See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- C
Improper Validation of Array IndexCVE-2026-21413
Affects libraw | Versions [,0.22.1)
Has fix
ConanPublished 9 Apr 2026
- M
Improperly Implemented Security Check for StandardCVE-2026-25834
Affects mbedtls | Versions [3.4.1,3.6.6)
Has fix
ConanPublished 8 Apr 2026
- H
Improper Verification of Cryptographic SignatureCVE-2026-34872
Affects mbedtls | Versions [,3.6.6)
Has fix
ConanPublished 8 Apr 2026
- C
Buffer OverflowCVE-2026-34875
Affects mbedtls | Versions [3.5.0,3.6.6)
Has fix
ConanPublished 8 Apr 2026
Affects mbedtls | Versions [3.5.0,3.6.6)
Has fix
ConanPublished 8 Apr 2026
- H
Out-of-bounds ReadCVE-2026-34876
Affects mbedtls | Versions [3.1.0,3.6.6)
Has fix
ConanPublished 8 Apr 2026
- M
Out-of-bounds ReadCVE-2026-28386
Affects openssl | Versions [3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- C
Use After FreeCVE-2026-28387
Affects openssl | Versions [,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- H
NULL Pointer DereferenceCVE-2026-28388
Affects openssl | Versions [,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- H
NULL Pointer DereferenceCVE-2026-28389
Affects openssl | Versions [,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- H
Improper Check for Unusual or Exceptional ConditionsCVE-2026-31790
Affects openssl | Versions [,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- C
Out-of-bounds WriteCVE-2026-31789
Affects openssl | Versions [3.0.5,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- H
NULL Pointer DereferenceCVE-2026-28390
Affects openssl | Versions [,3.0.20)[3.1.0,3.3.7)[3.4.0,3.4.5)[3.5.0,3.5.6)[3.6.0,3.6.2)
Has fix
ConanPublished 8 Apr 2026
- H
Out-of-bounds WriteCVE-2026-5190
Affects aws-c-event-stream | Versions [0,]
Has fix
ConanPublished 8 Apr 2026
- M
Covert Timing ChannelCVE-2025-66442
Affects mbedtls | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- L
Always-Incorrect Control Flow ImplementationCVE-2026-35414
Affects openssh | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- H
Improper Preservation of PermissionsCVE-2026-35385
Affects openssh | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- L
Incorrect Behavior OrderCVE-2026-35386
Affects openssh | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- L
Unprotected Alternate ChannelCVE-2026-35388
Affects openssh | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- L
Always-Incorrect Control Flow ImplementationCVE-2026-35387
Affects openssh | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- M
Heap-based Buffer OverflowCVE-2026-34743
Affects xz_utils | Versions [,5.8.3)
Has fix
ConanPublished 7 Apr 2026
- M
Expired Pointer DereferenceCVE-2026-35094
Affects libinput | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- M
Arbitrary Code InjectionCVE-2026-35093
Affects libinput | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- M
HTTP Request SmugglingCVE-2026-34441
Affects cpp-httplib | Versions [,0.44.0)
Has fix
ConanPublished 7 Apr 2026
- M
Out-of-bounds ReadCVE-2026-5342
Affects libraw | Versions [,0.22.1)
Has fix
ConanPublished 7 Apr 2026
- M
Out-of-bounds WriteCVE-2026-5318
Affects libraw | Versions [,0.22.1)
Has fix
ConanPublished 7 Apr 2026
- H
Heap-based Buffer OverflowCVE-2026-5201
Affects gdk-pixbuf | Versions [0,]
Has fix
ConanPublished 7 Apr 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-5316
Affects stb | Versions [0,]
Has fix
ConanPublished 7 Apr 2026