See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Deserialization of Untrusted DataCVE-2026-28277
Affects langgraph | Versions [,1.0.10rc1)
Has fix
pipPublished 6 Mar 2026
- H
Deserialization of Untrusted DataCVE-2026-28277
Affects langgraph-checkpoint | Versions [,4.0.1rc1)
Has fix
pipPublished 6 Mar 2026
- M
Uncaught ExceptionCVE-2025-69534
Affects markdown | Versions [,3.8.1)
Has fix
pipPublished 6 Mar 2026
Affects sagemaker-core | Versions [2.0,2.4.0)
Has fix
pipPublished 6 Mar 2026
Affects dbt-common | Versions [,1.34.2)[1.35.0,1.37.3)
Has fix
pipPublished 5 Mar 2026
- L
Open RedirectCVE-2026-27982
Affects django-allauth | Versions [,65.14.1)
Has fix
pipPublished 5 Mar 2026
- M
Eval InjectionCVE-2026-28370
Affects vitrage | Versions [,12.0.1)[13.0.0.0rc1,13.0.1)[14.0.0.0rc1,14.0.1)[15.0.0.0rc1,15.0.1)
Has fix
pipPublished 5 Mar 2026
- M
Out-of-bounds ReadCVE-2026-28231
Affects pillow-heif | Versions [,1.3.0)
Has fix
pipPublished 5 Mar 2026
- C
Missing Authentication for Critical FunctionCVE-2026-22207
Affects openviking | Versions [,0.2.1.dev28)
Has fix
pipPublished 5 Mar 2026
- C
Improper Verification of Cryptographic SignatureCVE-2026-28802
Affects authlib | Versions [1.6.0,1.6.7)
Has fix
pipPublished 5 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-28222
Affects wagtail | Versions [,6.3.8)[6.4rc1,7.0.6)[7.1rc1,7.2.3)[7.3rc1,7.3.1)
Has fix
pipPublished 4 Mar 2026
- M
Cross-site Scripting (XSS)CVE-2026-28223
Affects wagtail | Versions [,6.3.8)[6.4rc1,7.0.6)[7.1rc1,7.2.3)[7.3rc1,7.3.1)
Has fix
pipPublished 4 Mar 2026
- C
Heap-based Buffer OverflowCVE-2026-20777
Affects biosig | Versions [,3.9.3)
Has fix
pipPublished 4 Mar 2026
- C
Heap-based Buffer OverflowCVE-2026-22891
Affects biosig | Versions [,3.9.3)
Has fix
pipPublished 4 Mar 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-25673
Affects django | Versions [4.2a1,4.2.29)[5.2a1,5.2.12)[6.0a1,6.0.3)
Has fix
pipPublished 4 Mar 2026
- L
Race ConditionCVE-2026-25674
Affects django | Versions [4.2a1,4.2.29)[5.2a1,5.2.12)[6.0a1,6.0.3)
Has fix
pipPublished 4 Mar 2026
- H
Directory TraversalCVE-2025-12638
Affects keras | Versions [,3.12.0)
Has fix
pipPublished 4 Mar 2026
- H
Heap-based Buffer OverflowCVE-2025-23317
Affects nvidia-pytriton | Versions [0,]
Has fix
pipPublished 3 Mar 2026
- H
Integer Overflow or WraparoundCVE-2025-23323
Affects nvidia-pytriton | Versions [0,]
Has fix
pipPublished 3 Mar 2026
- M
Division by zeroCVE-2025-23321
Affects nvidia-pytriton | Versions [0,]
Has fix
pipPublished 3 Mar 2026
Affects agenta | Versions [,0.86.8)
Has fix
pipPublished 3 Mar 2026
- C
Directory TraversalCVE-2026-28795
Affects openchatbi | Versions [,0.2.2)
Has fix
pipPublished 3 Mar 2026
- M
Improper Encoding or Escaping of OutputCVE-2026-28348
Affects lxml-html-clean | Versions [,0.4.4)
Has fix
pipPublished 3 Mar 2026
- M
Improper Encoding or Escaping of OutputCVE-2026-28350
Affects lxml-html-clean | Versions [,0.4.4)
Has fix
pipPublished 3 Mar 2026
- M
Inefficient Algorithmic ComplexityCVE-2026-28804
Affects pypdf | Versions [,6.7.5)
Has fix
pipPublished 3 Mar 2026
- H
Allocation of Resources Without Limits or ThrottlingCVE-2026-27932
Affects joserfc | Versions [,1.6.3)
Has fix
pipPublished 3 Mar 2026
- M
Allocation of Resources Without Limits or ThrottlingCVE-2026-27695
Affects zae-limiter | Versions [,0.10.1)
Has fix
pipPublished 2 Mar 2026