See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Cross-site Scripting (XSS)CVE-2026-32629
Affects thorsten/phpmyfaq | Versions <4.1.1
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Scripting (XSS)CVE-2026-32629
Affects phpmyfaq/phpmyfaq | Versions <4.1.1
Has fix
ComposerPublished 5 Apr 2026
- H
XML External Entity (XXE) InjectionCVE-2026-29924
Affects getgrav/grav | Versions >=0.0.0
Has fix
ComposerPublished 5 Apr 2026
- M
Missing AuthorizationCVE-2026-35448
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Missing Authentication for Critical FunctionCVE-2026-35450
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Information ExposureCVE-2026-35452
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Information ExposureCVE-2026-35449
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Missing AuthorizationCVE-2026-35179
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Request Forgery (CSRF)CVE-2026-35181
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Server-side Request Forgery (SSRF)CVE-2026-34740
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Access Control BypassCVE-2026-34733
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Improper AuthorizationCVE-2026-34738
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Scripting (XSS)CVE-2026-34739
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Missing Authentication for Critical FunctionCVE-2026-34731
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Missing Authentication for Critical FunctionCVE-2026-34732
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Missing AuthorizationCVE-2026-34737
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Request Forgery (CSRF)CVE-2026-34613
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Scripting (XSS)CVE-2026-34716
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Request Forgery (CSRF)CVE-2026-34611
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Missing AuthorizationCVE-2026-34395
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Scripting (XSS)CVE-2026-34396
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Request Forgery (CSRF)CVE-2026-34394
Affects wwbn/avideo | Versions <29.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Scripting (XSS)CVE-2026-34559
Affects ci4-cms-erp/ci4ms | Versions <0.31.0.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Scripting (XSS)CVE-2026-34557
Affects ci4-cms-erp/ci4ms | Versions <0.31.0.0
Has fix
ComposerPublished 5 Apr 2026
- H
Cross-site Scripting (XSS)CVE-2026-34558
Affects ci4-cms-erp/ci4ms | Versions <0.31.0.0
Has fix
ComposerPublished 5 Apr 2026
- M
Cross-site Scripting (XSS)CVE-2026-27599
Affects ci4-cms-erp/ci4ms | Versions <0.31.0.0
Has fix
ComposerPublished 5 Apr 2026
Affects aws/aws-sdk-php | Versions >=3.11.7, <3.371.4
Has fix
ComposerPublished 2 Apr 2026
- H
Cross-site Scripting (XSS)CVE-2026-6204
Affects librenms/librenms | Versions >=1.48, <26.3.0
Has fix
ComposerPublished 2 Apr 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-30662
Affects concrete5/concrete5 | Versions <9.5.1
Has fix
ComposerPublished 2 Apr 2026