ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2026-8751 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2026-8751 Source advisory: SNYK:JAVA-AIH2O-17191958...

@openinc/parse-server-opendash (>=3.31.25 <=4.0.34) potentially affected by CVE-2026-47138 via parse-server (>=9.6.0-alpha.37 <=9.9.0)

parse-server NPM version =9.6.0-alpha.37, =3.31.25, =4.0.34 Source cves: CVE-2026-47138 Source advisory: SNYK:JS-PARSESERVER-16874023...

an-website (>=24.12.0 <=25.2.0), graphtomation (>=0.0.6 <=0.2.0) +5 more potentially affected by CVE-2021-47952 via jsonpickle (>=4.0.0 <=4.0.1)

jsonpickle PYPI version =4.0.0, =24.12.0, =0.0.6, =4.0.0, =0.1.0, =0.1.1, =0.5.8, =0.5.9 Source cves: CVE-2021-47952 Source advisory: SNYK:PYTHON-JSONPICKLE-16755449...

airalogy-engine (=0.0.2) potentially affected by CVE-2026-46703 via boxlite (=0.8.2)

boxlite PYPI version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on boxlite and may be impacted: - airalogy-engine =0.0.2 Source cves: CVE-2026-46703 Source advisory: SNYK:PYTHON-BOXLITE-16787374...

@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46703 via @boxlite-ai/boxlite (=0.8.2)

@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46703 Source advisory: SNYK:JS-BOXLITEAIBOXLITE-16787373...

@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46695 via @boxlite-ai/boxlite (=0.8.2)

@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46695 Source advisory: SNYK:JS-BOXLITEAIBOXLITE-16787353...

airalogy-engine (=0.0.2) potentially affected by CVE-2026-46695 via boxlite (=0.8.2)

boxlite PYPI version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on boxlite and may be impacted: - airalogy-engine =0.0.2 Source cves: CVE-2026-46695 Source advisory: SNYK:PYTHON-BOXLITE-16787350...

com.oviva.telematik:epa4all-rest-service (>=0.0.4 <=1.2.1) potentially affected by CVE-2026-45575 via com.oviva.telematik:epa4all-client (>=0.0.4 <=1.2.1)

com.oviva.telematik:epa4all-client MAVEN version =0.0.4, =0.0.4, =1.2.1 Source cves: CVE-2026-45575 Source advisory: OSV:GHSA-GQX7-6552-67HF...

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799798...

com.datasqrl:sqrl-discovery (>=0.9.0-alpha1 <=0.9.0-alpha2), com.datasqrl:sqrl-planner (>=0.9.0-alpha1 <=0.9.0-alpha2) +2 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =2.1.0, =2.1.1 Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.datasqrl.flinkrunner:datagen-connectors (=0.10.1), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0 <=0.10.1) +75 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (=2.2.0)

org.apache.flink:flink-table-api-java MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-api-java and may be impacted: - com.datasqrl.flinkrunner:datagen-connectors =0.10.1 -...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +348 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-api-java MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.5.6.2 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4), com.datasqrl:sqrl-planner (>=0.9.0 <=0.10.4) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (=2.2.0)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-planner2.12 and may be impacted: - com.datasqrl:sqrl-discovery =0.9.0, =0.9.0, =0.9.0, =0.2.0, =0.2.0, =0.2.0,...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +348 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-api-java MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.5.6.2 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799798...

com.datasqrl.flinkrunner:stdlib-json (>=0.9.0 <=0.10.1), com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4) +17 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (=2.2.0)

org.apache.flink:flink-table-runtime MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-runtime and may be impacted: - com.datasqrl.flinkrunner:stdlib-json =0.9.0, =0.9.0, =0.9.0, =0.9.0, =2.2.0-EXNESS-0.1...

com.datasqrl.flinkrunner:stdlib-json (>=0.9.0-alpha1 <=0.9.0-alpha2), com.datasqrl:sqrl-discovery (>=0.9.0-alpha1 <=0.9.0-alpha2) +14 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-runtime MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799797...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +184 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-runtime MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.4.0, =1.4.0, =1.0, =1.0.1 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799797...

com.datasqrl.flinkrunner:stdlib-json (>=0.9.0 <=0.10.1), com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4) +17 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (=2.2.0)

org.apache.flink:flink-table-runtime MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-runtime and may be impacted: - com.datasqrl.flinkrunner:stdlib-json =0.9.0, =0.9.0, =0.9.0, =0.9.0, =2.2.0-EXNESS-0.1...

cn.ibizlab.plugin:ibiz-dataflow-flink (>=8.1.0.371 <=8.1.0.567.22), cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7) +184 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-runtime MAVEN version =1.15.0, =8.1.0.371, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =0.5.0, =0.5.0, =1.4.0, =1.4.0, =1.4.0, =1.0, =1.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7), cn.sliew:flinkful-sql-catalog (>=1.0.3 <=1.0.7) +102 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-planner2.12 MAVEN version =1.15.0, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0, =0.1, =0.6.1, =0.6.1, =1.17-2.5.2, =2.5.1-flink-1.17 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

org.apache.doris:flink-doris-connector-2.0 (>=26.0.0 <=26.1.1), org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-runtime MAVEN version =2.0.0, =26.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.datasqrl.flinkrunner:stdlib-json (>=0.9.0-alpha1 <=0.9.0-alpha2), com.datasqrl:sqrl-discovery (>=0.9.0-alpha1 <=0.9.0-alpha2) +14 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-runtime MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

org.apache.doris:flink-doris-connector-2.0 (>=26.0.0 <=26.1.1), org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-runtime (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-runtime MAVEN version =2.0.0, =26.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799797...

com.couchbase.client.flink-connector-couchbase_2.12:flink-connector-couchbase_2.12 (=0.5.0), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0-alpha1 <=0.9.0-alpha2) +29 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-api-java MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =0.2.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory:...

org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799799...

org.apache.flink:flink-examples-table_2.12 (>=2.0.0 <=2.0.1) potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=2.0.0 <=2.0.1)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.0.0, =2.0.0, =2.0.1 Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.datasqrl:sqrl-discovery (>=0.9.0-alpha1 <=0.9.0-alpha2), com.datasqrl:sqrl-planner (>=0.9.0-alpha1 <=0.9.0-alpha2) +2 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =2.1.0, =2.1.1 Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799799...

cn.sliew:flinkful-cli-descriptor-examples (>=1.0.2 <=1.0.7), cn.sliew:flinkful-sql-catalog (>=1.0.3 <=1.0.7) +102 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (>=1.15.0 <=1.20.3)

org.apache.flink:flink-table-planner2.12 MAVEN version =1.15.0, =1.0.2, =1.0.3, =1.0.0, =1.0.2, =1.0, =0.1, =0.6.1, =0.6.1, =1.17-2.5.2, =2.5.1-flink-1.17 and more Source cves: CVE-2026-35194 Source advisory: SNYK:JAVA-ORGAPACHEFLINK-16799799...

com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4), com.datasqrl:sqrl-planner (>=0.9.0 <=0.10.4) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (=2.2.0)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-planner2.12 and may be impacted: - com.datasqrl:sqrl-discovery =0.9.0, =0.9.0, =0.9.0, =0.2.0, =0.2.0, =0.2.0,...

com.datasqrl.flinkrunner:datagen-connectors (=0.10.1), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0 <=0.10.1) +75 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (=2.2.0)

org.apache.flink:flink-table-api-java MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-api-java and may be impacted: - com.datasqrl.flinkrunner:datagen-connectors =0.10.1 -...

com.couchbase.client.flink-connector-couchbase_2.12:flink-connector-couchbase_2.12 (=0.5.0), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0-alpha1 <=0.9.0-alpha2) +29 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.1.0 <=2.1.1)

org.apache.flink:flink-table-api-java MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =0.2.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...

com.oviva.telematik:epa4all-rest-service (>=0.0.4 <=1.2.1) potentially affected by CVE-2026-45574 via com.oviva.telematik:epa4all-client (>=0.0.4 <=1.2.1)

com.oviva.telematik:epa4all-client MAVEN version =0.0.4, =0.0.4, =1.2.1 Source cves: CVE-2026-45574 Source advisory: OSV:GHSA-5HHF-XMFX-4VVR...

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-45717 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-45717 Source advisory: OSV:GHSA-44M2-CRH7-F4Q2...

@budibase/cli (>=3.0.0 <=3.2.26), @budibase/pro (>=3.0.0 <=3.2.26) +2 more potentially affected by CVE-2026-45715 via @budibase/backend-core (>=3.0.0 <=3.2.7)

@budibase/backend-core NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-45715 Source advisory: SNYK:JS-BUDIBASEBACKENDCORE-16759681...

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-45715 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-45715 Source advisory: OSV:GHSA-FGQV-JH4G-PVG2...

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-45548 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-45548 Source advisory: OSV:GHSA-RPJ4-7X2V-WJRF...

@better-auth/cli (>=1.5.0-beta.10 <=1.5.0-beta.13), @onmax/nuxt-better-auth (>=0.0.2-alpha.14 <=0.0.2-alpha.32) +2 more potentially affected by CVE-2026-45364 via better-auth (>=1.5.0-beta.10 <=1.5.0-beta.20)

better-auth NPM version =1.5.0-beta.10, =1.5.0-beta.10, =0.0.2-alpha.14, =1.5.0-beta.15, =0.0.2-beta.19, =0.0.10-beta.25 Source cves: CVE-2026-45364 Source advisory: OSV:GHSA-P6V2-XCPG-H6XW...

@alstar/studio (=0.0.0-beta.20), @better-auth/cli (>=0.0.1 <=1.4.1-beta.1) +66 more potentially affected by CVE-2026-45364 via better-auth (>=0.4.10-beta.10 <=1.4.16)

better-auth NPM version =0.4.10-beta.10, =0.0.1, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.27, =1.3.26, =1.3.27, =0.18.0, =0.5.2, =1.0.2, =1.0.2, =1.0.2, =1.0.3 and more Source cves: CVE-2026-45364 Source advisory: OSV:GHSA-P6V2-XCPG-H6XW...

9gen (>=0.0.23 <=0.1.1), @1sat/connect (>=0.0.15 <=0.0.68) +810 more potentially affected by unknown CVE via better-auth (>=0.4.10-beta.10 <=1.6.12)

better-auth NPM version =0.4.10-beta.10, =0.0.23, =0.0.15, =0.0.16, =0.0.1, =0.260505.5, =1.0.0, =0.6.1, =0.0.13, =0.3.3, =0.2.0, =0.0.110, =0.0.110, =0.1.41, =0.0.110, =2.0.0-beta.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-WXW3-Q3M9-C3JR...

9gen (>=0.0.23 <=0.1.1), @1sat/connect (>=0.0.15 <=0.0.68) +808 more potentially affected by unknown CVE via better-auth (>=1.0.0-canary.10 <=1.6.12)

better-auth NPM version =1.0.0-canary.10, =0.0.23, =0.0.15, =0.0.16, =0.0.1, =0.260505.5, =1.0.0, =0.6.1, =0.0.13, =0.3.3, =0.2.0, =0.0.110, =0.0.110, =0.1.41, =0.0.110, =2.0.0-beta.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-BETTERAUTH-16722768...

calibrate-agent (>=0.0.1 <=0.0.35), nvidia-pipecat (=0.4.0) +2 more potentially affected by CVE-2026-44716 via pipecat-ai (>=0.0.90 <=0.0.98)

pipecat-ai PYPI version =0.0.90, =0.0.1, =1.6.1.dev8325111910350515310, =1.7.1.dev260424103102100484 Source cves: CVE-2026-44716 Source advisory: SNYK:PYTHON-PIPECATAI-16700145...

calibrate-agent (>=0.0.1 <=0.0.35), nvidia-pipecat (=0.4.0) +2 more potentially affected by CVE-2026-44716 via pipecat-ai (>=0.0.90 <=0.0.98)

pipecat-ai PYPI version =0.0.90, =0.0.1, =1.6.1.dev8325111910350515310, =1.7.1.dev260424103102100484 Source cves: CVE-2026-44716 Source advisory: OSV:GHSA-3363-2PH6-35WH...

nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +17 more potentially affected by CVE-2026-40092 via nimiq-keys (>=0.1.0 <=0.2.0)

nimiq-keys CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-40092 Source advisory: OSV:GHSA-27W2-87XV-37C6...

async-ssh2-tokio (>=0.2.0 <=0.8.11), dev-tunnels (=0.1.0) +6 more potentially affected by CVE-2026-46673 via russh (>=0.34.0 <=0.43.0)

russh CARGO version =0.34.0, =0.2.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.4.1 - sshrpc =0.1.0 - tunnels =0.1.0 Source cves: CVE-2026-46673 Source advisory: OSV:RUSTSEC-2026-0154...

databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +3 more potentially affected by CVE-2026-2652 via mlflow (>=3.0.0rc2 <=3.0.1)

mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =0.2.0.dev0, =0.6.7, =0.8.1 Source cves: CVE-2026-2652 Source advisory: SNYK:PYTHON-MLFLOW-16698137...

azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2652 via mlflow-skinny (>=3.0.0 <=3.0.1)

mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2652 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16698136...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +357 more potentially affected by CVE-2026-2652 via mlflow (>=0.8.2 <=3.10.1)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2026-2652 Source advisory: OSV:GHSA-75CM-X2W3-8MGF...

org.webjars.npm:event-calendar__core (>=3.1.0 <=3.7.1), org.webjars.npm:event-calendar__day-grid (=3.6.2) +2 more potentially affected by CVE-2026-42573 via org.webjars.npm:svelte (>=3.20.1 <=4.2.19)

org.webjars.npm:svelte MAVEN version =3.20.1, =3.1.0, =3.1.0, =3.6.2 - org.webjars.npm:stylesheet-switcher =3.0.0 Source cves: CVE-2026-42573 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16697542...

@budibase/server (>=3.32.1 <=3.38.1), @builders-of-stuff/svelte-sui-wallet-adapter (>=0.6.6 <=2.1.0) +65 more potentially affected by CVE-2026-42573 via svelte (>=5.0.0-next.1 <=5.55.5)

svelte NPM version =5.0.0-next.1, =3.32.1, =0.6.6, =4.0.0-alpha.1, =4.0.0-alpha.1, =0.1.0, =0.0.1, =1.3.0, =0.1.4, =0.0.20, =0.15.0, =1.1.0-beta.0, =5.0.0-next.80, =5.0.0-test.1 and more Source cves: CVE-2026-42573 Source advisory: SNYK:JS-SVELTE-16697541...