See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Out-of-BoundsCVE-2026-8349
Affects github.com/omec-project/amf/ngap | Versions <2.2.0
Has fix
GoPublished 12 May 2026
- M
Out-of-BoundsCVE-2026-8349
Affects github.com/omec-project/amf/metrics | Versions <2.2.0
Has fix
GoPublished 12 May 2026
- M
Out-of-BoundsCVE-2026-8349
Affects github.com/omec-project/amf/gmm | Versions <2.2.0
Has fix
GoPublished 12 May 2026
- H
Decompression BombCVE-2026-44432
Affects urllib3 | Versions [2.6.0,2.7.0)
Has fix
pipPublished 12 May 2026
- H
Command InjectionCVE-2026-4802
Affects cockpit-project/cockpit | Versions [0,]
Has fix
Unmanaged (C/C++)Published 12 May 2026
- C
Buffer OverflowCVE-2026-42859
Affects any1/neatvnc | Versions [,0.9.6)
Has fix
Unmanaged (C/C++)Published 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41159
Affects org.webjars.npm:mermaid | Versions [0,]
Has fix
MavenPublished 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41159
Affects mermaid | Versions <10.9.6>=11.0.0-alpha.1 <11.15.0
Has fix
npmPublished 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41149
Affects org.webjars.npm:mermaid | Versions [0,]
Has fix
MavenPublished 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41149
Affects mermaid | Versions >=0.0.0 <10.9.6>=11.0.0-alpha.1 <11.15.0
Has fix
npmPublished 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41148
Affects org.webjars.npm:mermaid | Versions [0,]
Has fix
MavenPublished 12 May 2026
- M
Arbitrary Code InjectionCVE-2026-41148
Affects mermaid | Versions <10.9.6>=11.0.0-alpha.1 <11.15.0
Has fix
npmPublished 12 May 2026
- M
Infinite loopCVE-2026-41150
Affects org.webjars.npm:mermaid | Versions [0,]
Has fix
MavenPublished 12 May 2026
- M
Infinite loopCVE-2026-41150
Affects mermaid | Versions <10.9.6>=11.0.0-alpha.1 <11.15.0
Has fix
npmPublished 12 May 2026
- H
Insertion of Sensitive Information Into Sent DataCVE-2026-44431
Affects urllib3 | Versions [1.23,2.7.0)
Has fix
pipPublished 12 May 2026
- H
Denial of Service (DoS)CVE-2021-42218
Affects ompl | Versions [0,]
Has fix
ConanPublished 12 May 2026
- H
Stack-based Buffer OverflowCVE-2026-29974
Affects minmea | Versions [0,]
Has fix
ConanPublished 12 May 2026
Affects @opensearch-project/opensearch | Versions =3.5.3=3.6.2=3.7.0=3.8.0
Has fix
npmPublished 12 May 2026
Affects @uipath/agent.sdk | Versions =0.0.18
Has fix
npmPublished 12 May 2026
Affects @uipath/apollo-react | Versions =4.24.5
Has fix
npmPublished 12 May 2026
Affects @mesadev/saguaro | Versions =0.4.22
Has fix
npmPublished 12 May 2026
Affects @mistralai/mistralai-gcp | Versions =1.7.3=1.7.1=1.7.2
Has fix
npmPublished 12 May 2026
Affects @mistralai/mistralai-azure | Versions =1.7.3=1.7.1=1.7.2
Has fix
npmPublished 12 May 2026
Affects @tallyui/core | Versions =0.2.3=0.2.2=0.2.1
Has fix
npmPublished 12 May 2026
Affects @tallyui/connector-medusa | Versions =1.0.3=1.0.2=1.0.1
Has fix
npmPublished 12 May 2026
Affects @tallyui/database | Versions =1.0.3=1.0.2=1.0.1
Has fix
npmPublished 12 May 2026