26517 matches found
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1233 more potentially affected by CVE-2026-39365 via vite (>=8.0.1 <=8.0.3)
vite NPM version =8.0.1, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39365 Source advisory: SNYK:JS-VITE-15922213...
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1254 more potentially affected by CVE-2026-39365 via vite (>=8.0.0 <=8.0.3)
vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39365 Source advisory: OSV:GHSA-4W7W-66W2-5VF9...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +189 more potentially affected by CVE-2026-39365 via vite (>=7.0.1 <=7.3.1)
vite NPM version =7.0.1, =1.89.2, =20.1.3, =0.1.0, =0.0.4, =0.2.9, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39365 Source advisory: SNYK:JS-VITE-15922213...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +211 more potentially affected by CVE-2026-39365 via vite (>=7.0.0 <=7.3.1)
vite NPM version =7.0.0, =1.89.2, =20.1.0, =0.1.0, =0.0.4, =0.2.9, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39365 Source advisory: OSV:GHSA-4W7W-66W2-5VF9...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +196 more potentially affected by CVE-2026-39365 via vite (>=6.0.0-alpha.11 <=6.4.1)
vite NPM version =6.0.0-alpha.11, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =6.0.0, =0.0.0-sessions-20241122114539, =0.0.0-sessions-20241122114539, =0.0.0-sessions-20241122114539, =6.0.2-beta.0 and more Source cves: CVE-2026-39365 Source advisory: SNYK:JS-VITE-15922213...
org.webjars.npm:vitepress (=1.0.0-draft.8) potentially affected by CVE-2026-39365 via org.webjars.npm:vite (=3.0.0-beta.9)
org.webjars.npm:vite MAVEN version =3.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vite and may be impacted: - org.webjars.npm:vitepress =1.0.0-draft.8 Source cves: CVE-2026-39365 Source advisory:...
@slidev-react/cli (>=0.4.6 <=0.4.14), @slidev-react/node (>=0.4.6 <=0.4.14) potentially affected by CVE-2026-39365 via vite-plus (=0.1.11)
vite-plus NPM version =0.1.11 is affected by a known vulnerability. The following packages have a transitive dependency on vite-plus and may be impacted: - @slidev-react/cli =0.4.6, =0.4.6, =0.4.14 Source cves: CVE-2026-39365 Source advisory: SNYK:JS-VITEPLUS-15922214...
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1254 more potentially affected by CVE-2026-39364 via vite (>=8.0.0 <=8.0.3)
vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39364 Source advisory: OSV:GHSA-V2WJ-Q39Q-566R...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +172 more potentially affected by CVE-2026-39364 via vite (>=7.1.0 <=7.3.1)
vite NPM version =7.1.0, =1.89.2, =20.2.0, =0.1.0, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39364 Source advisory: OSV:GHSA-V2WJ-Q39Q-566R...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +172 more potentially affected by CVE-2026-39364 via vite (>=7.1.0 <=7.3.1)
vite NPM version =7.1.0, =1.89.2, =20.2.0, =0.1.0, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39364 Source advisory: SNYK:JS-VITE-15922245...
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1254 more potentially affected by CVE-2026-39364 via vite (>=8.0.0 <=8.0.3)
vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39364 Source advisory: SNYK:JS-VITE-15922245...
@slidev-react/cli (>=0.4.6 <=0.4.14), @slidev-react/node (>=0.4.6 <=0.4.14) potentially affected by CVE-2026-39364 via vite-plus (=0.1.11)
vite-plus NPM version =0.1.11 is affected by a known vulnerability. The following packages have a transitive dependency on vite-plus and may be impacted: - @slidev-react/cli =0.4.6, =0.4.6, =0.4.14 Source cves: CVE-2026-39364 Source advisory: SNYK:JS-VITEPLUS-15922246...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +181 more potentially affected by CVE-2026-39363 via vite (>=6.0.0 <=6.4.1)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.4.11 and more Source cves: CVE-2026-39363 Source advisory: OSV:GHSA-P9FF-H696-F583...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +211 more potentially affected by CVE-2026-39363 via vite (>=7.0.0 <=7.3.1)
vite NPM version =7.0.0, =1.89.2, =20.1.0, =0.1.0, =0.0.4, =0.2.9, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39363 Source advisory: SNYK:JS-VITE-15922242...
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1254 more potentially affected by CVE-2026-39363 via vite (>=8.0.0 <=8.0.3)
vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39363 Source advisory: OSV:GHSA-P9FF-H696-F583...
@11ty/eleventy-plugin-vite (>=8.0.0 <=8.0.0-alpha.2), @17sierra/config (=0.1.0) +1254 more potentially affected by CVE-2026-39363 via vite (>=8.0.0 <=8.0.3)
vite NPM version =8.0.0, =8.0.0, =0.0.1, =0.1.9, =0.0.15-0.1, =0.0.42, =0.1.8, =0.0.1-bate.2, =0.1.0, =0.1.0, =0.0.8, =0.0.9 - @adhisang/minecraft-modding-mcp =1.0.0 and more Source cves: CVE-2026-39363 Source advisory: SNYK:JS-VITE-15922242...
@agregio-solutions/design-system (>=1.89.2 <=1.89.4), @altipla/directus-sdk-utils (=0.7.2) +211 more potentially affected by CVE-2026-39363 via vite (>=7.0.0 <=7.3.1)
vite NPM version =7.0.0, =1.89.2, =20.1.0, =0.1.0, =0.0.4, =0.2.9, =0.79.1, =1.0.0-beta.23, =2.1.2-alpha.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.23.0, =2.29.0 and more Source cves: CVE-2026-39363 Source advisory: OSV:GHSA-P9FF-H696-F583...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +181 more potentially affected by CVE-2026-39363 via vite (>=6.0.0 <=6.4.1)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.4.11 and more Source cves: CVE-2026-39363 Source advisory: SNYK:JS-VITE-15922242...
@slidev-react/cli (>=0.4.6 <=0.4.14), @slidev-react/node (>=0.4.6 <=0.4.14) potentially affected by CVE-2026-39363 via vite-plus (=0.1.11)
vite-plus NPM version =0.1.11 is affected by a known vulnerability. The following packages have a transitive dependency on vite-plus and may be impacted: - @slidev-react/cli =0.4.6, =0.4.6, =0.4.14 Source cves: CVE-2026-39363 Source advisory: SNYK:JS-VITEPLUS-15922243...
aas2openapi (>=0.2.0 <=0.2.4), adelecv (>=0.0.1 <=0.0.2) +85 more potentially affected by CVE-2026-35526 via strawberry-graphql (>=0.103.9 <=0.312.0)
strawberry-graphql PYPI version =0.103.9, =0.2.0, =0.0.1, =0.0.1, =0.1.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2rc0, =0.9.0, =25.13.0, =0.41.0, =0.133.0 and more Source cves: CVE-2026-35526 Source advisory: SNYK:PYTHON-STRAWBERRYGRAPHQL-15922315...
agent-evaluator (=0.7.8), apppy-app (>=0.1.0 <=0.24.1) +61 more potentially affected by CVE-2026-35526 via strawberry-graphql (>=0.202.1 <=0.312.0)
strawberry-graphql PYPI version =0.202.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.0.33, =0.9.0, =25.13.0, =0.41.0, =1.2.0, =0.1.0a1, =1.1.20, =2.1.1 - dictatorgenai =0.1.0 and more Source cves: CVE-2026-35526 Source advisory: OSV:GHSA-HV3W-M4G2-5X77...
aas2openapi (>=0.2.0 <=0.2.4), adelecv (>=0.0.1 <=0.0.2) +85 more potentially affected by CVE-2026-35523 via strawberry-graphql (>=0.103.9 <=0.312.0)
strawberry-graphql PYPI version =0.103.9, =0.2.0, =0.0.1, =0.0.1, =0.1.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2rc0, =0.9.0, =25.13.0, =0.41.0, =0.133.0 and more Source cves: CVE-2026-35523 Source advisory: SNYK:PYTHON-STRAWBERRYGRAPHQL-15922312...
agent-evaluator (=0.7.8), apppy-app (>=0.1.0 <=0.24.1) +61 more potentially affected by CVE-2026-35523 via strawberry-graphql (>=0.202.1 <=0.312.0)
strawberry-graphql PYPI version =0.202.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.1.0, =0.1.0, =0.0.33, =0.9.0, =25.13.0, =0.41.0, =1.2.0, =0.1.0a1, =1.1.20, =2.1.1 - dictatorgenai =0.1.0 and more Source cves: CVE-2026-35523 Source advisory: OSV:GHSA-VPWC-V33Q-MQ89...
dbt-duckdb-kedro-datasets (>=0.1.0 <=0.1.2), kedro (>=0.19.0 <=0.19.1) +9 more potentially affected by CVE-2026-35492 via kedro-datasets (>=1.2.0 <=7.0.0)
kedro-datasets PYPI version =1.2.0, =0.1.0, =0.19.0, =0.4.1, =0.4.0, =0.1.2, =0.12.2, =0.2.0, =0.1.0, =0.7.0, =0.1.0, =0.1.0, =0.1.3 Source cves: CVE-2026-35492 Source advisory: OSV:GHSA-CJG8-H5QC-HRJV...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-26981 via openexr (>=3.4.12 <=3.4.4)
openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-26981 Source advisory: OSV:GHSA-Q6VJ-WXVF-5M8C...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64183 via openexr (=3.4.12)
openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...
sfx (=0.1.0) potentially affected by CVE-2025-64183 via openexr (=3.2.4)
openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64183 Source advisory: OSV:GHSA-57CW-J6VP-2P9M...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64182 via openexr (=3.4.12)
openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...
sfx (=0.1.0) potentially affected by CVE-2025-64182 via openexr (=3.2.4)
openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2025-64182 Source advisory: OSV:GHSA-VH63-9MQX-WMJR...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +65 more potentially affected by CVE-2025-64181 via openexr (=3.4.12)
openexr PYPI version =3.4.12 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - angorapy =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves:...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-34378 via openexr (>=3.4.12 <=3.4.4)
openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34378 Source advisory: SNYK:PYTHON-OPENEXR-15993306...
nvidia-vipe (>=0.1.1 <=1.2.0), sfx (=0.1.0) potentially affected by CVE-2026-34378 via openexr (>=3.2.4 <=3.2.9)
openexr PYPI version =3.2.4, =0.1.1, =1.2.0 - sfx =0.1.0 Source cves: CVE-2026-34378 Source advisory: SNYK:PYTHON-OPENEXR-15993306...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-34379 via openexr (>=3.4.12 <=3.4.4)
openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34379 Source advisory: SNYK:PYTHON-OPENEXR-15993246...
sfx (=0.1.0) potentially affected by CVE-2026-34379 via openexr (=3.2.4)
openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2026-34379 Source advisory: SNYK:PYTHON-OPENEXR-15993246...
angorapy (>=0.9.1 <=0.10.8), apple-hdr-heic (=0.1.0) +66 more potentially affected by CVE-2026-34380 via openexr (>=3.4.12 <=3.4.4)
openexr PYPI version =3.4.12, =0.9.1, =0.5.0, =0.2.5, =0.1.0rc1, =0.0.1, =0.1.0, =0.2.1, =0.0.4, =0.1.7, =0.0.1, =0.1.1, =0.0.0, =0.0.4 and more Source cves: CVE-2026-34380 Source advisory: SNYK:PYTHON-OPENEXR-15993236...
sfx (=0.1.0) potentially affected by CVE-2026-34380 via openexr (=3.2.4)
openexr PYPI version =3.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on openexr and may be impacted: - sfx =0.1.0 Source cves: CVE-2026-34380 Source advisory: SNYK:PYTHON-OPENEXR-15993236...
ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.charlyghislain.keycloak:keycloak-importexport (>=21.0.0 <=23.0.1) +164 more potentially affected by CVE-2026-37977 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=26.5.7)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =0.1.0, =21.0.0, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.0.0, =1.2.0 and more Source cves: CVE-2026-37977 Source advisory: OSV:GHSA-5V8V-XVJV-57X7https://vulners.com/osv/OSV:GHSA-5V8V-XVJ...
gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5631 via gpt-researcher (=0.15.1)
gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5631 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917487...
gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5632 via gpt-researcher (=0.15.1)
gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5632 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917488...
gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5630 via gpt-researcher (=0.15.1)
gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5630 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917486...
gpt-researcher-mcp (>=0.1.0 <=0.1.5), iflow-mcp-joshualelon-deep-research-mcp (=0.1.0) +1 more potentially affected by CVE-2026-5633 via gpt-researcher (=0.15.1)
gpt-researcher PYPI version =0.15.1 is affected by a known vulnerability. The following packages have a transitive dependency on gpt-researcher and may be impacted: - gpt-researcher-mcp =0.1.0, =2.1.6, =2.1.8 Source cves: CVE-2026-5633 Source advisory: SNYK:PYTHON-GPTRESEARCHER-15917485...
composio-griptape (>=0.3.13 <=0.7.20), griptape-cli (=0.1.0) +5 more potentially affected by CVE-2026-5596 via griptape (>=1.10.2 <=1.5.0)
griptape PYPI version =1.10.2, =0.3.13, =0.26.4, =0.84.0, =0.8.0, =2.0.3, =2.2.9 Source cves: CVE-2026-5596 Source advisory: SNYK:PYTHON-GRIPTAPE-15915642...
griptape (>=0.1.0 <=0.5.1) potentially affected by CVE-2026-5596 via griptape-tools (>=0.7.0 <=0.7.1)
griptape-tools PYPI version =0.7.0, =0.1.0, =0.5.1 Source cves: CVE-2026-5596 Source advisory: SNYK:PYTHON-GRIPTAPETOOLS-15915643...
composio-griptape (>=0.3.13 <=0.7.20), griptape-cli (=0.1.0) +5 more potentially affected by CVE-2026-5597 via griptape (>=1.10.2 <=1.5.0)
griptape PYPI version =1.10.2, =0.3.13, =0.26.4, =0.84.0, =0.8.0, =2.0.3, =2.2.9 Source cves: CVE-2026-5597 Source advisory: SNYK:PYTHON-GRIPTAPE-15915638...
griptape-cli (=0.1.0) potentially affected by CVE-2026-5595 via griptape (=1.5.0)
griptape PYPI version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on griptape and may be impacted: - griptape-cli =0.1.0 Source cves: CVE-2026-5595 Source advisory: SNYK:PYTHON-GRIPTAPE-15915635...
aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)
web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: SNYK:PYTHON-WEB3-15907867...
aark-sdk (>=0.1.2 <=0.1.9), abi-maker (=0.1.2) +404 more potentially affected by CVE-2026-40072 via web3 (>=6.0.0b3 <=7.14.1)
web3 PYPI version =6.0.0b3, =0.1.2, =0.1.7, =2.6.0, =1.1.0, =1.0.0, =0.2.1, =0.1.0, =0.7.2, =0.3.0, =0.4.0a1, =0.1.0b1, =0.1.22, =0.4.0, =0.7.0, =0.7.1 and more Source cves: CVE-2026-40072 Source advisory: OSV:GHSA-5HR4-253G-CPX2...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (>=0.8.3 <=0.9.5) +16 more potentially affected by CVE-2026-34511 via openclaw (>=2026.3.22 <=2026.4.12)
openclaw NPM version =2026.3.22, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =2.0.1, =0.0.7, =0.0.11 and more Source cves: CVE-2026-34511 Source advisory: SNYK:JS-OPENCLAW-15893691...
@142vip/vue (>=0.1.6-alpha.11 <=0.1.6-alpha.12), @2digits/oxfmt-config (=0.3.0) +472 more potentially affected by CVE-2026-35209 via defu (>=6.0.0 <=6.1.4)
defu NPM version =6.0.0, =0.1.6-alpha.11, =0.0.1, =0.0.3, =1.0.0, =0.1.22, =0.1.23, =0.1.18, =0.1.21 and more Source cves: CVE-2026-35209 Source advisory: SNYK:JS-DEFU-15914644...
org.webjars.npm:listhen (=1.0.1), org.webjars.npm:radix-vue (=1.9.17) +5 more potentially affected by CVE-2026-35209 via org.webjars.npm:defu (=6.1.4)
org.webjars.npm:defu MAVEN version =6.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:defu and may be impacted: - org.webjars.npm:listhen =1.0.1 - org.webjars.npm:radix-vue =1.9.17 - org.webjars.npm:rc9 =2.0.0, =0.52.1, =0.52.3 Sour...