See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Use After FreeCVE-2026-9114
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- M
Heap-based Buffer OverflowCVE-2026-9119
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- H
Use After FreeCVE-2026-9120
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- M
Heap-based Buffer OverflowCVE-2026-9123
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- H
Use After FreeCVE-2026-9126
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- M
Improper Input ValidationCVE-2026-9124
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- H
Out-of-bounds ReadCVE-2026-9121
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- H
Out-of-bounds ReadCVE-2026-9122
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
- M
Access Control BypassCVE-2026-9115
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
Affects chromium | Versions [,148.0.7778.179)
Has fix
Unmanaged (C/C++)Published 21 May 2026
Affects @limebike/supreme-date-pickers | Versions *
No fix available
npmPublished 21 May 2026
Affects @limebike/supreme-data-grid | Versions *
No fix available
npmPublished 21 May 2026
Affects @limebike/frontend-core-api | Versions *
No fix available
npmPublished 21 May 2026
Affects @doctolib-apps/native-personalized-services | Versions *
No fix available
npmPublished 21 May 2026
Affects apache-airflow-providers-cncf-kubernetes | Versions [,10.17.0rc1)
Has fix
pipPublished 21 May 2026
- M
Improper Encoding or Escaping of OutputCVE-2026-45011
Affects apostrophe | Versions <4.30.0
Has fix
npmPublished 21 May 2026
- M
Directory TraversalCVE-2026-32175
Affects microsoft.netcore.app.runtime.win-arm64 | Versions [,8.0.27)[9.0.0-preview.1.24080.9, 9.0.16)[10.0.0-preview.1.25080.5, 10.0.8)
Has fix
NuGetPublished 21 May 2026
- M
Directory TraversalCVE-2026-32175
Affects microsoft.netcore.app.runtime.win-x64 | Versions [,8.0.27)[9.0.0-preview.1.24080.9, 9.0.16)[10.0.0-preview.1.25080.5, 10.0.8)
Has fix
NuGetPublished 21 May 2026
- M
Directory TraversalCVE-2026-32175
Affects microsoft.netcore.app.runtime.win-x86 | Versions [,8.0.27)[9.0.0-preview.1.24080.9, 9.0.16)[10.0.0-preview.1.25080.5, 10.0.8)
Has fix
NuGetPublished 21 May 2026
Affects art-template | Versions =4.13.3=4.13.5=4.13.6
Has fix
npmPublished 20 May 2026
- C
Improper AuthenticationCVE-2026-33117
Affects com.azure:azure-security-keyvault-keys | Versions [,4.10.6)
Has fix
MavenPublished 20 May 2026
- H
Insertion of Sensitive Information into Log FileCVE-2026-6347
Affects github.com/mattermost/mattermost-plugin-calls/server | Versions <1.11.2
Has fix
GoPublished 20 May 2026
- H
Integer Overflow or WraparoundCVE-2026-33642
Affects kovidgoyal/kitty | Versions [,0.47.0)
Has fix
Unmanaged (C/C++)Published 20 May 2026
- H
Heap-based Buffer OverflowCVE-2026-33633
Affects kovidgoyal/kitty | Versions [,0.47.0)
Has fix
Unmanaged (C/C++)Published 20 May 2026
- M
Inadequate Encryption StrengthCVE-2025-45768
Affects pyjwt | Versions [,2.11.0)
Has fix
pipPublished 20 May 2026
- M
Incorrect AuthorizationCVE-2026-6342
Affects github.com/mattermost/mattermost-plugin-msteams-devsecops/server | Versions >=0.0.0
Has fix
GoPublished 20 May 2026
- M
Incorrect AuthorizationCVE-2026-4273
Affects github.com/mattermost/mattermost/server/v8/platform/services/remotecluster | Versions >=10.11.0-rc1 <10.11.14-rc1>=11.5.0-rc1 <11.5.2-rc1
Has fix
GoPublished 20 May 2026