26517 matches found
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +35 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-core (=3.0.0-alpha-1)
org.apache.shiro:shiro-core MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-core and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0....
ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +182 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-web MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =8.0.0, =8.0.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43828 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116502...
ca.ibodrov.concord:mcp-for-concord (>=0.0.1 <=0.0.2), ca.ibodrov.concord:testcontainers-concord-core (>=2.0.3 <=2.0.5) +296 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-core (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-core MAVEN version =2.0.0-alpha-1, =0.0.1, =2.0.3, =0.0.27, =0.0.27, =0.0.27, =6.0.0, =8.0.0, =8.0.0, =2.2.0, =1.0.2, =3.4.0, =3.3.0, =3.3.0, =3.3.0, =3.8.0 and more Source cves: CVE-2026-43828 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17116503...
com.github.fangjinuo.agileway:agileway-shiro-redis (>=2.3.3 <=3.1.12), com.github.fangjinuo.agileway:agileway-shiro-redis-springdata2 (>=2.4.2 <=3.1.12) +27 more potentially affected by CVE-2026-43828 via org.apache.shiro:shiro-web (=3.0.0-alpha-1)
org.apache.shiro:shiro-web MAVEN version =3.0.0-alpha-1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shiro:shiro-web and may be impacted: - com.github.fangjinuo.agileway:agileway-shiro-redis =2.3.3, =2.4.2, =0.0.3, =0.0.3, =0.0.3, =0.0.3,...
cloud.opencode.base:opencode-base-token (=1.0.0), com.flowlogix.depchain:shiro-jakarta (>=18 <=119) +22 more potentially affected by CVE-2026-44598 via org.apache.shiro:shiro-jakarta-ee (>=2.0.0-alpha-1 <=2.1.0)
org.apache.shiro:shiro-jakarta-ee MAVEN version =2.0.0-alpha-1, =18, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.82.10, =0.82.10, =4.7.0, =3.10.0, =3.10.0, =3.10.0, =4.5.0, =4.20.0 and more Source cves: CVE-2026-44598 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17115416...
cloud.opencode.base:opencode-base-token (=1.0.0), com.flowlogix.depchain:shiro-jakarta (>=18 <=122) +22 more potentially affected by CVE-2026-48589 via org.apache.shiro:shiro-jakarta-ee (>=2.0.0-alpha-1 <=2.2.0)
org.apache.shiro:shiro-jakarta-ee MAVEN version =2.0.0-alpha-1, =18, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.82.10, =0.82.10, =4.7.0, =3.10.0, =3.10.0, =3.10.0, =4.5.0, =4.20.0 and more Source cves: CVE-2026-48589 Source advisory: SNYK:JAVA-ORGAPACHESHIRO-17115412...
org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +33 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (=4.1.0)
org.apache.syncope.core:syncope-core-spring MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-spring and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic =4.1.0 -...
org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=4.0.5) +38 more potentially affected by CVE-2026-42782 via org.apache.syncope.core:syncope-core-spring (>=3.0.0-M1 <=4.0.5)
org.apache.syncope.core:syncope-core-spring MAVEN version =3.0.0-M1, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.2, =4.0.0, =3.0.0, =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.5 and more Source cves: CVE-2026-42782 Source advisory: SNYK:JAV...
org.apache.syncope.core.am:syncope-core-am-logic (=4.1.0), org.apache.syncope.core.am:syncope-core-am-rest-cxf (=4.1.0) +36 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (=4.1.0)
org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =4.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.syncope.core:syncope-core-provisioning-api and may be impacted: - org.apache.syncope.core.am:syncope-core-am-logic...
org.apache.syncope.core.am:syncope-core-am-logic (>=3.0.0 <=4.0.5), org.apache.syncope.core.am:syncope-core-am-rest-cxf (>=3.0.0 <=4.0.5) +41 more potentially affected by CVE-2026-42797 via org.apache.syncope.core:syncope-core-provisioning-api (>=3.0.0 <=4.0.5)
org.apache.syncope.core:syncope-core-provisioning-api MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.2, =4.0.0, =3.0.0, =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.0.5 and more Source cves: CVE-2026-42797 Source advisory:...
postcss-minify-selector (>=0.1.2 <=0.1.3) potentially affected by unknown CVE via aes-decode-runner-pro (=1.0.11)
aes-decode-runner-pro NPM version =1.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on aes-decode-runner-pro and may be impacted: - postcss-minify-selector =0.1.2, =0.1.3 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4475...
@aquacloud_ai/aqc-charts (>=0.1.1 <=0.1.3), @arkxos/arkos-system (>=0.1.1 <=0.1.10) +51 more potentially affected by CVE-2026-45249 via echarts (=6.0.0)
echarts NPM version =6.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on echarts and may be impacted: - @aquacloudai/aqc-charts =0.1.1, =0.1.1, =5.1.121, =0.1.1, =1023.48.0, =1023.0.0, =1023.0.0, =1023.0.0, =1023.0.0, =1023.0.0, =1023.0.0, =0.22.0,...
gps-building-blocks (=1.2.2) potentially affected by CVE-2026-45361 via apache-airflow-providers-google (=1.0.0)
apache-airflow-providers-google PYPI version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow-providers-google and may be impacted: - gps-building-blocks =1.2.2 Source cves: CVE-2026-45361 Source advisory: OSV:PYSEC-2026-166...
azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2651 via mlflow-skinny (>=3.0.0 <=3.0.1)
mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2651 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16874026...
databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +3 more potentially affected by CVE-2026-2651 via mlflow (>=3.0.0rc2 <=3.0.1)
mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =0.2.0.dev0, =0.6.7, =0.8.1 Source cves: CVE-2026-2651 Source advisory: SNYK:PYTHON-MLFLOW-16874027...
3m (>=0.1.1 <=0.1.3), 4dpocket (>=0.1.3 <=0.1.4) +8478 more potentially affected by CVE-2026-4372 via transformers (>=5.0.0 <=5.2.0)
transformers PYPI version =5.0.0, =0.1.1, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.1.0.dev1, =0.1.0, =2.3.15.994, =4.0.2 - aait-store-cut-part-001 =0.0.1 - aait-store-cut-part-002 =0.0.1 - aait-store-cut-part-003 =0.0.1 - aait-store-cut-part-004 =0.0.1 - aait-store-cut-part-005 =0.0.1 -...
biz.devstack.springframework.boot:spring-boot-starter-api (>=1.0.0 <=1.2.1), biz.devstack:spring-boot-starter-api-quickstart (>=1.0.0 <=1.0.4) +654 more potentially affected by CVE-2026-9370 via com.github.ulisesbocchio:jasypt-spring-boot (>=3.0.4 <=4.0.4)
com.github.ulisesbocchio:jasypt-spring-boot MAVEN version =3.0.4, =1.0.0, =1.0.0, =1.0, =1.0.4 - cn.com.tltim.pigx:mybatis-enhance =5.0.0-20240820 - cn.com.tltim.pigx:pigx =5.0.0-20240820 - cn.com.tltim.pigx:pigx-common =5.0.0-20240820 - cn.com.tltim.pigx:pigx-common-audit =5.0.0-20240820 -...
org.webjars.npm:coreui__coreui (=4.2.1), org.webjars.npm:css-loader (>=2.1.0 <=6.7.2) +19 more potentially affected by CVE-2026-9358 via org.webjars.npm:postcss-selector-parser (>=4.0.0-rc.1 <=7.1.0)
org.webjars.npm:postcss-selector-parser MAVEN version =4.0.0-rc.1, =2.1.0, =3.1.0, =7.0.1, =4.0.2, =2.0.6, =2.1.0, =4.1.2, =6.2.0 and more Source cves: CVE-2026-9358 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16873883...
blog-coeur (>=0.0.12 <=0.0.19), chat-portal (>=0.1.0 <=0.2.1) +8 more potentially affected by unknown CVE via instagrapi (>=2.0.0 <=2.6.6)
instagrapi PYPI version =2.0.0, =0.0.12, =0.1.0, =0.0.1, =0.1.0, =1.0.0, =1.3.7, =0.1.0, =0.1.0, =2.2.0, =1.0.2, =2.8.50 Source cves: unknown CVE Source advisory: OSV:GHSA-GGXF-37HM-9WQF...
@openinc/parse-server-opendash (>=3.31.25 <=4.0.34) potentially affected by CVE-2026-47138 via parse-server (>=9.6.0-alpha.37 <=9.9.0)
parse-server NPM version =9.6.0-alpha.37, =3.31.25, =4.0.34 Source cves: CVE-2026-47138 Source advisory: OSV:GHSA-38M6-82C8-4XFM...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-47138 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-47138 Source advisory: OSV:GHSA-38M6-82C8-4XFM...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +59 more potentially affected by CVE-2026-41863 via org.springframework.ai:spring-ai-anthropic (>=1.0.0-M5 <=1.1.6)
org.springframework.ai:spring-ai-anthropic MAVEN version =1.0.0-M5, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.24, =1.0.27, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.4, =1.2.4, =1.2.6 and more Source cves: CVE-2026-41863 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16873885...
org.apache.cxf.services.xkms:cxf-services-xkms-war (>=4.0.0 <=4.1.5) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (>=4.0.0 <=4.1.5)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =4.0.0, =4.0.0, =4.1.5 Source cves: CVE-2026-44930 Source advisory: SNYK:JAVA-ORGAPACHECXFSERVICESXKMS-16874169...
org.apache.cxf.services.xkms:cxf-services-xkms-war (=4.2.0) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (=4.2.0)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap and may be impacted: -...
org.apache.cxf.services.xkms:cxf-services-xkms-war (>=3.0.0 <=3.6.10) potentially affected by CVE-2026-44930 via org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap (>=3.0.0 <=3.6.10)
org.apache.cxf.services.xkms:cxf-services-xkms-x509-repo-ldap MAVEN version =3.0.0, =3.0.0, =3.6.10 Source cves: CVE-2026-44930 Source advisory: SNYK:JAVA-ORGAPACHECXFSERVICESXKMS-16874169...
org.apache.cxf.systests:cxf-systests-jaxrs (=4.2.0), org.apache.cxf.systests:cxf-systests-transport-jms (=4.2.0) +4 more potentially affected by CVE-2025-48913 +1 more via org.apache.cxf:cxf-rt-transports-jms (=4.2.0)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-transports-jms and may be impacted: - org.apache.cxf.systests:cxf-systests-jaxrs =4.2.0 -...
org.apache.cxf.systests:cxf-systests-jaxrs (>=4.0.0 <=4.1.5), org.apache.cxf.systests:cxf-systests-transport-jms (>=4.0.0 <=4.1.5) +18 more potentially affected by CVE-2025-48913 +1 more via org.apache.cxf:cxf-rt-transports-jms (>=4.0.0 <=4.1.5)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =6.2.0.Final, =7.3.7.Final, =7.0.0.Final, =7.0.0.Final, =6.2.0.Final, =6.2.0.Final, =7.0.0.Final, =7.0.0.Final, =6.2.0.Final, =7.4.0.Beta3 and more Source cves: CVE-2025-48913, CVE-2026-4441...
org.apache.camel:camel-example-cxf (>=2.14.0 <=2.19.5), org.apache.cxf.osgi.itests:org.apache.cxf.osgi.itests (>=3.0.0 <=3.6.10) +17 more potentially affected by CVE-2025-48913 +1 more via org.apache.cxf:cxf-rt-transports-jms (>=3.0.0-milestone1 <=3.6.10)
org.apache.cxf:cxf-rt-transports-jms MAVEN version =3.0.0-milestone1, =2.14.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.0, =5.0.0.Beta1, =5.0.0.Beta1, =5.0.0.Beta1, =5.0.0.Beta1, =5.5.0.Final and more Source cves: CVE-2025-48913, CVE-2026-44417 Source advisory:...
com.github.vindell:spring-boot-starter-cxf-jaxws-plus (>=1.0.0.RELEASE <=1.0.2.RELEASE), org.apache.cxf:apache-cxf (>=3.3.0 <=3.6.10) +1 more potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=3.2.4 <=3.6.10)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =3.2.4, =1.0.0.RELEASE, =3.3.0, =3.4.0, =3.6.10 Source cves: CVE-2026-44618 Source advisory: SNYK:JAVA-ORGAPACHECXF-17115402...
org.apache.cxf:apache-cxf (=4.2.0), org.apache.cxf:cxf-distribution-javadoc (=4.2.0) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (=4.2.0)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.cxf:cxf-rt-ws-transfer and may be impacted: - org.apache.cxf:apache-cxf =4.2.0 - org.apache.cxf:cxf-distribution-javadoc =4.2.0 Source cve...
org.apache.cxf:apache-cxf (>=4.0.0 <=4.1.5), org.apache.cxf:cxf-distribution-javadoc (>=4.0.0 <=4.1.5) potentially affected by CVE-2026-44618 via org.apache.cxf:cxf-rt-ws-transfer (>=4.0.0 <=4.1.5)
org.apache.cxf:cxf-rt-ws-transfer MAVEN version =4.0.0, =4.0.0, =4.0.0, =4.1.5 Source cves: CVE-2026-44618 Source advisory: SNYK:JAVA-ORGAPACHECXF-17115402...
org.webjars.npm:github-com-wavesoft-local-echo (=0.2.0), org.webjars.npm:launch-editor (=2.2.1) +2 more potentially affected by CVE-2026-9277 via org.webjars.npm:shell-quote (=1.8.3)
org.webjars.npm:shell-quote MAVEN version =1.8.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:shell-quote and may be impacted: - org.webjars.npm:github-com-wavesoft-local-echo =0.2.0 - org.webjars.npm:launch-editor =2.2.1 -...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0726react (=0.1.1) +28725 more potentially affected by CVE-2026-9277 via shell-quote (>=1.3.3 <=1.8.3)
shell-quote NPM version =1.3.3, =1.0.1, =1.1.0 - 0726react =0.1.1 - 0x0.icu.anima =0.1.0 - 0xcorde-pac =1.0.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...
01os (>=0.0.1 <=0.0.14), 2025-assignment2-expenses-manager (>=0.1.1 <=0.1.7) +4866 more potentially affected by CVE-2026-48710 via starlette (>=0.20.2 <=1.0.0rc1)
starlette PYPI version =0.20.2, =0.0.1, =0.1.1, =0.5.3, =0.3.6, =0.12.0, =0.4.2, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =0.1.9 and more Source cves: CVE-2026-48710 Source advisory: OSV:PYSEC-2026-161...
01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +802 more potentially affected by CVE-2026-47102 via litellm (>=1.0.0 <=1.83.1)
litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47102 Source advisory: SNYK:PYTHON-LITELLM-16795354...
01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +810 more potentially affected by CVE-2026-47101 via litellm (>=1.0.0 <=1.83.13)
litellm PYPI version =1.0.0, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47101 Source advisory: SNYK:PYTHON-LITELLM-16795355...
airalogy-engine (=0.0.2) potentially affected by CVE-2026-46703 via boxlite (=0.8.2)
boxlite PYPI version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on boxlite and may be impacted: - airalogy-engine =0.0.2 Source cves: CVE-2026-46703 Source advisory: OSV:GHSA-F396-4RP4-7V2J...
@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46703 via @boxlite-ai/boxlite (=0.8.2)
@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46703 Source advisory: OSV:GHSA-F396-4RP4-7V2J...
airalogy-engine (=0.0.2) potentially affected by CVE-2026-46695 via boxlite (=0.8.2)
boxlite PYPI version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on boxlite and may be impacted: - airalogy-engine =0.0.2 Source cves: CVE-2026-46695 Source advisory: OSV:GHSA-G6WW-W5J2-R7X3...
@airalogy/airalogy-engine (>=0.0.1 <=0.0.2) potentially affected by CVE-2026-46695 via @boxlite-ai/boxlite (=0.8.2)
@boxlite-ai/boxlite NPM version =0.8.2 is affected by a known vulnerability. The following packages have a transitive dependency on @boxlite-ai/boxlite and may be impacted: - @airalogy/airalogy-engine =0.0.1, =0.0.2 Source cves: CVE-2026-46695 Source advisory: OSV:GHSA-G6WW-W5J2-R7X3...
claude-content-writer (=2.1.0) potentially affected by unknown CVE via claude-content-writer (=2.2.0)
claude-content-writer NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on claude-content-writer and may be impacted: - claude-content-writer =2.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4524...
@bitsocial/ai-moderation-challenge (>=0.1.0 <=0.1.1), @bitsocial/bitsocial-cli (>=0.19.44 <=0.19.71) +6 more potentially affected by CVE-2026-46679 via @libp2p/gossipsub (>=15.0.0-049bfa0fa <=15.0.23-3574648c3)
@libp2p/gossipsub NPM version =15.0.0-049bfa0fa, =0.1.0, =0.19.44, =0.1.0, =0.1.0, =0.1.0, =6.0.0-049bfa0fa, =9.0.0-049bfa0fa, =0.0.17, =0.0.45 Source cves: CVE-2026-46679 Source advisory: SNYK:JS-LIBP2PGOSSIPSUB-16798774...
ara-cli (>=0.1.14.13 <=0.1.14.14), clai (>=1.5.0 <=1.98.0) +47 more potentially affected by CVE-2026-46678 via pydantic-ai-slim (>=1.56.0 <=1.98.0)
pydantic-ai-slim PYPI version =1.56.0, =0.1.14.13, =1.5.0, =0.1.0a1, =0.0.400, =1.0.0, =1.0.3, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.1, =0.0.1, =0.0.8 and more Source cves: CVE-2026-46678 Source advisory: OSV:GHSA-CQP8-FCVH-X7R3...
ara-cli (>=0.1.14.13 <=0.1.14.14), clai (>=1.5.0 <=1.98.0) +23 more potentially affected by CVE-2026-46678 via pydantic-ai (>=1.56.0 <=1.98.0)
pydantic-ai PYPI version =1.56.0, =0.1.14.13, =1.5.0, =1.0.0, =0.1.1, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.1.0, =0.1.0rc6 - open-aura =0.1.0 and more Source cves: CVE-2026-46678 Source advisory: OSV:GHSA-CQP8-FCVH-X7R3...
ara-cli (>=0.1.14.13 <=0.1.14.14), clai (>=1.5.0 <=1.98.0) +47 more potentially affected by CVE-2026-25580 +1 more via pydantic-ai-slim (>=1.56.0 <=1.98.0)
pydantic-ai-slim PYPI version =1.56.0, =0.1.14.13, =1.5.0, =0.1.0a1, =0.0.400, =1.0.0, =1.0.3, =0.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.1, =0.0.1, =0.0.8 and more Source cves: CVE-2026-25580, CVE-2026-46678 Source advisory: SNYK:PYTHON-PYDANTICAISLIM-16796278...
one2html (>=1.0.0 <=1.1.1) potentially affected by CVE-2026-46671 via onenote_parser (>=0.2.1 <=0.3.1)
onenoteparser CARGO version =0.2.1, =1.0.0, =1.1.1 Source cves: CVE-2026-46671 Source advisory: OSV:GHSA-4J5M-WC25-PVH7...
arpakitlib (>=1.9.5 <=1.9.50), blog-coeur (>=0.0.14 <=0.0.19) +8 more potentially affected by CVE-2026-46645 via sqladmin (>=0.13.0 <=0.24.0)
sqladmin PYPI version =0.13.0, =1.9.5, =0.0.14, =0.0.1, =0.0.22, =0.0.1a1, =0.0.1, =0.1.0, =0.1.2, =0.0.21, =0.0.23 Source cves: CVE-2026-46645 Source advisory: SNYK:PYTHON-SQLADMIN-17283335...
arpakitlib (>=1.9.5 <=1.9.50), blog-coeur (>=0.0.14 <=0.0.19) +8 more potentially affected by CVE-2026-46645 via sqladmin (>=0.13.0 <=0.24.0)
sqladmin PYPI version =0.13.0, =1.9.5, =0.0.14, =0.0.1, =0.0.22, =0.0.1a1, =0.0.1, =0.1.0, =0.1.2, =0.0.21, =0.0.23 Source cves: CVE-2026-46645 Source advisory: OSV:GHSA-54MC-GGHV-4CFJ...
01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +821 more potentially affected by CVE-2026-47102 via litellm (>=0.1.400 <=1.83.1)
litellm PYPI version =0.1.400, =0.0.1, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47102 Source advisory: OSV:GHSA-WPFP-GWWC-VWQ6...
01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +829 more potentially affected by CVE-2026-47101 via litellm (>=0.1.400 <=1.83.13)
litellm PYPI version =0.1.400, =0.0.1, =0.0.14, =0.0.14, =0.0.1a0, =0.3.5, =0.6.0, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 and more Source cves: CVE-2026-47101 Source advisory: OSV:GHSA-QRC4-49GV-MV9M...