See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Missing Release of Resource after Effective LifetimeCVE-2026-39830
Affects runfinch-finch | Versions <0:1.17.1-1.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-34303
Affects mariadb1011-server-debuginfo | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- M
Affects mariadb1011-oqgraph-engine-debuginfo | Versions <3:10.11.18-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygems-devel | Versions <0:3.6.9-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Improper Certificate ValidationCVE-2026-42508
Affects runfinch-finch | Versions <0:1.17.1-1.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- M
Information ExposureCVE-2026-5419
Affects gnutls-debuginfo | Versions <0:3.8.10-4.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-rubygem-bundler | Versions <0:2.6.9-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- M
Improper Validation of Specified Quantity in InputCVE-2026-42013
Affects gnutls | Versions <0:3.8.10-4.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-json | Versions <0:2.9.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42256
Affects ruby3.4-rubygem-racc-debuginfo | Versions <0:1.8.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- M
Improper Validation of Specified Quantity in InputCVE-2026-42013
Affects gnutls-dane | Versions <0:3.8.10-4.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-doc | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42256
Affects ruby3.4-default-gems | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect Calculation of Buffer SizeCVE-2026-27820
Affects ruby3.4-bundled-gems-debuginfo | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-debugsource | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygems | Versions <0:3.6.9-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygems-devel | Versions <0:3.6.9-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- M
Improper Validation of Specified Quantity in InputCVE-2026-42013
Affects gnutls-dane-debuginfo | Versions <0:3.8.10-4.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-bundled-gems | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygem-typeprof | Versions <0:0.30.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-power_assert | Versions <0:2.0.5-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-doc | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect Calculation of Buffer SizeCVE-2026-27820
Affects ruby3.4-rubygem-irb | Versions <0:1.14.3-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect Calculation of Buffer SizeCVE-2026-27820
Affects ruby3.4-rubygem-power_assert | Versions <0:2.0.5-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygem-rake | Versions <0:13.2.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-rubygem-minitest | Versions <0:5.25.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4 | Versions <0:3.4.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygem-rexml | Versions <0:3.4.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-rubygem-test-unit | Versions <0:3.6.7-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42256
Affects ruby3.4-rubygem-test-unit | Versions <0:3.6.7-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026