See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects @mastra/deployer-vercel | Versions =1.1.38
Has fix
npmPublished 17 Jun 2026
Affects @mastra/deployer-netlify | Versions =1.1.20
Has fix
npmPublished 17 Jun 2026
Affects @mastra/deployer-cloudflare | Versions =1.1.44
Has fix
npmPublished 17 Jun 2026
Affects @mastra/deployer-cloud | Versions =1.42.1
Has fix
npmPublished 17 Jun 2026
Affects @mastra/deployer | Versions =1.42.1
Has fix
npmPublished 17 Jun 2026
Affects @mastra/couchbase | Versions =1.0.4
Has fix
npmPublished 17 Jun 2026
Affects @mastra/cloudflare-d1 | Versions =1.0.7
Has fix
npmPublished 17 Jun 2026
Affects @mastra/cloudflare | Versions =1.4.2
Has fix
npmPublished 17 Jun 2026
Affects @mastra/client-js | Versions =1.24.1
Has fix
npmPublished 17 Jun 2026
Affects @mastra/clickhouse | Versions =1.10.1
Has fix
npmPublished 17 Jun 2026
Affects @mastra/browser-viewer | Versions =0.1.3
Has fix
npmPublished 17 Jun 2026
Affects @mastra/browser-firecrawl | Versions =0.1.1
Has fix
npmPublished 17 Jun 2026
Affects @mastra/brightdata | Versions =0.2.2
Has fix
npmPublished 17 Jun 2026
Affects @mastra/braintrust | Versions =1.1.4
Has fix
npmPublished 17 Jun 2026
Affects @mastra/auth-workos | Versions =1.5.3
Has fix
npmPublished 17 Jun 2026
Affects @mastra/auth-supabase | Versions =1.0.2
Has fix
npmPublished 17 Jun 2026