See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Improper Validation of Consistency within InputCVE-2026-31709
Affects kernel6.12 | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Buffer Access with Incorrect Length ValueCVE-2026-31708
Affects kernel6.12-devel | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Time-of-check Time-of-use (TOCTOU)CVE-2026-31456
Affects kernel6.12-modules-extra | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Improper Validation of Consistency within InputCVE-2026-31709
Affects bpftool6.12-debuginfo | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Buffer Access with Incorrect Length ValueCVE-2026-31708
Affects bpftool6.12-debuginfo | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Initialization of ResourceCVE-2026-43088
Affects kernel6.12-debuginfo | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Buffer Access with Incorrect Length ValueCVE-2026-31708
Affects perf6.12 | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Time-of-check Time-of-use (TOCTOU)CVE-2026-31456
Affects kernel6.12-devel | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Improper Validation of Consistency within InputCVE-2026-31709
Affects perf6.12 | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect SynchronizationCVE-2026-31575
Affects bpftool6.12-debuginfo | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Improper Validation of Specified Quantity in InputCVE-2026-31694
Affects kernel6.12 | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- M
Predictable from Observable StateCVE-2026-40164
Affects jq-debugsource | Versions <0:1.8.1-59.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- M
Affects mariadb1011-oqgraph-engine | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- M
Affects mariadb1011-rocksdb-engine-debuginfo | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
Time-of-check Time-of-use (TOCTOU)CVE-2026-31456
Affects kernel6.12-modules-extra-common | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Out-of-bounds WriteCVE-2026-32740
Affects libheif-debugsource | Versions <0:1.19.8-1.amzn2023.0.5
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect SynchronizationCVE-2026-31575
Affects perf6.12 | Versions <1:6.12.90-120.164.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-34303
Affects mariadb1011-connect-engine | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
Out-of-bounds ReadCVE-2026-32882
Affects libheif-tools | Versions <0:1.19.8-1.amzn2023.0.5
Has fix
amzn:2023Published 10 Jun 2026
- M
Integer Overflow or WraparoundCVE-2026-32316
Affects jq | Versions <0:1.8.1-59.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
Out-of-bounds ReadCVE-2026-32882
Affects libheif-debuginfo | Versions <0:1.19.8-1.amzn2023.0.5
Has fix
amzn:2023Published 10 Jun 2026
- M
Affects mariadb1011-sphinx-engine-debuginfo | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
Buffer OverflowCVE-2026-32741
Affects libheif-debuginfo | Versions <0:1.19.8-1.amzn2023.0.5
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect Type Conversion or CastCVE-2026-46597
Affects rclone | Versions <0:1.74.2-80.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- M
Improper Certificate ValidationCVE-2026-42011
Affects gnutls | Versions <0:3.8.10-4.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygem-minitest | Versions <0:5.25.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-34303
Affects mariadb1011-gssapi-server-debuginfo | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- M
Affects mariadb1011-rocksdb-engine | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
Out-of-bounds ReadCVE-2025-39901
Affects kernel | Versions <1:6.1.174-217.345.amzn2023
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-doc | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026