26517 matches found
@fedify/cli (>=2.2.0 <=2.2.3-dev.1098) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.2.0 <=2.2.3-dev.1098)
@fedify/fedify NPM version =2.2.0, =2.2.0, =2.2.3-dev.1098 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...
@fedify/botkit (>=0.4.0-dev.177 <=0.4.0-dev.181), @fedify/botkit-sqlite (>=0.4.0-dev.177 <=0.4.0-dev.181) potentially affected by CVE-2026-42462 via @fedify/fedify (=1.10.0)
@fedify/fedify NPM version =1.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @fedify/fedify and may be impacted: - @fedify/botkit =0.4.0-dev.177, =0.4.0-dev.177, =0.4.0-dev.181 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...
@fedify/cli (>=2.0.0 <=2.0.17) potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.0.0 <=2.0.17)
@fedify/fedify NPM version =2.0.0, =2.0.0, =2.0.17 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...
@fedify/botkit (>=0.4.0-dev.184 <=0.5.0-dev.198), @fedify/botkit-sqlite (>=0.4.0-dev.184 <=0.5.0-dev.198) +1 more potentially affected by CVE-2026-42462 via @fedify/fedify (>=2.1.0 <=2.1.13)
@fedify/fedify NPM version =2.1.0, =0.4.0-dev.184, =0.4.0-dev.184, =2.1.0, =2.1.13 Source cves: CVE-2026-42462 Source advisory: OSV:GHSA-9RFG-V8G9-9367...
433bf (=0.0.1), @aaqilniz/cli (=4.1.4) +554 more potentially affected by CVE-2026-42089 via yeoman-environment (>=2.9.5 <=6.0.0)
yeoman-environment NPM version =2.9.5, =4.2.0, =14.0.0, =1.0.0, =0.0.1, =1.0.0-beta.1, =1.0.0-beta.1, =0.0.5, =8.0.0, =8.3.0-pre.2022-06-22.sha-42703caf, =8.0.2, =1.0.0, =1.2.1-pre.2024-01-09.d13174d0, =2.1.0 and more Source cves: CVE-2026-42089 Source advisory: OSV:GHSA-VV9J-GJW2-J8WP...
io.netty.incubator:netty-incubator-codec-ohttp (>=0.0.1.Final <=0.0.19.Final), io.netty.incubator:netty-incubator-codec-ohttp-hpke-bouncycastle (>=0.0.10.Final <=0.0.19.Final) +2 more potentially affected by CVE-2026-41207 via io.netty.incubator:netty-incubator-codec-ohttp-hpke (>=0.0.10.Final <=0.0.1.Final)
io.netty.incubator:netty-incubator-codec-ohttp-hpke MAVEN version =0.0.10.Final, =0.0.1.Final, =0.0.10.Final, =0.0.10.Final, =0.0.10.Final, =0.0.19.Final Source cves: CVE-2026-41207 Source advisory: SNYK:JAVA-IONETTYINCUBATOR-17263840...
io.netty.incubator:netty-incubator-codec-ohttp-hpke-native-boringssl (>=0.0.10.Final <=0.0.19.Final) potentially affected by CVE-2026-41207 via io.netty.incubator:netty-incubator-codec-ohttp-hpke-classes-boringssl (>=0.0.10.Final <=0.0.19.Final)
io.netty.incubator:netty-incubator-codec-ohttp-hpke-classes-boringssl MAVEN version =0.0.10.Final, =0.0.10.Final, =0.0.19.Final Source cves: CVE-2026-41207 Source advisory: SNYK:JAVA-IONETTYINCUBATOR-17263833...
a-mailx (=0.1.0), abracadabra (>=0.0.0 <=0.0.7) +702 more potentially affected by CVE-2026-44896 via mistune (>=0.7.3 <=3.2.0)
mistune PYPI version =0.7.3, =0.0.0, =0.0.18, =2.0.0.post1, =0.3.0, =1.0.0, =0.1.0, =1.3.4, =1.0.47, =1.0.66, =0.9.5, =0.21.2, =1.0.0, =1.1.2 and more Source cves: CVE-2026-44896 Source advisory: OSV:PYSEC-2026-168...
@typebot.io/react (=0.10.0) potentially affected by CVE-2026-39964 via @typebot.io/js (=0.10.0)
@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-39964 Source advisory: OSV:GHSA-HQMV-V56G-4M47...
@typebot.io/react (=0.10.0) potentially affected by CVE-2026-39964 via @typebot.io/js (=0.10.0)
@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-39964 Source advisory: SNYK:JS-TYPEBOTIOJS-16895730...
@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)
@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: OSV:GHSA-6M7C-XFHP-P9FH...
@typebot.io/react (=0.10.0) potentially affected by CVE-2026-28445 via @typebot.io/js (=0.10.0)
@typebot.io/js NPM version =0.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on @typebot.io/js and may be impacted: - @typebot.io/react =0.10.0 Source cves: CVE-2026-28445 Source advisory: SNYK:JS-TYPEBOTIOJS-16895731...
ado-vllm-performance (>=1.2.2 <=1.3.3), agentclinic (=0.1.0) +37 more potentially affected by CVE-2026-9540 via vllm (>=0.10.0 <=0.19.0)
vllm PYPI version =0.10.0, =1.2.2, =0.0.0, =2.3.5, =0.2.0, =0.1.0, =1.0.1rc1, =0.0.4, =0.1.0, =0.3.9, =0.5.2, =0.1.0, =0.1.5, =0.2.0 - gfmrag =2.0.0 and more Source cves: CVE-2026-9540 Source advisory: OSV:GHSA-98F3-HWG4-4RF7...
aana (>=0.2.1 <=0.2.2.2), acai-swarm (=0.1.0) +218 more potentially affected by CVE-2026-9540 via vllm (>=0.10.0 <=0.9.2)
vllm PYPI version =0.10.0, =0.2.1, =1.2.1, =0.0.0, =2.3.5, =0.0.7, =0.0.1b1, =0.1.15, =0.2.4, =1.0.0, =1.0.14 and more Source cves: CVE-2026-9540 Source advisory: SNYK:PYTHON-VLLM-16887889...
@blitzjs/auth (>=2.0.0-alpha.1 <=2.0.0-danger.67), @blitzjs/codemod (>=0.0.0-a78bd33-20230114151431 <=3.0.2) +10 more potentially affected by CVE-2026-9520 via blitz (>=0.0.0-a78bd33-20230114151431 <=3.0.2)
blitz NPM version =0.0.0-a78bd33-20230114151431, =2.0.0-alpha.1, =0.0.0-a78bd33-20230114151431, =2.0.0-alpha.1, =2.0.0-alpha.1, =0.0.1, =1.0.1, =0.1.0, =0.0.1-h, =0.0.1, =1.2.1-d, =1.3.2-b Source cves: CVE-2026-9520 Source advisory: OSV:GHSA-H2P9-CR4H-PX24...
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +35 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-core (=3.0.0-alpha-1)
org.apache.shiro:shiro-core MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-core and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0....
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +27 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (=3.0.0-alpha-1)
org.apache.shiro:shiro-web MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-web and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0.3,...
br.com.caelum.vraptor:vraptor-shiro (>=4.0.0-RC2 <=4.0.0-beta-1), br.eti.arthurgregorio:shiro-ee (>=1.0.0 <=1.5.1) +1855 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (>=1.0.0-incubating <=2.1.0)
org.apache.shiro:shiro-web MAVEN version =1.0.0-incubating, =4.0.0-RC2, =1.0.0, =0.0.1, =1.0.0, =0.0.2, =0.0.21, =0.0.27, =0.0.2, =0.0.27, =0.0.1, =1.0.2, =1.0.0, =1.0.5 - cloud.opencode.base:opencode-base-token =1.0.0 and more Source cves: CVE-2026-43828 Source advisory: OSV:GHSA-C6R4-QJMW-CVJ2...
cloud.opencode.base:opencode-base-token (=1.0.0), com.flowlogix.depchain:shiro-jakarta (>=18 <=119) +22 more potentially affected by CVE-2026-44598 via org.apache.shiro:shiro-jakarta-ee (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-jakarta-ee MAVEN version =2.0.0-alpha-1, =18, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.82.10, =0.82.10, =4.7.0, =3.10.0, =3.10.0, =3.10.0, =4.5.0, =4.20.0 and more Source cves: CVE-2026-44598 Source advisory: OSV:GHSA-WPQM-4GWX-W843...
be.fluid-it.guice.extensions:guice-multi-shiro-realms (=0.1-1), be.fluid-it.shiro.jee:shiro-jee-authc (>=0.1-1 <=0.1-3) +3112 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-core (>=1.0.0-incubating <=2.1.0)
org.apache.shiro:shiro-core MAVEN version =1.0.0-incubating, =0.1-1, =4.0.0-RC2, =1.0.0, =0.0.1, =1.0.0, =0.0.2, =0.0.21, =0.0.27, =0.0.2, =0.0.27, =0.0.1, =1.0.2, =1.0.6 and more Source cves: CVE-2026-43827 Source advisory: OSV:GHSA-FCVM-3CPJ-F9QX...
org.apache.syncope.core.am:syncope-core-am-logic (>=4.1.0 <=4.1.0-M0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.1.0 <=4.1.0-M0) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (>=4.1.0-M0 <=4.1.0)
org.apache.syncope.core:syncope-core-spring MAVEN version =4.1.0-M0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0-M0 and more Source cves: CVE-2026-42782https://vu...
org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.16), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.16) +30 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M0 <=3.0.16)
org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.16 and more Source cves: CVE-2026-42782https://vulners.com/c...
org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.5) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (>=4.0.0-M0 <=4.0.5)
org.apache.syncope.core:syncope-core-spring MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.5 and more Source cves: CVE-2026-42782 Source advisory...
org.apache.syncope.core.am:syncope-core-am-logic (>=4.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.0.0 <=4.0.5) +36 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (>=4.0.0-M0 <=4.0.5)
org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =4.0.0-M0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.2, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.5 and more Source cves: CVE-2026-42797 Source advisory: OSV:...
org.apache.syncope.core.am:syncope-core-am-logic (>=4.1.0 <=4.1.0-M0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=4.1.0 <=4.1.0-M0) +36 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (>=4.1.0-M0 <=4.1.0)
org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =4.1.0-M0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0-M0 and more Source cves: CVE-2026-42797https://vulners.c...
org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=3.0.16), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=3.0.16) +34 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (>=3.0.0-M0 <=3.0.16)
org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =3.0.0-M0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.16 - org.apache.syncope.ext.camel:syncope-ext-camel-persistence-jpa =3.0.0-M0 and more Source cves:...
acceldata-o2a (=1.0.0), acryl-datahub-airflow-plugin (>=0.9.5.1rc1 <=1.3.1.post1) +116 more potentially affected by CVE-2026-46745 via apache-airflow-providers-fab (>=1.0.2b0 <=1.5.4rc1)
apache-airflow-providers-fab PYPI version =1.0.2b0, =0.9.5.1rc1, =1.4.0.3.post4, =1.4.0.3.post3, =0.4.0, =0.1.0a1, =1.3.0, =0.1.1, =0.1.1, =0.10.2, =0.0.1, =0.1.2 and more Source cves: CVE-2026-46745 Source advisory: OSV:GHSA-G283-W6FP-C4FC...
0221nodejs (>=1.0.0 <=1.0.3), 17chart.js (>=0.0.1-aplha <=0.0.39-alpha) +8413 more potentially affected by CVE-2026-45249 via echarts (>=2.2.1-amd-beta1 <=6.0.0)
echarts NPM version =2.2.1-amd-beta1, =1.0.0, =0.0.1-aplha, =0.0.0, =1.0.6-beta, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.8, =1.0.0, =1.0.0, =2.10.1, =1.0.0, =1.0.4 - @17mkh/ui =0.0.2 and more Source cves: CVE-2026-45249 Source advisory: OSV:GHSA-FGMJ-FM8M-JVVX...
gps-building-blocks (=1.2.2) potentially affected by CVE-2026-45361 via apache-airflow-providers-google (=1.0.0)
apache-airflow-providers-google PYPI version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow-providers-google and may be impacted: - gps-building-blocks =1.2.2 Source cves: CVE-2026-45361 Source advisory: OSV:GHSA-G9V5-GJWF-9RWX...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +47 more potentially affected by CVE-2026-41863 via org.springframework.ai:spring-ai-anthropic (>=1.1.0 <=1.1.6)
org.springframework.ai:spring-ai-anthropic MAVEN version =1.1.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =0.6.0, =0.3.0, =0.3.0, =0.1.0, =0.1.0, =0.4.0 and more Source cves: CVE-2026-41863 Source advisory: OSV:GHSA-CC4M-MP48-X7QG...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +356 more potentially affected by CVE-2026-2651 via mlflow (>=0.8.2 <=3.10.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2026-2651 Source advisory: OSV:GHSA-8C7Q-86FQ-VVMH...
chatlytics-hermes (>=3.0.0 <=3.0.1), mtmai (>=0.10.0 <=0.10.5) potentially affected by CVE-2026-9369 via hermes-agent (>=0.13.0 <=0.14.0)
hermes-agent PYPI version =0.13.0, =3.0.0, =0.10.0, =0.10.5 Source cves: CVE-2026-9369 Source advisory: OSV:GHSA-CV5C-MH6J-WVP9...
biz.devstack.springframework.boot:spring-boot-starter-api (>=1.0.0 <=1.2.1), biz.devstack:spring-boot-starter-api-quickstart (>=1.0.0 <=1.0.4) +852 more potentially affected by CVE-2026-9370 via com.github.ulisesbocchio:jasypt-spring-boot (>=3.0.0 <=4.0.4)
com.github.ulisesbocchio:jasypt-spring-boot MAVEN version =3.0.0, =1.0.0, =1.0.0, =1.0, =1.0.4.R, =1.1.1, =1.0.1, =1.0.7 - club.gclmit:chaos-spring-boot-starter =1.5.0.RELEASE - cn.com.tltim.pigx:mybatis-enhance =5.0.0-20240820 - cn.com.tltim.pigx:pigx =5.0.0-20240820 -...
chatlytics-hermes (>=3.0.0 <=3.0.1), mtmai (>=0.10.0 <=0.10.5) potentially affected by CVE-2026-9366 via hermes-agent (>=0.13.0 <=0.14.0)
hermes-agent PYPI version =0.13.0, =3.0.0, =0.10.0, =0.10.5 Source cves: CVE-2026-9366 Source advisory: OSV:GHSA-PGP4-XR4J-H5CG...
chatlytics-hermes (>=3.0.0 <=3.0.1), mtmai (>=0.10.0 <=0.10.5) potentially affected by CVE-2026-9353 via hermes-agent (>=0.13.0 <=0.14.0)
hermes-agent PYPI version =0.13.0, =3.0.0, =0.10.0, =0.10.5 Source cves: CVE-2026-9353 Source advisory: OSV:GHSA-238W-F66P-W349...
abm-colony-collection (>=0.1.0 <=0.5.0), abm-initialization-collection (>=0.1.0 <=0.7.0) +106 more potentially affected by CVE-2026-3515 via prefect (>=0.9.2 <=3.6.13)
prefect PYPI version =0.9.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.126, =0.1.0, =1.0.4, =3.4.0, =0.4.0b0, =0.1.11, =0.1.0, =1.0.17, =6.0.0, =11.3.0 and more Source cves: CVE-2026-3515 Source advisory: OSV:GHSA-CW25-2P92-7F75...
org.apache.cxf.services.xkms:cxf-services-xkms-war (>=4.1.0 <=4.1.5) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (>=4.1.0 <=4.1.5)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =4.1.0, =4.1.0, =4.1.5 Source cves: CVE-2026-44930 Source advisory: OSV:GHSA-PG32-686Q-QH6X...
org.apache.cxf.services.xkms:cxf-services-xkms-war (>=3.0.0 <=3.6.10) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (>=3.0.0 <=3.6.10)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =3.0.0, =3.0.0, =3.6.10 Source cves: CVE-2026-44930 Source advisory: OSV:GHSA-PG32-686Q-QH6X...
org.apache.cxf.services.xkms:cxf-services-xkms-war (=4.2.0) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (=4.2.0)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap and may be impacted: -...
com.github.vindell:spring-boot-starter-cxf-jaxws-plus (>=1.0.0.RELEASE <=1.0.2.RELEASE), org.apache.cxf:apache-cxf (>=3.3.0 <=3.6.10) +1 more potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=3.2.4 <=3.6.10)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =3.2.4, =1.0.0.RELEASE, =3.3.0, =3.4.0, =3.6.10 Source cves: CVE-2026-44618 Source advisory: OSV:GHSA-VMM5-FJGX-2JHP...
org.apache.cxf:apache-cxf (=4.2.0), org.apache.cxf:cxf-distribution-javadoc (=4.2.0) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (=4.2.0)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-ws-transfer and may be impacted: - org.apache.cxf:apache-cxf =4.2.0 - org.apache.cxf:cxf-distribution-javadoc =4.2.0 Source cve...
org.apache.cxf:apache-cxf (>=4.1.0 <=4.1.5), org.apache.cxf:cxf-distribution-javadoc (>=4.1.0 <=4.1.5) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=4.1.0 <=4.1.5)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.1.0, =4.1.0, =4.1.0, =4.1.5 Source cves: CVE-2026-44618 Source advisory: OSV:GHSA-VMM5-FJGX-2JHP...
org.apache.cxf.systests:cxf-systests-jaxrs (>=4.1.0 <=4.1.5), org.apache.cxf.systests:cxf-systests-transport-jms (>=4.1.0 <=4.1.5) +13 more potentially affected by CVE-2026-44417 via org.apache.cxf:cxf-rt-transports-jms (>=4.1.0 <=4.1.5)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =4.1.0, =7.4.0.Beta1, =7.4.0.Beta1, =7.4.0.Beta1, =7.4.0.Beta1, =7.4.0.Beta1, =7.4.0.Beta1, =7.4.0.Beta3 - org.ow2.petals.samples.soap:cxf-server =5.2.0-1.0.0 -...
com.treelogic-swe:aws-mock (=1.0), com.treelogic-swe:cxf-stub (=ec2-2013-02-01) +53 more potentially affected by CVE-2026-44417 via org.apache.cxf:cxf-rt-transports-jms (>=2.0.6 <=3.6.10)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =2.0.6, =1.4.0, =1.4.0, =3.0.0, =2.2.7, =2.4.0, =2.1.7, =2.1.7, =2.3.0, =2.0.6, =2.6.0, =2.0.6, =2.0.6, =3.2.0, =3.6.10 and more Source cves: CVE-2026-44417 Source advisory: OSV:GHSA-2HVC-5C6V-F533...
org.apache.cxf.systests:cxf-systests-jaxrs (=4.2.0), org.apache.cxf.systests:cxf-systests-transport-jms (=4.2.0) +4 more potentially affected by CVE-2026-44417 via org.apache.cxf:cxf-rt-transports-jms (=4.2.0)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-transports-jms and may be impacted: - org.apache.cxf.systests:cxf-systests-jaxrs =4.2.0 -...
ether-bn.js (>=1.4.0 <=1.4.1) potentially affected by unknown CVE via unique-id-64 (=1.0.0)
unique-id-64 NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on unique-id-64 and may be impacted: - ether-bn.js =1.4.0, =1.4.1 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4781...
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +27 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-web (=3.0.0-alpha-1)
org.apache.shiro:shiro-web MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-web and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0.3,...
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +35 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-core (=3.0.0-alpha-1)
org.apache.shiro:shiro-core MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-core and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0....
ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +296 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43827 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116505...
ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +182 more potentially affected by CVE-2026-43827 via org.apache.shiro:shiro-web (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-web MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =8.0.0, =8.0.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43827 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116506...