See the full list of npm packages compromised in the "SHA1-Hulud npm supply chain incident – Nov 2025" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
| VULNERABILITY | AFFECTS | TYPE | PUBLISHED |
|---|---|---|---|
| microsoft.netcore.app.runtime.osx-x64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.win-arm[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.win-arm64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.win-x64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.win-x86[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.linux-arm[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.linux-arm64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.linux-musl-arm[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.linux-musl-arm64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| microsoft.netcore.app.runtime.linux-musl-x64[8.0.0, 8.0.21)[9.0.0-preview.1.24081.3,9.0.10) | NuGet | 16 Oct 2025 |
| mammoth[,1.11.0) | NuGet | 16 Oct 2025 |
| microsoft.build.utilities.core[17.8.0,17.8.43)[17.10.0,17.10.46)[17.11.0,17.11.48)[17.12.0,17.12.50)[17.14.0,17.14.28) | NuGet | 16 Oct 2025 |
| microsoft.build[17.8.0,17.8.43)[17.10.0,17.10.46)[17.11.0,17.11.48)[17.12.0,17.12.50)[17.14.0,17.14.28) | NuGet | 16 Oct 2025 |
| microsoft.build.tasks.core[17.8.0,17.8.43)[17.10.0,17.10.46)[17.11.0,17.11.48)[17.12.0,17.12.50)[17.14.0,17.14.28) | NuGet | 16 Oct 2025 |
| microsoft.aspnetcore.server.kestrel.core[,2.3.6) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-arm[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-arm64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-musl-arm[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-musl-arm64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-musl-x64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.linux-x64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.osx-arm64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.osx-x64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.win-arm[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.win-arm64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.win-x64[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| microsoft.aspnetcore.app.runtime.win-x86[8.0.0, 8.0.21)[9.0.0, 9.0.10)[10.0.0-rc.1.25451.107, 0.0.0-rc.2.25502.107) | NuGet | 15 Oct 2025 |
| system.management.automation[7.0.0-preview.1,7.0.10)[7.1.0-preview.1,7.1.7)[7.2.0-preview.1,7.2.3) | NuGet | 14 Oct 2025 |
| amazon.iondotnet[,1.3.2) | NuGet | 10 Oct 2025 |
| akka.remote[1.2.0,1.5.52) | NuGet | 7 Oct 2025 |