See the full list of npm packages compromised in the "Node-gyp Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Incorrect AuthorizationCVE-2026-47227
Affects admidio/admidio | Versions <5.0.10
Has fix
ComposerPublished 31 May 2026
- M
Cross-site Request Forgery (CSRF)CVE-2026-47228
Affects admidio/admidio | Versions <5.0.10
Has fix
ComposerPublished 31 May 2026
- H
Cross-site Scripting (XSS)CVE-2026-45368
Affects getkirby/cms | Versions <4.9.1>=5.0.0-alpha.1, <5.4.1
Has fix
ComposerPublished 31 May 2026
- M
Missing AuthorizationCVE-2026-45334
Affects getkirby/cms | Versions <4.9.1>=5.0.0-alpha.1, <5.4.1
Has fix
ComposerPublished 31 May 2026
- H
Cross-site Scripting (XSS)CVE-2026-44175
Affects getkirby/cms | Versions <4.9.1>=5.0.0-alpha.1, <5.4.1
Has fix
ComposerPublished 31 May 2026
- M
Missing AuthorizationCVE-2026-44176
Affects getkirby/cms | Versions <4.9.1>=5.0.0-alpha.1, <5.4.1
Has fix
ComposerPublished 31 May 2026
Affects getkirby/cms | Versions <4.9.1>=5.0.0-alpha.1, <5.4.1
Has fix
ComposerPublished 31 May 2026
- H
PHP Remote File InclusionCVE-2026-44177
Affects getkirby/cms | Versions >=5.3.0, <5.4.1
Has fix
ComposerPublished 31 May 2026
- M
Directory TraversalCVE-2026-47144
Affects shamefile | Versions [,0.1.7)
Has fix
pipPublished 31 May 2026
- M
Directory TraversalCVE-2026-47144
Affects shamefile | Versions <0.1.7
Has fix
npmPublished 31 May 2026
- M
Directory TraversalCVE-2026-47144
Affects shamefile | Versions <0.1.7
Has fix
CargoPublished 31 May 2026
- M
Out-of-bounds ReadCVE-2026-5071
Affects zephyrproject-rtos/zephyr | Versions [,3.7.2-rc2)[4.0,0-rc1,4.2.2)[4,3,0-rc1,4.4.0-rc1)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- M
Out-of-bounds ReadCVE-2026-45613
Affects rizinorg/rizin | Versions [0,]
Has fix
Unmanaged (C/C++)Published 31 May 2026
- L
Double FreeCVE-2026-45324
Affects rizinorg/rizin | Versions [0,]
Has fix
Unmanaged (C/C++)Published 31 May 2026
- H
Out-of-bounds ReadCVE-2026-45615
Affects vlm/asn1c | Versions [,1.4.2)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- M
Infinite loopCVE-2026-10028
Affects glib-networking | Versions [0,]
Has fix
Unmanaged (C/C++)Published 31 May 2026
- M
Insertion of Sensitive Information into Log FileCVE-2026-41185
Affects github.com/projectcalico/calico/cni-plugin/internal/pkg/azure | Versions <3.32.0
Has fix
GoPublished 31 May 2026
- M
Insertion of Sensitive Information into Log FileCVE-2026-41185
Affects github.com/projectcalico/calico/cni-plugin/pkg/install | Versions <3.32.0
Has fix
GoPublished 31 May 2026
- C
Command InjectionCVE-2026-4408
Affects samba | Versions [,4.24.3)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- C
Deserialization of Untrusted DataCVE-2026-7301
Affects sglang | Versions [0.5.5,]
Has fix
pipPublished 31 May 2026
- H
Directory TraversalCVE-2026-7302
Affects sglang | Versions [0.5.5,]
Has fix
pipPublished 31 May 2026
- H
Out-of-bounds WriteCVE-2026-8915
Affects Samsung/escargot | Versions [0,]
Has fix
Unmanaged (C/C++)Published 31 May 2026
- H
Improper Validation of Array IndexCVE-2026-45104
Affects mapserver | Versions [6.4.0,8.6.3)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- M
Numeric Range Comparison Without Minimum CheckCVE-2026-48840
Affects exim/exim | Versions [4.88.0,4.99.4)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- C
Deserialization of Untrusted DataCVE-2026-7304
Affects sglang | Versions [0.4.1.post7,]
Has fix
pipPublished 31 May 2026
- M
NULL Pointer DereferenceCVE-2026-9759
Affects wireshark | Versions [4.4.0,4.4.16)[4.6.0,4.6.6)
Has fix
Unmanaged (C/C++)Published 31 May 2026
- M
Inefficient Algorithmic ComplexityCVE-2026-44378
Affects botan | Versions [,3.12.0)
Has fix
ConanPublished 31 May 2026
- M
Inefficient Algorithmic ComplexityCVE-2026-44378
Affects botan | Versions [,3.12.0)
Has fix
Unmanaged (C/C++)Published 31 May 2026