Vulnerability DB | Snyk

See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

M

Missing AuthorizationCVE-2026-32299

Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1

Has fix

ComposerPublished 24 Mar 2026

M

Cross-site Scripting (XSS)CVE-2026-32277

Affects opensource-workshop/connect-cms | Versions >=1.35.0, <1.41.1>=2.35.0, <2.41.1

Has fix

ComposerPublished 24 Mar 2026

M

Authorization Bypass Through User-Controlled KeyCVE-2026-32300

Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1

Has fix

ComposerPublished 24 Mar 2026

H

Arbitrary File UploadCVE-2026-32278

Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1

Has fix

ComposerPublished 24 Mar 2026

H

Server-side Request Forgery (SSRF)CVE-2026-32279

Affects opensource-workshop/connect-cms | Versions <1.41.1>=2.0.0, <2.41.1

Has fix

ComposerPublished 24 Mar 2026

H

Active Debug CodeCVE-2026-27131

Affects putyourlightson/craft-sprig | Versions >=2.0.0-alpha.1, <2.15.2>=3.0.0-beta.1, <3.7.2

Has fix

ComposerPublished 24 Mar 2026

M

Improper Certificate ValidationCVE-2026-4587

Affects hybridauth/hybridauth | Versions <3.13.0

Has fix

ComposerPublished 24 Mar 2026

H

PHP Remote File InclusionCVE-2026-33513

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Use of a Broken or Risky Cryptographic AlgorithmCVE-2026-33512

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Cross-site Request Forgery (CSRF)CVE-2026-33507

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Arbitrary Code InjectionCVE-2026-33479

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

Server-side Request Forgery (SSRF)CVE-2026-33502

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

Server-side Request Forgery (SSRF)CVE-2026-33480

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

Inadequate Encryption StrengthCVE-2026-33488

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

Command InjectionCVE-2026-33482

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Directory TraversalCVE-2026-33493

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Session FixationCVE-2026-33492

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

SQL InjectionCVE-2026-33485

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

M

Missing AuthorizationCVE-2026-33501

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

Allocation of Resources Without Limits or ThrottlingCVE-2026-33483

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

M

Cross-site Scripting (XSS)CVE-2026-33500

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

C

Server-side Request Forgery (SSRF)CVE-2026-33351

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

M

External Control of File Name or PathCVE-2026-33354

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

H

SQL InjectionCVE-2026-33352

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

M

Authorization Bypass Through User-Controlled KeyCVE-2026-33297

Affects wwbn/avideo | Versions <29.0

Has fix

ComposerPublished 23 Mar 2026

L

Open RedirectCVE-2026-33296

Affects wwbn/avideo | Versions <26.0

Has fix

ComposerPublished 23 Mar 2026

H

Cross-site Scripting (XSS)CVE-2026-33295

Affects wwbn/avideo | Versions <26.0

Has fix

ComposerPublished 23 Mar 2026

M

Server-side Request Forgery (SSRF)CVE-2026-33294

Affects wwbn/avideo | Versions <26.0

Has fix

ComposerPublished 23 Mar 2026

M

Directory TraversalCVE-2026-33293

Affects wwbn/avideo | Versions <26.0

Has fix

ComposerPublished 23 Mar 2026

H

Directory TraversalCVE-2026-33292

Affects wwbn/avideo | Versions <26.0

Has fix

ComposerPublished 23 Mar 2026

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.