See the full list of npm packages affected by the "Mastra Supply Chain Compromise - June 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
Affects auth0-templates-scripts-utils | Versions *
No fix available
npmPublished 10 Jun 2026
Affects @easytipsportal/node-helper | Versions *
No fix available
npmPublished 10 Jun 2026
Affects security-env-loader | Versions *
No fix available
npmPublished 10 Jun 2026
Affects auth0-templates-scripts | Versions *
No fix available
npmPublished 10 Jun 2026
Affects npmjs_ethers-common | Versions *
No fix available
npmPublished 10 Jun 2026
Affects npmjs_hardhat-common | Versions *
No fix available
npmPublished 10 Jun 2026
Affects use-context-selector-tony | Versions *
No fix available
npmPublished 10 Jun 2026
Affects martinez-polygon-clipping-tony | Versions *
No fix available
npmPublished 10 Jun 2026
Affects npmjs_truffle-helper | Versions *
No fix available
npmPublished 10 Jun 2026
Affects martinez-polygon-clipping-simul-dalton | Versions *
No fix available
npmPublished 10 Jun 2026
Affects @validator-sdk/pubkey | Versions *
No fix available
npmPublished 10 Jun 2026
- M
Operation on a Resource after Expiration or ReleaseCVE-2026-33463
Affects kibana | Versions >=8.0.0 <8.19.16>=9.0.0 <9.3.5
Has fix
npmPublished 10 Jun 2026
- M
Directory TraversalCVE-2026-33462
Affects kibana | Versions >=8.0.0 <8.19.16>=9.0.0 <9.3.5
Has fix
npmPublished 10 Jun 2026
- M
Cross-site Scripting (XSS)CVE-2026-42401
Affects kibana | Versions >=8.0.0 <8.19.16>=9.0.0 <9.3.5
Has fix
npmPublished 10 Jun 2026
- M
Server-side Request Forgery (SSRF)CVE-2026-42398
Affects kibana | Versions >=9.0.0 <9.2.8>=9.3.0 <9.3.2
Has fix
npmPublished 10 Jun 2026