Vulnerability DB | Snyk

See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].

Find out if you have vulnerabilities that put you at risk

Test your applications

All Vulnerabilities

APPLICATION

Cargo | Rust
Objective-C, CocoaPods | Swift
Composer | PHP
Conan | C/C++
GitHub | Go
Hex | Elixir / Erlang
Maven | Java
npm | JavaScript
NuGet | C#/F#/VB
Pypi | Python
pub | Dart, Flutter
RubyGems | Ruby
Swift Packages | Swift
C/C++

OPERATING SYSTEM

All OS vulnerabilities
AlmaLinux
Alpine Linux
Amazon Linux
CentOS
Chainguard
Debian
MinimOS
Oracle Linux
Red Hat Enterprise Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu
Wolfi

Report a new vulnerability

H

Out-of-bounds WriteCVE-2026-40033

Affects freerdp-devel | Versions *

No fix available

centos:10Published 19 Jun 2026

H

Out-of-bounds WriteCVE-2026-40033

Affects freerdp-devel | Versions *

No fix available

rhel:10Published 19 Jun 2026

H

Out-of-bounds WriteCVE-2026-40033

Affects freerdp | Versions *

No fix available

centos:10Published 19 Jun 2026

H

Out-of-bounds WriteCVE-2026-40033

Affects freerdp | Versions *

No fix available

rhel:10Published 19 Jun 2026

L

CVE-2026-39824CVE-2026-39824

Affects fluxcd-source-controller | Versions <1.9.0-r0

Has fix

minimos:latestPublished 19 Jun 2026

C

CVE-2026-27143CVE-2026-27143

Affects delve-1.24 | Versions *

No fix available

minimos:latestPublished 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0 | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby3.4 | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby3.3 | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-rubygem-pg | Versions *

No fix available

centos:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-rubygem-pg | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-rubygem-mysql2 | Versions *

No fix available

centos:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-rubygem-mysql2 | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-doc | Versions *

No fix available

centos:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-doc | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-devel | Versions *

No fix available

centos:10Published 19 Jun 2026

M

CRLF InjectionCVE-2026-42257

Affects ruby4.0-devel | Versions *

No fix available

rhel:10Published 19 Jun 2026

L

CVE-2026-49468CVE-2026-49468

Affects litellm-1.81 | Versions *

No fix available

minimos:latestPublished 19 Jun 2026

H

Allocation of Resources Without Limits or ThrottlingCVE-2026-45591

Affects aspnetcore-runtime-8.0 | Versions <0:8.0.28-1.hum1

Has fix

rhel:10Published 19 Jun 2026

L

Out-of-BoundsCVE-2026-39830

Affects kube-vip-1.0 | Versions *

No fix available

minimos:latestPublished 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects golang-github-danielqsj-kafka_exporter | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects skupper-cli | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects skupper-cli | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects yggdrasil-worker-forwarder | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects satellite:el8/yggdrasil-worker-forwarder | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects golang-github-openstack-k8s-operators-os-diff | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects golang-github-infrawatch-apputils | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects etcd | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects collectd-libpod-stats | Versions *

No fix available

rhel:10Published 19 Jun 2026

M

Improper Output Neutralization for LogsCVE-2026-42507

Affects golang-github-infrawatch-apputils | Versions *

No fix available

rhel:10Published 19 Jun 2026

Product

Partners
Developers & Devops Features
Enterprise Features
Pricing
Test with GitHub
Test with CLI
API status

Resources

Vulnerability DB
Blog
Documentation
FAQs

Company

About
Jobs
Contact
Legal terms
Privacy
Press kit
Events

Contact us

Support
Report a new vuln

Find us online

Track our development

© 2026 Snyk Ltd.