 <=1.1297.1)
snyk NPM version =0.5.0, =0.10.6, =1.456.660, =1.0.5, =1.0.7, =0.1.1, =1.3.6, =2.0.0, =0.1.6, =0.0.1, =0.0.29, =2.9.2, =2.9.3 and more Source cves: CVE-2025-6624 Source advisory: OSV:GHSA-6HWC-9H8R-3VMF...
@adobe/helix-cli (>=0.10.6 <=0.13.4-pre.13), @koa_web/boot (=2.0.9) +18 more potentially affected by CVE-2025-6624 via snyk (>=1.103.2 <=1.1297.1)
snyk NPM version =1.103.2, =0.10.6, =1.456.660, =1.0.7, =0.1.1, =1.3.6, =2.0.0, =0.1.6, =0.0.1, =0.0.29, =2.9.2, =2.9.3 - web-ext-build =0.0.11 and more Source cves: CVE-2025-6624 Source advisory: SNYK:JS-SNYK-10497607...
cosmos-predict2 (>=1.0.6 <=1.0.9), frankenstein-model (>=5.1.6 <=5.3.9) +8 more potentially affected by CVE-2025-23264 via megatron-core (=0.10.0)
megatron-core PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on megatron-core and may be impacted: - cosmos-predict2 =1.0.6, =5.1.6, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.9 Source cves: CVE-2025-23264...
cosmos-predict2 (>=1.0.6 <=1.0.9), frankenstein-model (>=5.1.6 <=5.3.9) +8 more potentially affected by CVE-2025-23265 via megatron-core (=0.10.0)
megatron-core PYPI version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on megatron-core and may be impacted: - cosmos-predict2 =1.0.6, =5.1.6, =1.0.0, =2.0.8, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.9 Source cves: CVE-2025-23265...
airflow-oracle-snowflake-plugin (>=0.1.0 <=0.1.2), airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0) +4 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (>=1.1.0 <=6.13.0)
apache-airflow-providers-snowflake PYPI version =1.1.0, =0.1.0, =20221202.9.0, =0.0.4, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source advisory: OSV:PYSEC-2025-51...
airflow-provider-cloe (>=20221202.9.0 <=20221202.13.0), astronomer-providers (=1.0.0) +2 more potentially affected by CVE-2025-50213 via apache-airflow-providers-snowflake (=6.13.0)
apache-airflow-providers-snowflake PYPI version =6.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow-providers-snowflake and may be impacted: - airflow-provider-cloe =20221202.9.0, =0.1.0, =0.1.1 Source cves: CVE-2025-50213 Source...
org.webjars.npm:ethereum-cryptography (=0.1.3), org.webjars.npm:parse-asn1 (>=5.0.0 <=5.1.6) potentially affected by CVE-2025-6547 via org.webjars.npm:pbkdf2 (=3.1.2)
org.webjars.npm:pbkdf2 MAVEN version =3.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:pbkdf2 and may be impacted: - org.webjars.npm:ethereum-cryptography =0.1.3 - org.webjars.npm:parse-asn1 =5.0.0, =5.1.6 Source cves: CVE-2025-654...
@0cfg/utils-node (>=0.1.2 <=0.1.8), @b0ase/path402-api (=4.0.0-alpha.1) +262 more potentially affected by CVE-2025-6547 via pbkdf2 (>=3.0.12 <=3.1.2)
pbkdf2 NPM version =3.0.12, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =2.38.0, =1.45.0, =1.1.14, =1.20.2, =1.3.13, =3.8.1, =4.26.0 and more Source cves: CVE-2025-6547 Source advisory: OSV:GHSA-V62P-RQ8G-8H59...
@0cfg/utils-node (>=0.1.2 <=0.1.8), @b0ase/path402-api (=4.0.0-alpha.1) +262 more potentially affected by CVE-2025-6545 via pbkdf2 (>=3.0.12 <=3.1.2)
pbkdf2 NPM version =3.0.12, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =2.38.0, =1.45.0, =1.1.14, =1.20.2, =1.3.13, =3.8.1, =4.26.0 and more Source cves: CVE-2025-6545 Source advisory: OSV:GHSA-H7CP-R72F-JXH6...
org.webjars.npm:ethereum-cryptography (=0.1.3), org.webjars.npm:parse-asn1 (>=5.0.0 <=5.1.6) potentially affected by CVE-2025-6545 via org.webjars.npm:pbkdf2 (=3.1.2)
org.webjars.npm:pbkdf2 MAVEN version =3.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:pbkdf2 and may be impacted: - org.webjars.npm:ethereum-cryptography =0.1.3 - org.webjars.npm:parse-asn1 =5.0.0, =5.1.6 Source cves: CVE-2025-654...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +411 more potentially affected by CVE-2025-2828 via langchain (>=0.0.100 <=0.1.11)
langchain PYPI version =0.0.100, =0.1.7, =0.2.1, =0.1.0, =0.1.0, =0.1.5, =0.0.2, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.8 - airda =0.0.3 and more Source cves: CVE-2025-2828 Source advisory: SNYK:PYTHON-LANGCHAIN-10496413...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)
langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: SNYK:PYTHON-LANGCHAINCOMMUNITY-10496412...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)
langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:GHSA-H5GC-RM8J-5GPR...
1shot (>=0.0.3 <=0.0.9), @4via6/relay (>=1.0.0 <=1.1.3) +222 more potentially affected by CVE-2025-52882 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.128)
@anthropic-ai/claude-code NPM version =0.2.126, =0.0.3, =1.0.0, =0.1.18, =1.0.0, =0.4.0, =0.2.3, =0.0.1, =0.0.1, =0.0.55, =0.0.69 - @brandongtr/rule-agent-cli =1.0.1-beta.0 and more Source cves: CVE-2025-52882 Source advisory: OSV:GHSA-9F65-56V6-GXW7...
a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +145 more potentially affected by CVE-2025-2828 via langchain-community (>=0.0.1 <=0.0.27)
langchain-community PYPI version =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.1.0, =0.1.5, =0.0.13, =0.0.14 - bisheng-langchain =0.2.3.1 and more Source cves: CVE-2025-2828 Source advisory: OSV:PYSEC-2025-70...
ai.starlake:quack-on-demand_3 (>=0.1.0 <=0.3.1), ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=1.19.0 <=1.23.0) +2790 more potentially affected by CVE-2025-49574 via io.vertx:vertx-core (>=4.5.12 <=4.5.15)
io.vertx:vertx-core MAVEN version =4.5.12, =0.1.0, =1.19.0, =1.19.0, =1.19.0, =1.19.0, =1.19.0, =1.19.0, =24.9.7, =24.9.7, =24.9.7, =24.9.7, =24.9.7, =24.9.7, =24.9.7, =24.9.7, =25.3.10 and more Source cves: CVE-2025-49574 Source advisory: SNYK:JAVA-IOVERTX-10495500...
ai.timefold.solver:timefold-solver-quarkus-benchmark-integration-test (>=0.8.38 <=1.15.0), ai.timefold.solver:timefold-solver-quarkus-devui-integration-test (>=0.8.38 <=1.15.0) +3074 more potentially affected by CVE-2025-49574 via io.quarkus:quarkus-vertx (>=0.11.0 <=3.15.5)
io.quarkus:quarkus-vertx MAVEN version =0.11.0, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.1.0-quarkus-3.15-RC2, =0.1.0-quarkus-3.15-RC2, =1.0.4, =1.0.4, =0.0.2-alpha, =0.0.3-alpha, =0.0.10-alpha, =1.3.0-alpha-0 - br.com.senior:seniorx-integration-parameters-api...
abadpour (>=6.13.1 <=7.24.1), abcli (>=9.273.1 <=9.572.1) +673 more potentially affected by CVE-2025-52967 via mlflow (>=3.0.0rc2 <=3.13.0)
mlflow PYPI version =3.0.0rc2, =6.13.1, =9.273.1, =2.0.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.1.0, =1.0.0, =0.1.0, =0.20.9, =0.21.11 and more Source cves: CVE-2025-52967 Source advisory: OSV:GHSA-WXJ7-3FX5-PP9M...