See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects atlasboard-atlassian-package | Versions *
No fix available
npmPublished 5 Jan 2020
- M
Incorrect AuthorizationCVE-2021-26073
Affects atlassian-connect-express | Versions >=3.0.2 <6.6.0
Has fix
npmPublished 13 Feb 2025
Affects atlassian-jenkins-helper-utils | Versions *
No fix available
npmPublished 15 May 2026
Affects atlassian-marathon-asset-pipeline | Versions *
No fix available
npmPublished 15 May 2026
Affects atlassian-plugin_installer | Versions >=0.0.0
Has fix
RubyGemsPublished 17 Apr 2020
Affects atlassian-sketch-plugin | Versions *
No fix available
npmPublished 30 Aug 2023
- H
Access Restriction BypassCVE-2021-26077
Affects com.atlassian.connect:atlassian-connect-spring-boot-core | Versions [1.1.0,2.1.3)[2.1.4,2.1.5)
Has fix
MavenPublished 17 Jun 2021
Affects eslint-config-atlassian-fecq | Versions *
No fix available
npmPublished 21 Jan 2025
- H
Cross-site Request Forgery (CSRF)CVE-2025-24398
Affects io.jenkins.plugins:atlassian-bitbucket-server-integration | Versions [2.1.0,4.1.4)
Has fix
MavenPublished 23 Jan 2025
- M
Missing AuthorizationCVE-2022-28134
Affects io.jenkins.plugins:atlassian-bitbucket-server-integration | Versions [,3.2.0)
Has fix
MavenPublished 30 Nov 2022
- M
Cross-site Scripting (XSS)CVE-2022-28133
Affects io.jenkins.plugins:atlassian-bitbucket-server-integration | Versions [2.0.0,3.2.0)
Has fix
MavenPublished 30 Nov 2022
- M
Server-side Request Forgery (SSRF)CVE-2026-27826
Affects mcp-atlassian | Versions [,0.17.0)
Has fix
pipPublished 13 Mar 2026
- M
External Control of File Name or PathCVE-2026-27825
Affects mcp-atlassian | Versions [,0.17.0)
Has fix
pipPublished 13 Mar 2026