See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Incorrect Permission Assignment for Critical ResourceCVE-2026-45246
Affects @steipete/summarize | Versions <0.15.0
Has fix
npmPublished 19 May 2026
- M
Incorrect Permission Assignment for Critical ResourceCVE-2026-45222
Affects @steipete/summarize | Versions <0.15.0
Has fix
npmPublished 19 May 2026
- H
Directory TraversalCVE-2026-22810
Affects @joplin/onenote-converter | Versions <3.6.3
Has fix
npmPublished 19 May 2026
- H
Missing Authentication for Critical FunctionCVE-2026-42856
Affects network-ai | Versions <5.1.3
Has fix
npmPublished 19 May 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-45149
Affects brace-expansion | Versions >=5.0.2 <5.0.6
Has fix
npmPublished 19 May 2026
- M
Directory TraversalCVE-2026-7645
Affects consciousness-explorer | Versions <1.1.2
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-svg-picker | Versions =2.2.46=2.1.46
Has fix
npmPublished 19 May 2026
Affects @antv/l7-utils | Versions =2.27.10=2.26.10
Has fix
npmPublished 19 May 2026
Affects jest-electron | Versions =0.3.12=0.2.12
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-canvas-renderer | Versions =2.7.1=2.6.1
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-physx | Versions =2.3.1=2.2.1
Has fix
npmPublished 19 May 2026
Affects @antv/gatsby-theme | Versions =0.3.0=0.2.0
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-svg-renderer | Versions =2.6.1=2.5.1
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-zdog-svg-renderer | Versions =2.3.1=2.2.1
Has fix
npmPublished 19 May 2026
Affects @antv/g-shader-components | Versions =2.2.0=2.1.0
Has fix
npmPublished 19 May 2026
Affects @antv/torch | Versions =1.2.6=1.1.6
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-rough-canvas-renderer | Versions =2.3.1=2.2.1
Has fix
npmPublished 19 May 2026
Affects @antv/gi-common-components | Versions =1.5.16=1.4.16
Has fix
npmPublished 19 May 2026
Affects @antv/dom-util | Versions =2.2.4=2.1.4
Has fix
npmPublished 19 May 2026
Affects @antv/dw-random | Versions =1.3.7=1.2.7
Has fix
npmPublished 19 May 2026
Affects @antv/x6-angular-shape | Versions =3.2.1=3.1.1
Has fix
npmPublished 19 May 2026
Affects @antv/g-plugin-webgpu-device | Versions =1.11.17=1.10.17
Has fix
npmPublished 19 May 2026
Affects @antv/gi-assets-tugraph | Versions =2.3.15=2.2.15
Has fix
npmPublished 19 May 2026
Affects @antv/g2plot-schemas | Versions =1.4.2=1.3.2
Has fix
npmPublished 19 May 2026
Affects @antv/l7-draw | Versions =3.3.5=3.2.5
Has fix
npmPublished 19 May 2026