See the full list of npm packages compromised in the "TanStack Supply Chain Compromise - May 2026" [View compromised packages].
Find out if you have vulnerabilities that put you at risk
Test your applicationsAPPLICATION
OPERATING SYSTEM
- H
Uncontrolled RecursionCVE-2026-6479
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- H
Uncontrolled RecursionCVE-2026-6479
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
Missing AuthorizationCVE-2026-6472
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- M
Missing AuthorizationCVE-2026-6472
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- H
Stack-based Buffer OverflowCVE-2026-6637
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- H
Stack-based Buffer OverflowCVE-2026-6637
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
SQL InjectionCVE-2026-6476
Affects postgresql | Versions [17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- H
Integer Overflow or WraparoundCVE-2026-6473
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- H
Integer Overflow or WraparoundCVE-2026-6473
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
SQL InjectionCVE-2026-6638
Affects postgresql | Versions [16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- H
Use of Inherently Dangerous FunctionCVE-2026-6477
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- H
Use of Inherently Dangerous FunctionCVE-2026-6477
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
Covert Timing ChannelCVE-2026-6478
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- M
Covert Timing ChannelCVE-2026-6478
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
Buffer Over-readCVE-2026-6575
Affects postgresql | Versions [18.0.0,18.4.0)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- H
UNIX Symbolic Link (Symlink) FollowingCVE-2026-6475
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- H
UNIX Symbolic Link (Symlink) FollowingCVE-2026-6475
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
- M
Use of Externally-Controlled Format StringCVE-2026-6474
Affects libpq | Versions [14.2,]
Has fix
ConanPublished 14 May 2026
- M
Use of Externally-Controlled Format StringCVE-2026-6474
Affects postgresql | Versions [14.0,14.23)[15.0,15.18)[16.0,16.14)[17.0,17.10)[18.0,18.4)
Has fix
Unmanaged (C/C++)Published 14 May 2026
Affects knot-simple-formatter | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-rails-assets-pipeline | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-date-utils-rb | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-rspec-formatter-json | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-rack-session-store | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-devise-jwt-helper | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
Affects knot-activesupport-logger | Versions >=0.0.0
Has fix
RubyGemsPublished 14 May 2026
- H
Out-of-bounds ReadCVE-2026-32284
Affects github.com/shamaton/msgpack/v3/internal/decoding | Versions <3.1.1
Has fix
GoPublished 14 May 2026
- H
Out-of-bounds ReadCVE-2026-32284
Affects github.com/shamaton/msgpack/v3/time | Versions <3.1.1
Has fix
GoPublished 14 May 2026