See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Arbitrary Code InjectionCVE-2026-41414
Affects skim | Versions <4.6.1
Has fix
CargoPublished 3 May 2026
Affects hickory-proto | Versions >=0.3.1 <0.26.1
Has fix
CargoPublished 3 May 2026
- M
Integer Overflow or WraparoundCVE-2026-44216
Affects wasmtime | Versions >=30.0.0 <36.0.8>=37.0.0 <43.0.2>=44.0.0 <44.0.1
Has fix
CargoPublished 3 May 2026
- H
Memory Allocation with Excessive Size ValueCVE-2026-42189
Affects russh | Versions <0.60.1
Has fix
CargoPublished 29 Apr 2026
- M
Integer Overflow or WraparoundCVE-2026-42199
Affects grid | Versions >=0.17.0 <1.0.1
Has fix
CargoPublished 29 Apr 2026
- H
Server-side Request Forgery (SSRF)CVE-2026-42181
Affects lemmy_api_common | Versions <0.19.18-beta.3
Has fix
CargoPublished 29 Apr 2026
- M
Server-side Request Forgery (SSRF)CVE-2026-42180
Affects lemmy_api_common | Versions <0.19.18-beta.1
Has fix
CargoPublished 29 Apr 2026
- C
SQL InjectionCVE-2026-23696
Affects wmill | Versions >=1.276.0 <1.603.3
Has fix
CargoPublished 28 Apr 2026
- H
Missing AuthorizationCVE-2026-22683
Affects wmill | Versions >=1.56.0 <1.615.0
Has fix
CargoPublished 28 Apr 2026
Affects astral-tokio-tar | Versions <0.6.1
Has fix
CargoPublished 28 Apr 2026
- H
Improper Validation of Integrity Check ValueCVE-2026-40323
Affects sp1-sdk | Versions >=6.0.0 <6.1.0
Has fix
CargoPublished 27 Apr 2026
- H
Improper Validation of Integrity Check ValueCVE-2026-40323
Affects sp1-recursion-circuit | Versions >=6.0.0 <6.1.0
Has fix
CargoPublished 27 Apr 2026
- H
Improper Validation of Integrity Check ValueCVE-2026-40323
Affects sp1-prover | Versions >=6.0.0 <6.1.0
Has fix
CargoPublished 27 Apr 2026
- H
Access Control BypassCVE-2026-35533
Affects mise | Versions >=2026.2.18
Has fix
CargoPublished 27 Apr 2026
- M
Reachable AssertionCVE-2026-41585
Affects zebra-rpc | Versions >=1.0.0-beta.45 <6.0.2
Has fix
CargoPublished 27 Apr 2026
- M
Reachable AssertionCVE-2026-41585
Affects zebrad | Versions >=2.2.0 <4.3.1
Has fix
CargoPublished 27 Apr 2026
- C
Improper Following of Specification by CallerCVE-2026-41583
Affects zebrad | Versions <4.3.1
Has fix
CargoPublished 27 Apr 2026
- C
Improper Following of Specification by CallerCVE-2026-41583
Affects zebra-script | Versions <5.0.1
Has fix
CargoPublished 27 Apr 2026
- C
Reachable AssertionCVE-2026-41584
Affects zebrad | Versions <4.3.1
Has fix
CargoPublished 27 Apr 2026
- C
Reachable AssertionCVE-2026-41584
Affects zebra-chain | Versions <6.0.2
Has fix
CargoPublished 27 Apr 2026
- H
Comparison Using Wrong FactorsCVE-2026-40880
Affects zebra-consensus | Versions <5.0.2
Has fix
CargoPublished 27 Apr 2026
- H
Comparison Using Wrong FactorsCVE-2026-40880
Affects zebrad | Versions <4.3.1
Has fix
CargoPublished 27 Apr 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-40881
Affects zebrad | Versions <4.3.1
Has fix
CargoPublished 27 Apr 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-40881
Affects zebra-network | Versions <5.0.1
Has fix
CargoPublished 27 Apr 2026
- M
Insufficient Verification of Data AuthenticityCVE-2026-6967
Affects tough | Versions <0.22.0
Has fix
CargoPublished 27 Apr 2026
- M
Insufficient Verification of Data AuthenticityCVE-2026-6967
Affects tuftool | Versions <0.15.0
Has fix
CargoPublished 27 Apr 2026