26517 matches found
@hulumi/platform-patterns (=0.0.0-bootstrap.0) potentially affected by unknown CVE via @hulumi/baseline (=1.3.1)
@hulumi/baseline NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @hulumi/baseline and may be impacted: - @hulumi/platform-patterns =0.0.0-bootstrap.0 Source cves: unknown CVE Source advisory: SNYK:JS-HULUMIBASELINE-17660557...
@hulumi/platform-patterns (=0.0.0-bootstrap.0) potentially affected by unknown CVE via @hulumi/baseline (=1.3.1)
@hulumi/baseline NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @hulumi/baseline and may be impacted: - @hulumi/platform-patterns =0.0.0-bootstrap.0 Source cves: unknown CVE Source advisory: OSV:GHSA-GFP8-MP24-5VXG...
flaskbb-plugin-atom (>=0.1.0 <=0.2.0), flaskbb-plugin-conversations (=2.0.1) +6 more potentially affected by CVE-2026-46556 via flaskbb (=2.2.0)
flaskbb PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on flaskbb and may be impacted: - flaskbb-plugin-atom =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.1.0 Source cves: CVE-2026-46556 Source advisory: OSV:GHSA-XQ32-9G7Q-7297...
flaskbb-plugin-atom (>=0.1.0 <=0.2.0), flaskbb-plugin-conversations (=2.0.1) +6 more potentially affected by CVE-2026-46556 via flaskbb (=2.2.0)
flaskbb PYPI version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on flaskbb and may be impacted: - flaskbb-plugin-atom =0.1.0, =0.0.1, =0.1.0, =0.0.1, =0.1.0 Source cves: CVE-2026-46556 Source advisory: SNYK:PYTHON-FLASKBB-17283331...
@toolsdk.ai/registry (=1.0.83), easy-mcp-server (>=1.0.117 <=1.0.118) potentially affected by CVE-2026-46519 via mcp-server-kubernetes (>=2.4.3 <=2.9.9)
mcp-server-kubernetes NPM version =2.4.3, =1.0.117, =1.0.118 Source cves: CVE-2026-46519 Source advisory: OSV:GHSA-CR22-WJX7-2W6M...
monerochan-stark (>=5.2.2 <=5.2.12), p3-circle (>=0.1.0 <=0.4.3-succinct) +30 more potentially affected by CVE-2026-46654 via p3-challenger (>=0.1.0 <=0.4.3-succinct)
p3-challenger CARGO version =0.1.0, =5.2.2, =0.1.0, =0.1.0, =0.1.0, =0.1.5-succinct, =0.1.0, =0.1.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.4 and more Source cves: CVE-2026-46654 Source advisory: OSV:GHSA-VJ64-RJF3-W3V7...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +15 more potentially affected by CVE-2026-46545 via nimiq-primitives (>=0.1.0 <=0.2.0)
nimiq-primitives CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-46545 Source advisory: OSV:GHSA-MW3Q-R9WH-H2FF...
nimiq-block-production (>=0.1.0 <=0.2.0), nimiq-client (>=0.1.0 <=0.2.0) +6 more potentially affected by CVE-2026-46543 via nimiq-blockchain (>=0.1.0 <=0.2.0)
nimiq-blockchain CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 Source cves: CVE-2026-46543 Source advisory: OSV:GHSA-VGHX-352F-93JM...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +17 more potentially affected by CVE-2026-46542 via nimiq-keys (>=0.1.0 <=0.2.0)
nimiq-keys CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-46542 Source advisory: OSV:GHSA-H9CC-W26M-J342...
nimiq-account (>=0.1.0 <=0.2.0), nimiq-accounts (>=0.1.0 <=0.2.0) +15 more potentially affected by CVE-2026-46539 via nimiq-primitives (>=0.1.0 <=0.2.0)
nimiq-primitives CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2026-46539 Source advisory: OSV:GHSA-799F-29JM-GR6C...
apify (=3.0.0rc1), bagit-create (>=1.2.0 <=1.4.4) potentially affected by CVE-2026-46497 via crawlee (>=1.0.0rc1 <=1.1.0)
crawlee PYPI version =1.0.0rc1, =1.2.0, =1.4.4 Source cves: CVE-2026-46497 Source advisory: OSV:GHSA-3R75-XC34-5F44...
aster-cli (=0.1.2), aster-rpc (>=0.1.1 <=0.1.2) +1 more potentially affected by CVE-2026-48207 via pyfory (>=0.13.2 <=0.16.0)
pyfory PYPI version =0.13.2, =0.1.1, =0.1.39, =0.1.50 Source cves: CVE-2026-48207 Source advisory: OSV:GHSA-M5GW-83W2-7749...
@alexaegis/svelte-config (>=0.9.3 <=0.15.1), @builders-of-stuff/svelte-sui-wallet-adapter (>=0.7.5 <=2.1.0) +12 more potentially affected by unknown CVE via @sveltejs/kit (>=2.39.1 <=2.5.4)
@sveltejs/kit NPM version =2.39.1, =0.9.3, =0.7.5, =0.0.137, =0.0.0-6ba0891f, =10.0.1, =0.1.0, =2.0.0, =5.0.0-alpha.1, =0.0.3-next.8, =0.0.10, =0.3.2, =1.7.0, =1.15.1 Source cves: unknown CVE Source advisory: OSV:GHSA-HGV7-V322-MMGR...
@alexaegis/svelte-config (>=0.9.3 <=0.15.1), @builders-of-stuff/svelte-sui-wallet-adapter (>=0.7.5 <=2.1.0) +12 more potentially affected by unknown CVE via @sveltejs/kit (>=2.39.1 <=2.5.4)
@sveltejs/kit NPM version =2.39.1, =0.9.3, =0.7.5, =0.0.137, =0.0.0-6ba0891f, =10.0.1, =0.1.0, =2.0.0, =5.0.0-alpha.1, =0.0.3-next.8, =0.0.10, =0.3.2, =1.7.0, =1.15.1 Source cves: unknown CVE Source advisory: SNYK:JS-SVELTEJSKIT-16796279...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +49 more potentially affected by CVE-2026-8597 via sagemaker (>=3.13.1 <=3.5.0)
sagemaker PYPI version =3.13.1, =0.1.0, =0.4.4, =1.3.16, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source cves: CVE-2026-8597 Source advisory: OSV:GHSA-RQ6V-X3J8-7QGF...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8597 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8597 Source advisory: SNYK:PYTHON-SAGEMAKER-16795363...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8597 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8597 Source advisory: OSV:GHSA-RQ6V-X3J8-7QGF...
admet-workbench (>=0.1.0 <=0.1.1), agent-gpt-aws (>=0.4.4 <=0.9.5) +49 more potentially affected by CVE-2026-8596 via sagemaker (>=3.13.1 <=3.5.0)
sagemaker PYPI version =3.13.1, =0.1.0, =0.4.4, =1.3.16, =0.0.2, =0.1.13, =0.1.0, =0.4.0, =1.0.1, =0.4.0, =0.1.12, =0.1.0, =0.2.7 and more Source cves: CVE-2026-8596 Source advisory: OSV:GHSA-7HH5-PRP2-MFH5...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8596 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8596 Source advisory: SNYK:PYTHON-SAGEMAKER-16795361...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8596 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8596 Source advisory: OSV:GHSA-7HH5-PRP2-MFH5...
@altipla/directus-sdk-utils (=0.7.2), @better-auth/sso (>=1.6.0 <=1.7.0-beta.3) +28 more potentially affected by CVE-2026-46490 via samlify (>=2.10.0 <=2.12.0)
samlify NPM version =2.10.0, =1.6.0, =2.10.4, =1.0.0, =11.16.1-depup.0, =27.1.0, =0.73.0, =0.73.0, =0.73.1, =0.73.0, =0.73.1, =0.78.0 and more Source cves: CVE-2026-46490 Source advisory: OSV:GHSA-34R5-Q4JW-R36M...
@altipla/directus-sdk-utils (=0.7.2), @better-auth/sso (>=1.6.0 <=1.7.0-beta.3) +28 more potentially affected by CVE-2026-46490 via samlify (>=2.10.0 <=2.12.0)
samlify NPM version =2.10.0, =1.6.0, =2.10.4, =1.0.0, =11.16.1-depup.0, =27.1.0, =0.73.0, =0.73.0, =0.73.1, =0.73.0, =0.73.1, =0.78.0 and more Source cves: CVE-2026-46490 Source advisory: SNYK:JS-SAMLIFY-16796318...
org.open-metadata:openmetadata-dist (>=0.12.1 <=DEMO_BETA1), org.open-metadata:openmetadata-k8s-operator (>=1.12.0 <=1.12.10) +2 more potentially affected by CVE-2026-46481 via org.open-metadata:openmetadata-service (>=DEMO_BETA1 <=1.12.3)
org.open-metadata:openmetadata-service MAVEN version =DEMOBETA1, =0.12.1, =1.12.0, =1.10.0, =1.12.10 - org.open-metadata:openmetadata-ui =0.12.1.preview Source cves: CVE-2026-46481 Source advisory: OSV:GHSA-9VMH-WHC4-7PHG...
auto-wasi (=0.1.0), deterministic-wasi-ctx (>=0.1.1 <=0.1.14) +53 more potentially affected by CVE-2026-47261 via wasmtime-wasi (>=0.10.0 <=1.0.2)
wasmtime-wasi CARGO version =0.10.0, =0.1.1, =0.5.3-0, =0.4.0, =0.4.0, =0.5.0, =0.0.1-alpha, =0.1.0, =0.1.0, =0.1.0, =0.9.0, =0.9.0, =0.9.0, =0.7.0, =0.9.2 and more Source cves: CVE-2026-47261 Source advisory: OSV:RUSTSEC-2026-0149...
atm0s-media-server-transport-rtmp (=0.1.0), audiopus (>=0.1.0 <=0.3.0-rc.0) +32 more potentially affected by unknown CVE via audiopus_sys (>=0.1.8 <=0.2.2)
audiopussys CARGO version =0.1.8, =0.1.0, =0.24.0, =0.3.0, =0.4.0, =0.1.0, =0.1.1-alpha, =0.1.0, =0.2.0, =1.2.0, =1.3.0 - ogg-opus =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2026-0150...
@hanssoft/baileys (>=2.0.4 <=10.0.0), @lynnidoffc/baileys (>=3.1.0 <=3.1.7) potentially affected by unknown CVE via @hanssoft/libsignal-node (=3.0.4)
@hanssoft/libsignal-node NPM version =3.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on @hanssoft/libsignal-node and may be impacted: - @hanssoft/baileys =2.0.4, =3.1.0, =3.1.7 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4393...
org.webjars.npm:dash0__sdk-web (=0.18.4), org.webjars.npm:scalar__import (>=0.3.16 <=0.4.6) +3 more potentially affected by CVE-2026-12644 via org.webjars.npm:ts-deepmerge (=7.0.3)
org.webjars.npm:ts-deepmerge MAVEN version =7.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:ts-deepmerge and may be impacted: - org.webjars.npm:dash0sdk-web =0.18.4 - org.webjars.npm:scalarimport =0.3.16, =0.2.107, =1.1.13, =0.1.3...
azure-ai-generative (>=1.0.0b1 <=1.0.0b3), azure-ai-resources (>=1.0.0b1 <=1.0.0b9) +15 more potentially affected by CVE-2026-2734 via mlflow-skinny (>=3.0.0 <=3.0.1)
mlflow-skinny PYPI version =3.0.0, =1.0.0b1, =1.0.0b1, =0.1.0, =0.1.0, =2.5.0, =0.0.13, =3.0.0, =0.1.0, =0.1.4 and more Source cves: CVE-2026-2734 Source advisory: SNYK:PYTHON-MLFLOWSKINNY-16787325...
databricks-agents (>=0.1.0 <=1.0.0rc1), datamint (>=2.5.0 <=2.5.2) +3 more potentially affected by CVE-2026-2734 via mlflow (>=3.0.0rc2 <=3.0.1)
mlflow PYPI version =3.0.0rc2, =0.1.0, =2.5.0, =0.2.0.dev0, =0.6.7, =0.8.1 Source cves: CVE-2026-2734 Source advisory: SNYK:PYTHON-MLFLOW-16787326...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +346 more potentially affected by CVE-2026-2734 via mlflow (>=0.8.2 <=3.0.1)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2026-2734 Source advisory: OSV:GHSA-W5XQ-C4PF-GHQ7...
01-dev (=1.0.0), 04-musicplayer (=1.0.0) +1198 more potentially affected by CVE-2024-23222 via art-template (>=4.11.0 <=4.13.4)
art-template NPM version =4.11.0, =1.0.0, =0.0.1, =1.0.0, =0.0.1, =1.0.2, =1.0.0-alpha.1, =1.0.3, =1.1.4, =1.0.0, =0.1.0, =0.0.1, =0.0.2-alpha.13 and more Source cves: CVE-2024-23222 Source advisory: SNYK:JS-ARTTEMPLATE-16779844...
@bentwnghk/chat (>=1.54.2 <=1.107.2), @bu-sail/s3-viewer (>=0.0.1-alpha.1 <=0.1.0-alpha.6) +133 more potentially affected by CVE-2026-30691 via @cyntler/react-doc-viewer (>=1.10.3 <=1.17.1)
@cyntler/react-doc-viewer NPM version =1.10.3, =1.54.2, =0.0.1-alpha.1, =1.0.0, =1.0.1, =1.3.0, =1.3.0, =1.0.0, =0.0.1-beta.12, =1.8.18, =1.8.23 and more Source cves: CVE-2026-30691 Source advisory: OSV:GHSA-FVHG-P4HF-79X3...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +174 more potentially affected by CVE-2026-9087 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.6.2)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...
ch.unibas.medizin:dynamicreports-core (>=7.0.1 <=7.0.6), com.metricstream.jasper:ms-dynamic-jasper (=1.0.0-alpha.0) +49 more potentially affected by CVE-2026-6009 via net.sf.jasperreports:jasperreports (>=7.0.0 <=7.0.6)
net.sf.jasperreports:jasperreports MAVEN version =7.0.0, =7.0.1, =4.0.0, =2.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =0.18.6, =0.18.75 and more Source cves: CVE-2026-6009 Source advisory: SNYK:JAVA-NETSFJASPERREPORTS-16787146...
adaseq (=0.4.0), cosmos-predict2 (>=1.0.6 <=1.0.9) +20 more potentially affected by CVE-2025-51427 via modelscope (>=1.10.0 <=1.26.0)
modelscope PYPI version =1.10.0, =1.0.6, =0.5.4, =0.1.1, =0.6.0, =1.0.0, =0.4.0, =2.4.2, =0.1.0, =0.1.2, =0.1.0, =0.5.0, =0.7.0 and more Source cves: CVE-2025-51427 Source advisory: SNYK:PYTHON-MODELSCOPE-17223769...
de.ikor.sip.foundation:sip-integration-starter (>=2.4.0 <=3.2.0), de.ikor.sip.foundation:sip-soap-starter (>=3.0.0 <=3.2.0) +45 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-transport (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-transport MAVEN version =3.18.0, =2.4.0, =3.0.0, =3.0.0, =2.4.0, =2.0.1, =2.0.1, =4.0.0.Beta1, =4.0.0.Beta1, =4.1.3, =4.0.0.Beta1, =4.0.0, =4.0.0, =4.0.0, =4.0.0, =0.1.0, =4.14.5 and more Source cves: CVE-2026-47323 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16787112...
org.apache.camel.k:camel-k-itests-knative (>=1.14.0 <=3.2.3), org.apache.camel.k:camel-k-itests-knative-consumer (>=1.14.0 <=3.2.3) +32 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-knative (>=3.18.0 <=4.14.5)
org.apache.camel:camel-knative MAVEN version =3.18.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.14.0, =1.15.2 and more Source cves: CVE-2026-47323 Source advisory:...
org.apache.camel.kafkaconnector:camel-cxf-kafka-connector (>=3.18.1 <=3.21.0), org.apache.camel.kafkaconnector:camel-cxfrs-kafka-connector (>=3.18.1 <=4.14.5) +16 more potentially affected by CVE-2026-47323 via org.apache.camel:camel-cxf-rest (>=3.18.0 <=4.14.5)
org.apache.camel:camel-cxf-rest MAVEN version =3.18.0, =3.18.1, =3.18.1, =3.18.1, =3.18.1, =4.10.3, =3.18.0, =4.10.3, =4.10.7, =3.18.0, =3.18.0, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2023-08-RT, =8.0.1.R2024-05-RT - org.talend.esb.locator.service:locator-soap-service =$%7Brevision%7D an...
org.glassfish.main.admingui:admingui (>=7.0.0 <=9.0.0-M1), org.glassfish.main.admingui:console-cluster-plugin (>=7.0.0 <=9.0.0-M1) +19 more potentially affected by CVE-2026-2586 via org.glassfish.jsftemplating:jsftemplating (>=4.0.0 <=4.1.0)
org.glassfish.jsftemplating:jsftemplating MAVEN version =4.0.0, =7.0.0, =7.0.0, =7.0.16, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =9.0.0-M1 and more Source cves: CVE-2026-2586 Source advisory: SNYK:JAVA-ORGGLASSFISHJSFTEMPLATING-167906...
org.glassfish.main.admingui:admingui (>=7.0.0 <=9.0.0-M1), org.glassfish.main.admingui:console-cluster-plugin (>=7.0.0 <=9.0.0-M1) +19 more potentially affected by CVE-2026-2587 via org.glassfish.jsftemplating:jsftemplating (>=4.0.0 <=4.1.0)
org.glassfish.jsftemplating:jsftemplating MAVEN version =4.0.0, =7.0.0, =7.0.0, =7.0.16, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =9.0.0-M1 and more Source cves: CVE-2026-2587 Source advisory: SNYK:JAVA-ORGGLASSFISHJSFTEMPLATING-167906...
apna-experiment-sdk (>=0.1.0 <=0.4.10), askui (>=0.22.12 <=0.35.0) +39 more potentially affected by CVE-2026-31072 via apscheduler (>=4.0.0a2 <=4.0.0a6)
apscheduler PYPI version =4.0.0a2, =0.1.0, =0.22.12, =1.0.1, =3.8.0, =1.3.0, =3.0.0a0, =0.1.5, =2.0.5, =0.15.1, =0.0.3, =0.1.0rc0, =2.0.0, =8.4.0, =8.7.0 and more Source cves: CVE-2026-31072 Source advisory: SNYK:PYTHON-APSCHEDULER-16787181...
cache-extensions (>=1.7.0 <=1.14.1) potentially affected by unknown CVE via setup-php (>=2.15.0 <=2.36.0)
setup-php NPM version =2.15.0, =1.7.0, =1.14.1 Source cves: unknown CVE Source advisory: SNYK:JS-SETUPPHP-16874160...
cache-extensions (>=1.9.1 <=1.14.1) potentially affected by CVE-2026-46420 via setup-php (>=2.25.0 <=2.36.0)
setup-php NPM version =2.25.0, =1.9.1, =1.14.1 Source cves: CVE-2026-46420 Source advisory: SNYK:JS-SETUPPHP-16874161...
aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +235 more potentially affected by CVE-2026-45804 via diffusers (>=0.10.2 <=0.37.1)
diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-45804 Source advisory: OSV:GHSA-7WX4-6VFF-V64P...
aana (>=0.2.1 <=0.2.2), ace-step (=0.1.0) +235 more potentially affected by CVE-2026-45804 via diffusers (>=0.10.2 <=0.37.1)
diffusers PYPI version =0.10.2, =0.2.1, =1.8.20, =1.9.0, =0.0.0, =0.2.2, =0.0.2, =0.0.0, =0.1.0, =0.6.37, =0.0.4, =0.1.0, =0.1.0, =0.5.0 and more Source cves: CVE-2026-45804 Source advisory: SNYK:PYTHON-DIFFUSERS-16787358...
@weirdorg/dotenv (>=1.0.1 <=1.0.4) potentially affected by unknown CVE via @weirdorg/config (=1.0.3)
@weirdorg/config NPM version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on @weirdorg/config and may be impacted: - @weirdorg/dotenv =1.0.1, =1.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4466...
@akshajrawat/plugin-repo-cli (=1.0.0), @joplin/plugin-repo-cli (>=2.2.3 <=3.6.3) +5 more potentially affected by CVE-2025-57798 via @joplin/lib (>=2.10.2 <=3.6.3)
@joplin/lib NPM version =2.10.2, =2.2.3, =2.2.3, =1.6.3, =2.0.0, =0.5.2, =0.17.1 - pi-joplin =1.0.0 Source cves: CVE-2025-57798 Source advisory: SNYK:JS-JOPLINLIB-16771369...
airflow-tools (>=0.9.0 <=0.11.0), dataflow-airflow (>=2.10.3 <=2.10.9) +2 more potentially affected by CVE-2026-42526 via apache-airflow-providers-amazon (>=9.0.0 <=9.17.0)
apache-airflow-providers-amazon PYPI version =9.0.0, =0.9.0, =2.10.3, =0.0.1rc1, =2.10.7, =2.10.11rc5 Source cves: CVE-2026-42526 Source advisory: SNYK:PYTHON-APACHEAIRFLOWPROVIDERSAMAZON-16770135...
airflow-add-ons (>=0.2.4 <=0.2.9b2), airflow-aws-shared-secrets (>=0.0.1 <=0.0.5) +11 more potentially affected by CVE-2026-42526 via apache-airflow-providers-amazon (>=1.4.0 <=9.17.0)
apache-airflow-providers-amazon PYPI version =1.4.0, =0.2.4, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.0.4, =0.0.0, =2.10.3, =14.4.0, =0.0.1, =0.0.1rc1, =2.10.7, =2.10.11rc5 Source cves: CVE-2026-42526 Source advisory: OSV:GHSA-G9QC-QF28-HHQX...
dbgate-serve (>=7.1.3-alpha.3 <=7.1.13), dbmodel (>=7.1.3-alpha.3 <=7.1.13) potentially affected by CVE-2026-47670 via dbgate-api (>=7.1.10 <=7.1.8)
dbgate-api NPM version =7.1.10, =7.1.3-alpha.3, =7.1.3-alpha.3, =7.1.13 Source cves: CVE-2026-47670 Source advisory: SNYK:JS-DBGATEAPI-17223765...