gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5631 via gpt-researcher (=0.15.1)

gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5631 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917487...

gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5630 via gpt-researcher (=0.15.1)

gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5630 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917486...

gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5632 via gpt-researcher (=0.15.1)

gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5632 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917488...

gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5633 via gpt-researcher (=0.15.1)

gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5633 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917485...

griptape (>=0.1.0 <=0.5.1) potentially affected by CVE-2026-5596 via griptape-tools (>=0.7.0 <=0.7.1)

griptape-tools PYPI version =0.7.0, =0.1.0, =0.5.1 Source cves: CVE-2026-5596 Source advisory: SNYK:PYTHON-GRIPTAPETOOLS-15915643...

composio-griptape (>=0.3.13 <=0.7.20), griptape-cli (=0.1.0) +5 more potentially affected by CVE-2026-5596 via griptape (>=1.10.2 <=1.8.13)

griptape PYPI version =1.10.2, =0.3.13, =0.26.4, =0.84.0, =0.8.0, =2.0.3, =2.2.9 Source cves: CVE-2026-5596 Source advisory: SNYK:PYTHON-GRIPTAPE-15915642...

composio-griptape (>=0.3.13 <=0.7.20), griptape-cli (=0.1.0) +5 more potentially affected by CVE-2026-5597 via griptape (>=1.10.2 <=1.8.13)

griptape PYPI version =1.10.2, =0.3.13, =0.26.4, =0.84.0, =0.8.0, =2.0.3, =2.2.9 Source cves: CVE-2026-5597 Source advisory: SNYK:PYTHON-GRIPTAPE-15915638...

composio-griptape (>=0.5.44 <=0.5.51rc1), griptape-cli (=0.1.0) potentially affected by CVE-2026-5595 via griptape (>=1.5.0 <=1.8.13)

griptape PYPI version =1.5.0, =0.5.44, =0.5.51rc1 - griptape-cli =0.1.0 Source cves: CVE-2026-5595 Source advisory: SNYK:PYTHON-GRIPTAPE-15915635...

aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)

web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: OSV:GHSA-5HR4-253G-CPX2...

aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)

web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: SNYK:PYTHON-WEB3-15907867...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-34511 via openclaw (>=2026.3.22 <=2026.4.12)

openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-34511 Source advisory: SNYK:JS-OPENCLAW-15893691...

org.webjars.npm:listhen (=1.0.1), org.webjars.npm:radix-vue (=1.9.17) +5 more potentially affected by CVE-2026-35209 via org.webjars.npm:defu (=6.1.4)

org.webjars.npm:defu MAVEN version =6.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:defu and may be impacted: - org.webjars.npm:listhen =1.0.1 - org.webjars.npm:radix-vue =1.9.17 - org.webjars.npm:rc9 =2.0.0, =0.52.1, =0.52.3 Sour...

@142vip/vue (>=0.1.6-alpha.11 <=0.1.6-alpha.12), @2digits/oxfmt-config (=0.3.0) +480 more potentially affected by CVE-2026-35209 via defu (>=6.0.0 <=6.1.4)

defu NPM version =6.0.0, =0.1.6-alpha.11, =0.0.1, =0.0.3, =1.0.0, =0.1.22, =0.1.23, =0.1.18, =0.1.21 and more Source cves: CVE-2026-35209 Source advisory: SNYK:JS-DEFU-15914644...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by CVE-2026-35442 via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35442 Source advisory: OSV:GHSA-38HG-WW64-RRWC...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by unknown CVE via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-6Q22-G298-GRJH...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by CVE-2026-35441 via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35441 Source advisory: OSV:GHSA-PH52-67FQ-75WJ...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by CVE-2026-39943 via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-39943 Source advisory: OSV:GHSA-MVV8-V4JJ-G47J...

@altipla/directus-sdk-utils (=0.7.2), @devix-tecnologia/utils-ts (=1.0.0) +5 more potentially affected by CVE-2026-35412 via directus (>=10.10.0 <=11.16.0)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35412 Source advisory: OSV:GHSA-QQMV-5P3G-PX89...

@altipla/directus-sdk-utils (=0.7.2), @devix-tecnologia/utils-ts (=1.0.0) +5 more potentially affected by CVE-2026-35409 via directus (>=10.10.0 <=11.15.4)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35409 Source advisory: OSV:GHSA-WV3H-5FX7-966H...

@altipla/directus-sdk-utils (=0.7.2), @devix-tecnologia/utils-ts (=1.0.0) +5 more potentially affected by CVE-2026-35413 via directus (>=10.10.0 <=11.16.0)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35413 Source advisory: OSV:GHSA-WXWM-3FXV-MRVX...

@altipla/directus-sdk-utils (=0.7.2), @devix-tecnologia/utils-ts (=1.0.0) +5 more potentially affected by CVE-2026-35410 via directus (>=10.10.0 <=11.16.0)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35410 Source advisory: OSV:GHSA-CF45-HXWJ-4CFJ...

@altipla/directus-sdk-utils (=0.7.2), @devix-tecnologia/utils-ts (=1.0.0) +5 more potentially affected by CVE-2026-35411 via directus (>=10.10.0 <=11.16.0)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35411 Source advisory: OSV:GHSA-Q75C-4GMV-MG9X...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by CVE-2026-39942 via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-39942 Source advisory: OSV:GHSA-393C-P46R-7C95...

@altipla/directus-sdk-utils (=0.7.2), @depup/directus (=11.16.1-depup.0) +6 more potentially affected by CVE-2026-35408 via directus (>=10.10.0 <=11.16.1)

directus NPM version =10.10.0, =15.0.0, =1.2.2, =1.0.0, =2.0.0 - directus-extension-blog-year-filter =1.0.0 Source cves: CVE-2026-35408 Source advisory: OSV:GHSA-8M32-P958-JG99...

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-35216 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-35216 Source advisory: OSV:GHSA-FCM4-4PJ2-M5HF...

@budibase/backend-core (>=3.0.0 <=3.2.26), @budibase/bbui (>=3.0.0 <=3.2.26) +7 more potentially affected by CVE-2026-35216 via @budibase/types (>=3.0.0 <=3.2.7)

@budibase/types NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-35216 Source advisory: SNYK:JS-BUDIBASETYPES-15917498...

@budibase/backend-core (>=3.0.0 <=3.2.26), @budibase/bbui (>=3.0.0 <=3.2.26) +6 more potentially affected by CVE-2026-35216 via @budibase/shared-core (>=3.0.0 <=3.2.7)

@budibase/shared-core NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-35216 Source advisory: SNYK:JS-BUDIBASESHAREDCORE-15917499...

budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-35214 via @budibase/server (>=0.0.1 <=0.0.9)

@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-35214 Source advisory: OSV:GHSA-2WFH-RCWF-WH23...

@budibase/backend-core (>=3.0.0 <=3.2.26), @budibase/bbui (>=3.0.0 <=3.2.26) +7 more potentially affected by CVE-2026-35214 via @budibase/types (>=3.0.0 <=3.2.7)

@budibase/types NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-35214 Source advisory: SNYK:JS-BUDIBASETYPES-15917494...

scalyc (>=0.0.2 <=0.0.3) potentially affected by unknown CVE via scaly (>=0.0.2 <=0.0.3)

scaly CARGO version =0.0.2, =0.0.2, =0.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-2C6H-4899-WJXR...

@waigenie/mobile-mcp (=0.0.16) potentially affected by CVE-2026-35394 via @mobilenext/mobile-mcp (=0.0.12)

@mobilenext/mobile-mcp NPM version =0.0.12 is affected by a known vulnerability. The following packages have a transitive dependency on @mobilenext/mobile-mcp and may be impacted: - @waigenie/mobile-mcp =0.0.16 Source cves: CVE-2026-35394 Source advisory: OSV:GHSA-5QHV-X9J4-C3VM...

@waigenie/mobile-mcp (=0.0.16) potentially affected by CVE-2026-35394 via @mobilenext/mobile-mcp (=0.0.12)

@mobilenext/mobile-mcp NPM version =0.0.12 is affected by a known vulnerability. The following packages have a transitive dependency on @mobilenext/mobile-mcp and may be impacted: - @waigenie/mobile-mcp =0.0.16 Source cves: CVE-2026-35394 Source advisory: SNYK:JS-MOBILENEXTMOBILEMCP-15918166...

@runspace/ataraxia-auth (=0.0.0), @runspace/cli (>=0.1.6 <=0.1.8) +19 more potentially affected by unknown CVE via @stablelib/cbor (>=1.0.1 <=1.0.2)

@stablelib/cbor NPM version =1.0.1, =0.1.6, =0.1.3, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =0.8.0, =0.9.0, =0.9.0, =0.8.0, =0.8.0, =0.8.0, =0.11.0, =0.11.0, =0.12.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-5JG4-P4QW-CGFR...

@runspace/ataraxia-auth (=0.0.0), @runspace/cli (>=0.1.6 <=0.1.8) +19 more potentially affected by unknown CVE via @stablelib/cbor (>=1.0.1 <=1.0.2)

@stablelib/cbor NPM version =1.0.1, =0.1.6, =0.1.3, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =0.8.0, =0.9.0, =0.9.0, =0.8.0, =0.8.0, =0.8.0, =0.11.0, =0.11.0, =0.12.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-W48F-FWG7-WW6P...

@openinc/parse-server-opendash (>=4.0.0 <=4.0.11) potentially affected by CVE-2026-35200 via parse-server (>=9.6.0-alpha.37 <=9.7.0)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.11 Source cves: CVE-2026-35200 Source advisory: SNYK:JS-PARSESERVER-15906332...

@openinc/parse-server-opendash (>=4.0.0 <=4.0.11) potentially affected by CVE-2026-35200 via parse-server (>=9.6.0-alpha.37 <=9.7.0)

parse-server NPM version =9.6.0-alpha.37, =4.0.0, =4.0.11 Source cves: CVE-2026-35200 Source advisory: OSV:GHSA-VR5F-2R24-W5HC...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +5585 more potentially affected by unknown CVE via tools.jackson.core:jackson-core (>=3.0.0-rc1 <=3.1.0)

tools.jackson.core:jackson-core MAVEN version =3.0.0-rc1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.1.2, =0.1.0, =0.1.0, =0.7.6, =0.7.21 and more Source cves:...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.1 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +5565 more potentially affected by unknown CVE via tools.jackson.core:jackson-core (>=3.0.0 <=3.1.0)

tools.jackson.core:jackson-core MAVEN version =3.0.0, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.1, =0.1.2, =0.1.0, =0.1.0, =0.7.6, =0.7.21 and more Source cves: unkno...

keycloakauthenticator (>=4.0.5 <=4.0.7), pythoncharmers-meta (>=0.1.0 <=0.2.1) +4 more potentially affected by CVE-2026-33709 via jupyterhub (>=5.0.0b2 <=5.4.3)

jupyterhub PYPI version =5.0.0b2, =4.0.5, =0.1.0, =1.0.11, =1.0.3, =1.2.37, =0.1.4, =0.1.7 Source cves: CVE-2026-33709 Source advisory: SNYK:PYTHON-JUPYTERHUB-15907592...

ai-dynamo (=0.1.0), bento2seldon (>=0.1.0 <=0.4.0) +16 more potentially affected by CVE-2026-35044 via bentoml (>=0.10.1 <=1.4.3)

bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2026-35044 Source advisory: OSV:GHSA-V959-CWQ9-7HR6...

ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-35044 via bentoml (>=1.0.0a7 <=1.4.3)

bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-35044 Source advisory: SNYK:PYTHON-BENTOML-15909744...

ai-dynamo (=0.1.0), bentoctl (=0.2.3) +6 more potentially affected by CVE-2026-35043 via bentoml (>=1.0.0a7 <=1.4.3)

bentoml PYPI version =1.0.0a7, =1.0.1, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.6.20 - raptor-labsdk =0.3.2 Source cves: CVE-2026-35043 Source advisory: SNYK:PYTHON-BENTOML-15909743...

ai-dynamo (=0.1.0), bento2seldon (>=0.1.0 <=0.4.0) +16 more potentially affected by CVE-2026-33744 +1 more via bentoml (>=0.10.1 <=1.4.3)

bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 and more Source cves: CVE-2026-33744, CVE-2026-35043 Source advisory: OSV:GHSA-FGV4-6JR3-JGFW...

@jsprismarine/client (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416), @jsprismarine/prismarine (>=0.12.2-unstable-20250320195345 <=0.13.1-unstable-20250503082416) +1 more potentially affected by CVE-2026-35042 via fast-jwt (>=6.0.0 <=6.0.1)

fast-jwt NPM version =6.0.0, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.12.2-unstable-20250320195345, =0.13.1-unstable-20250503082416 Source cves: CVE-2026-35042 Source advisory: SNYK:JS-FASTJWT-15907854...

03-api-solid (>=1.0.0 <=1.1.2), @aitech-asia/cms (>=0.0.1 <=2.0.35) +298 more potentially affected by CVE-2026-35042 via fast-jwt (>=0.1.1 <=6.0.1)

fast-jwt NPM version =0.1.1, =1.0.0, =0.0.1, =0.0.1, =1.0.0, =1.1.1, =0.2.0, =0.2.0, =0.1.0, =1.0.6, =1.0.11, =1.9.4, =0.8.0, =0.1.1, =0.5.0, =0.7.0, =1.0.0-beta.0 and more Source cves: CVE-2026-35042 Source advisory: OSV:GHSA-HM7R-C7QW-GHP6...

0xpwn (=0.1.1), a2a-acl (=0.0.14) +160 more potentially affected by CVE-2026-35030 via litellm (>=1.80.9 <=1.82.6)

litellm PYPI version =1.80.9, =0.0.1a0, =0.7.3, =0.1.46, =0.0.1, =0.1.14.13, =0.5.2, =0.1.0, =0.10.0, =2.0.0, =2.0.0, =2.0.1 - browser-use =0.12.4 and more Source cves: CVE-2026-35030 Source advisory: SNYK:PYTHON-LITELLM-15907831...

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +753 more potentially affected by CVE-2026-35030 via litellm (>=0.1.400 <=1.82.6)

litellm PYPI version =0.1.400, =0.0.1, =0.0.1a0, =0.3.5, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 and more Source cves: CVE-2026-35030 Source advisory: OSV:GHSA-JJHC-V7C2-5HH6...

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +753 more potentially affected by CVE-2026-35029 via litellm (>=0.1.400 <=1.82.6)

litellm PYPI version =0.1.400, =0.0.1, =0.0.1a0, =0.3.5, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 and more Source cves: CVE-2026-35029 Source advisory: OSV:GHSA-53MR-6C8Q-9789...

01os (>=0.0.1 <=0.0.14), 0xpwn (=0.1.1) +734 more potentially affected by CVE-2026-35029 via litellm (>=1.0.0 <=1.82.6)

litellm PYPI version =1.0.0, =0.0.1, =0.0.1a0, =0.3.5, =0.7.3, =0.1.0, =0.4.0, =0.8.1, =0.1.0, =0.1.39, =0.2.1, =0.2.1.10102025 - agent-memory-server =0.15.0 - agent-opt =0.0.1 and more Source cves: CVE-2026-35029 Source advisory: SNYK:PYTHON-LITELLM-15907616...

@budibase/backend-core (>=3.0.0 <=3.2.26), @budibase/bbui (>=3.0.0 <=3.2.26) +6 more potentially affected by CVE-2026-25044 via @budibase/shared-core (>=3.0.0 <=3.2.7)

@budibase/shared-core NPM version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.2.26 Source cves: CVE-2026-25044 Source advisory: SNYK:JS-BUDIBASESHAREDCORE-15917501...