See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-irb | Versions <0:1.14.3-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby4.0-rubygem-bundler | Versions <0:4.0.3-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42256
Affects ruby3.4-rubygem-psych | Versions <0:5.2.2-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby4.0-doc | Versions <0:4.0.1-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-racc-debuginfo | Versions <0:1.8.1-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-irb | Versions <0:1.16.0-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Loop with Unreachable Exit Condition ('Infinite Loop')CVE-2026-42899
Affects aspnetcore-runtime-dbg-8.0 | Versions <0:8.0.27-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-minitest | Versions <0:6.0.0-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-power_assert | Versions <0:2.0.5-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42256
Affects ruby3.4-rubygem-io-console | Versions <0:0.8.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby4.0-rubygems | Versions <0:4.0.3-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Loop with Unreachable Exit Condition ('Infinite Loop')CVE-2026-42899
Affects dotnet-runtime-8.0 | Versions <0:8.0.27-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
CVE-2026-9538CVE-2026-9538
Affects perl-Archive-Tar-tests | Versions <0:3.04-522.amzn2023.0.3
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42257
Affects ruby3.4-rubygem-rexml | Versions <0:3.4.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby4.0-rubygem-irb | Versions <0:1.16.0-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-irb | Versions <0:1.14.3-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-rbs-debuginfo | Versions <0:3.8.0-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Loop with Unreachable Exit Condition ('Infinite Loop')CVE-2026-42899
Affects aspnetcore-targeting-pack-8.0 | Versions <0:8.0.27-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-typeprof | Versions <0:0.31.1-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-rdoc | Versions <0:7.0.3-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-bigdecimal-debuginfo | Versions <0:3.1.8-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-bundler | Versions <0:2.6.9-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-rexml | Versions <0:3.4.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-minitest | Versions <0:5.25.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Heap-based Buffer OverflowCVE-2026-32177
Affects dotnet-sdk-10.0 | Versions <0:10.0.108-1.amzn2023.0.1
Has fix
amzn:2023Published 10 Jun 2026
- H
Unchecked Input for Loop ConditionCVE-2026-42245
Affects ruby3.4-rubygem-rdoc | Versions <0:6.14.0-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Missing Report of Error ConditionCVE-2026-42246
Affects ruby3.4-rubygem-json-debuginfo | Versions <0:2.9.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
Incorrect Calculation of Buffer SizeCVE-2026-27820
Affects ruby3.4-rubygem-rexml | Versions <0:3.4.4-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby4.0-rubygem-rexml | Versions <0:3.4.4-32.amzn2023.0.2
Has fix
amzn:2023Published 10 Jun 2026
- H
CRLF InjectionCVE-2026-42258
Affects ruby3.4-rubygem-json-debuginfo | Versions <0:2.9.1-27.amzn2023.0.6
Has fix
amzn:2023Published 10 Jun 2026