See the full list of npm packages compromised in the "Antv Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- M
Heap-based Buffer OverflowCVE-2026-8212
Affects gdal | Versions [,3.12.4)
Has fix
pipPublished 10 May 2026
- M
Heap-based Buffer OverflowCVE-2026-8213
Affects gdal | Versions [,3.12.4)
Has fix
pipPublished 10 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-44708
Affects mistune | Versions [3.0.0a1 ,3.2.1)
Has fix
pipPublished 10 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-44896
Affects mistune | Versions [3.0.0rc2,3.2.1)
Has fix
pipPublished 10 May 2026
- H
Cross-site Scripting (XSS)CVE-2026-44549
Affects open-webui | Versions [,0.8.0)
Has fix
pipPublished 9 May 2026
- M
Arbitrary File UploadCVE-2026-44566
Affects open-webui | Versions [,0.1.124)
Has fix
pipPublished 9 May 2026
- M
Missing AuthorizationCVE-2026-44567
Affects open-webui | Versions [,0.1.124)
Has fix
pipPublished 9 May 2026
- M
Cross-site Scripting (XSS)CVE-2026-44568
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Incorrect AuthorizationCVE-2026-44561
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Missing AuthorizationCVE-2026-44560
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- C
Improper AuthenticationCVE-2026-44551
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Missing AuthorizationCVE-2026-44550
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Missing AuthorizationCVE-2026-44562
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Incorrect AuthorizationCVE-2026-44558
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Missing AuthorizationCVE-2026-44554
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Missing AuthorizationCVE-2026-44557
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Missing AuthorizationCVE-2026-44559
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Missing AuthorizationCVE-2026-44555
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Missing AuthorizationCVE-2026-44556
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Incorrect AuthorizationCVE-2026-44553
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Missing AuthorizationCVE-2026-44563
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Exposure of Resource to Wrong SphereCVE-2026-44552
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- M
Incorrect AuthorizationCVE-2026-44564
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- H
Cross-site Scripting (XSS)CVE-2026-44721
Affects open-webui | Versions [,0.9.0)
Has fix
pipPublished 9 May 2026
- C
Arbitrary Code InjectionCVE-2026-4810
Affects google-adk | Versions [1.7.0,1.28.1)[2.0.0a1,2.0.0a2)
Has fix
pipPublished 8 May 2026
- H
Uncaught ExceptionCVE-2026-24175
Affects nvidia-pytriton | Versions [0,]
Has fix
pipPublished 8 May 2026
- H
Integer Overflow or WraparoundCVE-2026-24173
Affects nvidia-pytriton | Versions [0,]
Has fix
pipPublished 8 May 2026
- M
Heap-based Buffer OverflowCVE-2026-8084
Affects gdal | Versions [,3.12.4)
Has fix
pipPublished 8 May 2026