See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Arbitrary Code InjectionCVE-2026-42555
Affects com.ritense.valtimo:document | Versions [12.0.0.RELEASE,12.32.0.RELEASE)
Has fix
MavenPublished 15 May 2026
- H
Server-side Request Forgery (SSRF)CVE-2026-7412
Affects org.eclipse.digitaltwin.basyx:basyx.submodelrepository-feature-operation-delegation | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelservice-backend | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelservice-core | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelservice-http | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelrepository-http | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelrepository-core | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.submodelrepository-backend | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.http | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.filerepository-backend | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.filerepository-backend-mongodb | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- H
Directory TraversalCVE-2026-7411
Affects org.eclipse.digitaltwin.basyx:basyx.filerepository-backend-inmemory | Versions [,2.0.0-milestone-10)
Has fix
MavenPublished 15 May 2026
- M
Incorrect Implementation of Authentication AlgorithmCVE-2026-42333
Affects io.quarkiverse.openapi.generator:quarkus-openapi-generator | Versions [,2.11.1-lts)[2.12.0,2.16.0-lts)
Has fix
MavenPublished 15 May 2026
- H
Open RedirectCVE-2026-44503
Affects com.microsoft.kiota:microsoft-kiota-http-okhttp | Versions [,1.9.1)
Has fix
MavenPublished 15 May 2026
- M
Regular Expression Denial of Service (ReDoS)CVE-2026-42567
Affects org.webjars.npm:svelte | Versions [5.53.12,]
Has fix
MavenPublished 15 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-42599
Affects org.webjars.npm:svelte | Versions [0,]
Has fix
MavenPublished 15 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-42573
Affects org.webjars.npm:svelte | Versions [0,]
Has fix
MavenPublished 15 May 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-42570
Affects org.webjars.npm:devalue | Versions [0,]
Has fix
MavenPublished 15 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-44990
Affects org.webjars.npm:sanitize-html | Versions [0,]
Has fix
MavenPublished 15 May 2026
- H
Missing AuthorizationCVE-2026-39816
Affects org.apache.nifi:nifi-other-graph-services | Versions [2.0.0-M1,2.9.0)
Has fix
MavenPublished 14 May 2026
- C
Improper AuthenticationCVE-2026-43512
Affects org.apache.tomcat:catalina | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- C
Improper AuthenticationCVE-2026-43512
Affects tomcat:catalina | Versions [0,]
Has fix
MavenPublished 14 May 2026
- C
Improper AuthenticationCVE-2026-43512
Affects org.apache.tomcat:tomcat-catalina | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- C
Improper AuthenticationCVE-2026-43512
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- M
Improper Handling of Case SensitivityCVE-2026-43513
Affects org.apache.tomcat:catalina | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- M
Improper Handling of Case SensitivityCVE-2026-43513
Affects tomcat:catalina | Versions [0,]
Has fix
MavenPublished 14 May 2026
- M
Improper Handling of Case SensitivityCVE-2026-43513
Affects org.apache.tomcat:tomcat-catalina | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- M
Improper Handling of Case SensitivityCVE-2026-43513
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- M
Improper Validation of Syntactic Correctness of InputCVE-2026-41293
Affects org.apache.tomcat.embed:tomcat-embed-core | Versions [,9.0.118)[10.0.0-M1,10.1.55)[11.0.0-M1,11.0.22)
Has fix
MavenPublished 14 May 2026
- M
Improper Validation of Syntactic Correctness of InputCVE-2026-41293
Affects org.apache.tomcat:coyote | Versions [0,]
Has fix
MavenPublished 14 May 2026