Replace dependency redux-devtools-extension with @redux-devtools/extension ^3.0.0 (main) #151
Security Report
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|
CVE-616547-419802Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ parseurl-1.3.3.tgz (Vulnerable Library) |
 Critical |
9.8 | Transitive parseurl-1.3.3.tgz |
sdk-1.13.2.tgz | None | |
CVE-607537-903744Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> ❌ ajv-6.12.6.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ajv-6.12.6.tgz |
sdk-1.13.2.tgz | None | |
CVE-398484-724968Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> debug-4.3.7.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ms-2.1.3.tgz |
bump-cli-2.8.4.tgz | None | |
CVE-398484-724968Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> elastic-apm-node-4.13.0.tgz (Root Library) -> agentkeepalive-4.2.1.tgz -> humanize-ms-1.2.1.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ms-2.1.3.tgz |
elastic-apm-node-4.13.0.tgz | None | |
CVE-398484-724968Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> jsonwebtoken-9.0.2.tgz (Root Library) -> ❌ ms-2.1.3.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ms-2.1.3.tgz |
jsonwebtoken-9.0.2.tgz | None | |
CVE-398484-724968Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> elasticsearch-9.1.1.tgz (Root Library) -> transport-9.0.1.tgz -> ❌ ms-2.1.3.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ms-2.1.3.tgz |
elasticsearch-9.1.1.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> inquirer-8.2.7.tgz (Root Library) -> ora-5.4.1.tgz -> bl-4.1.0.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
inquirer-8.2.7.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> wellknown-0.5.0.tgz (Root Library) -> concat-stream-1.5.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
wellknown-0.5.0.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> server-11.11.0.tgz (Root Library) -> multipipe-1.0.2.tgz -> duplexer2-0.1.4.tgz -> readable-stream-2.3.8.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
server-11.11.0.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> glob-7.2.3.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
cli-1.34.5.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> del-6.1.1.tgz (Root Library) -> rimraf-3.0.2.tgz -> glob-7.2.3.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
del-6.1.1.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> openpgp-5.11.3.tgz (Root Library) -> asn1.js-5.4.1.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
openpgp-5.11.3.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> borc-3.0.0.tgz (Root Library) -> readable-stream-3.6.2.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
borc-3.0.0.tgz | None | |
CVE-289561-266276Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> http-errors-2.0.0.tgz -> ❌ inherits-2.0.4.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive inherits-2.0.4.tgz |
sdk-1.13.2.tgz | None | |
CVE-2026-1615Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> ❌ jsonpath-1.1.1.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive jsonpath-1.1.1.tgz |
bump-cli-2.8.4.tgz | Transitive Upgrade to version jsonpath - 1.3.0 or greater |
None |
CVE-2025-12735Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ expr-eval-2.0.2.tgz (Vulnerable Library) |
Critical |
9.8 | Direct expr-eval-2.0.2.tgz |
expr-eval-2.0.2.tgz | expr-eval-fork - 3.0.0,expr-eval-fork - 3.0.1 | None |
CVE-154062-641864Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> on-finished-2.4.1.tgz -> ❌ ee-first-1.1.1.tgz (Vulnerable Library) |
Critical |
9.8 | Transitive ee-first-1.1.1.tgz |
sdk-1.13.2.tgz | None | |
CVE-121740-819191Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> ❌ lodash-4.17.21.tgz (Vulnerable Library) |
Critical |
9.8 | Direct lodash-4.17.21.tgz |
lodash-4.17.21.tgz | None | |
CVE-105163-391686Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library) |
Critical |
9.8 | Direct jquery-3.7.1.tgz |
jquery-3.7.1.tgz | None | |
CVE-2026-25896Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> respect-core-1.34.5.tgz -> openapi-sampler-1.6.1.tgz -> ❌ fast-xml-parser-4.5.3.tgz (Vulnerable Library) |
Critical |
9.3 | Transitive fast-xml-parser-4.5.3.tgz |
cli-1.34.5.tgz | Transitive https://github.com/naturalintelligence/fast-xml-parser.git - v5.3.5 |
None |
CVE-2026-25896Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> client-bedrock-runtime-3.883.0.tgz (Root Library) -> core-3.883.0.tgz -> ❌ fast-xml-parser-5.2.5.tgz (Vulnerable Library) |
Critical |
9.3 | Transitive fast-xml-parser-5.2.5.tgz |
client-bedrock-runtime-3.883.0.tgz | Transitive https://github.com/naturalintelligence/fast-xml-parser.git - v5.3.5 |
None |
CVE-2022-1227Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library) |
 High |
8.8 | Transitive prismjs-1.29.0.tgz |
cli-1.34.5.tgz | Transitive github.com/containers/psgo - v1.7.2,react - 15.0.1,https://github.com/containers/psgo.git - no_fix,https://github.com/containers/podman.git - no_fix |
None |
CVE-2025-68665Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ langchain-0.3.35.tgz (Vulnerable Library) |
High |
8.6 | Direct langchain-0.3.35.tgz |
langchain-0.3.35.tgz | langchain - 0.3.37,@langchain/core - 1.1.8,langchain - 1.2.3,@langchain/core - 0.3.80 | None |
CVE-2025-68665Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ core-0.3.78.tgz (Vulnerable Library) |
High |
8.6 | Direct core-0.3.78.tgz |
core-0.3.78.tgz | langchain - 0.3.37,@langchain/core - 1.1.8,langchain - 1.2.3,@langchain/core - 0.3.80 | None |
CVE-2025-12816Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library) |
High |
8.6 | Direct node-forge-1.3.1.tgz |
node-forge-1.3.1.tgz | node-forge - 1.3.2 | None |
CVE-2025-68154Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> opentelemetry-node-1.2.0.tgz (Root Library) -> host-metrics-0.36.0.tgz -> ❌ systeminformation-5.23.8.tgz (Vulnerable Library) |
High |
8.1 | Transitive systeminformation-5.23.8.tgz |
opentelemetry-node-1.2.0.tgz | Transitive systeminformation - 5.27.14 |
None |
CVE-2025-65110Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> vega-5.33.0.tgz (Root Library) -> vega-functions-5.18.0.tgz -> ❌ vega-selections-5.6.0.tgz (Vulnerable Library) |
High |
8.1 | Transitive vega-selections-5.6.0.tgz |
vega-5.33.0.tgz | Transitive vega-selections - 5.6.3,vega-selections - 6.1.2 |
None |
CVE-2025-59840Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ vega-5.33.0.tgz (Vulnerable Library) |
High |
8.1 | Direct vega-5.33.0.tgz |
vega-5.33.0.tgz | vega-interpreter - 2.2.1,vega-interpreter - 1.2.1,vega-expression - 5.2.1,vega-expression - 6.1.0,vega - 6.2.0,vega - 6.2.0 | None |
MSC-2025-10528Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library) |
High |
7.8 | Direct jquery-3.7.1.tgz |
jquery-3.7.1.tgz | None | |
WS-2026-0003Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> on-finished-2.4.1.tgz -> ❌ ee-first-1.1.1.tgz (Vulnerable Library) |
High |
7.5 | Transitive ee-first-1.1.1.tgz |
sdk-1.13.2.tgz | None | |
| High |
7.5 | Direct minimatch-3.1.2.tgz |
minimatch-3.1.2.tgz | 10.2.1 | None | |
CVE-2026-26996Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> ejs-3.1.10.tgz -> jake-10.9.2.tgz -> filelist-1.0.4.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library) |
High |
7.5 | Transitive minimatch-5.1.6.tgz |
bump-cli-2.8.4.tgz | Transitive 10.2.1 |
None |
CVE-2026-26996Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> openapi-core-1.34.5.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library) |
High |
7.5 | Transitive minimatch-5.1.6.tgz |
cli-1.34.5.tgz | Transitive 10.2.1 |
None |
CVE-2026-26996Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> readdir-glob-1.1.3.tgz -> ❌ minimatch-5.1.6.tgz (Vulnerable Library) |
High |
7.5 | Transitive minimatch-5.1.6.tgz |
archiver-7.0.1.tgz | Transitive 10.2.1 |
None |
CVE-2026-26996Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> archiver-utils-5.0.2.tgz -> glob-10.4.5.tgz -> ❌ minimatch-9.0.5.tgz (Vulnerable Library) |
High |
7.5 | Transitive minimatch-9.0.5.tgz |
archiver-7.0.1.tgz | Transitive 10.2.1 |
None |
CVE-2026-26278Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> respect-core-1.34.5.tgz -> openapi-sampler-1.6.1.tgz -> ❌ fast-xml-parser-4.5.3.tgz (Vulnerable Library) |
High |
7.5 | Transitive fast-xml-parser-4.5.3.tgz |
cli-1.34.5.tgz | Transitive 5.3.6 |
None |
CVE-2026-26278Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> client-bedrock-runtime-3.883.0.tgz (Root Library) -> core-3.883.0.tgz -> ❌ fast-xml-parser-5.2.5.tgz (Vulnerable Library) |
High |
7.5 | Transitive fast-xml-parser-5.2.5.tgz |
client-bedrock-runtime-3.883.0.tgz | Transitive 5.3.6 |
None |
CVE-2026-25639Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> ❌ axios-1.7.7.tgz (Vulnerable Library) |
High |
7.5 | Transitive axios-1.7.7.tgz |
bump-cli-2.8.4.tgz | Transitive https://github.com/axios/axios.git - v1.13.5 |
None |
CVE-2026-25639Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ axios-1.12.1.tgz (Vulnerable Library) |
High |
7.5 | Direct axios-1.12.1.tgz |
axios-1.12.1.tgz | https://github.com/axios/axios.git - v1.13.5 | None |
CVE-2026-0621Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ sdk-1.13.2.tgz (Vulnerable Library) |
High |
7.5 | Direct sdk-1.13.2.tgz |
sdk-1.13.2.tgz | @modelcontextprotocol/sdk - 1.25.2 | None |
CVE-2025-66031Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library) |
High |
7.5 | Direct node-forge-1.3.1.tgz |
node-forge-1.3.1.tgz | node-forge - 1.3.2 | None |
CVE-2025-65945Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> google-auth-library-9.10.0.tgz (Root Library) -> ❌ jws-4.0.0.tgz (Vulnerable Library) |
High |
7.5 | Transitive jws-4.0.0.tgz |
google-auth-library-9.10.0.tgz | Transitive jws - 3.2.3,jws - 4.0.1 |
None |
CVE-2025-65945Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> jsonwebtoken-9.0.2.tgz (Root Library) -> ❌ jws-3.2.2.tgz (Vulnerable Library) |
High |
7.5 | Transitive jws-3.2.2.tgz |
jsonwebtoken-9.0.2.tgz | Transitive jws - 3.2.3,jws - 4.0.1 |
None |
CVE-2025-64756Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> tar-7.4.3.tgz (Root Library) -> minizlib-3.0.1.tgz -> rimraf-5.0.10.tgz -> ❌ glob-10.4.5.tgz (Vulnerable Library) |
High |
7.5 | Transitive glob-10.4.5.tgz |
tar-7.4.3.tgz | Transitive glob - 11.1.0,glob - 10.5.0 |
None |
CVE-2025-64756Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> archiver-7.0.1.tgz (Root Library) -> archiver-utils-5.0.2.tgz -> ❌ glob-10.4.5.tgz (Vulnerable Library) |
High |
7.5 | Transitive glob-10.4.5.tgz |
archiver-7.0.1.tgz | Transitive glob - 11.1.0,glob - 10.5.0 |
None |
CVE-2025-58754Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> ❌ axios-1.7.7.tgz (Vulnerable Library) |
High |
7.5 | Transitive axios-1.7.7.tgz |
bump-cli-2.8.4.tgz | Transitive 1.12.0 |
None |
CVE-2025-57319Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> elastic-apm-node-4.13.0.tgz (Root Library) -> pino-8.15.1.tgz -> ❌ fast-redact-3.1.2.tgz (Vulnerable Library) |
High |
7.5 | Transitive fast-redact-3.1.2.tgz |
elastic-apm-node-4.13.0.tgz | None | |
CVE-2025-14874Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ nodemailer-7.0.9.tgz (Vulnerable Library) |
High |
7.5 | Direct nodemailer-7.0.9.tgz |
nodemailer-7.0.9.tgz | 7.0.11 | None |
CVE-2025-11362Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ pdfmake-0.2.15.tgz (Vulnerable Library) |
High |
7.5 | Direct pdfmake-0.2.15.tgz |
pdfmake-0.2.15.tgz | pdfmake - 0.3.0-beta.17,pdfmake - 0.3.0-beta.17 | None |
CVE-2024-21538Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> password-prompt-1.1.3.tgz -> ❌ cross-spawn-7.0.3.tgz (Vulnerable Library) |
High |
7.5 | Transitive cross-spawn-7.0.3.tgz |
bump-cli-2.8.4.tgz | Transitive https://github.com/moxystudio/node-cross-spawn.git - v7.0.5,https://github.com/moxystudio/node-cross-spawn.git - v6.0.6,org.webjars.npm:cross-spawn:6.0.6 |
None |
CVE-2012-3412Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library) |
High |
7.5 | Transitive prismjs-1.29.0.tgz |
cli-1.34.5.tgz | Transitive 3.2.30 |
None |
CVE-2025-13204Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ expr-eval-2.0.2.tgz (Vulnerable Library) |
High |
7.3 | Direct expr-eval-2.0.2.tgz |
expr-eval-2.0.2.tgz | None | |
CVE-2025-66648Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> vega-5.33.0.tgz (Root Library) -> ❌ vega-functions-5.18.0.tgz (Vulnerable Library) |
High |
7.2 | Transitive vega-functions-5.18.0.tgz |
vega-5.33.0.tgz | Transitive vega-functions - 6.1.1 |
None |
CVE-2025-9910Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ai-4.3.19.tgz (Root Library) -> ❌ jsondiffpatch-0.6.0.tgz (Vulnerable Library) |
 Medium |
6.1 | Transitive jsondiffpatch-0.6.0.tgz |
ai-4.3.19.tgz | Transitive 0.7.2 |
None |
CVE-2015-9251Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library) |
Medium |
6.1 | Direct jquery-3.7.1.tgz |
jquery-3.7.1.tgz | jquery - 3.0.0,org.webjars.npm:jquery:1.12.2,jQuery - 3.0.0,jquery-rails - 4.2.0,jquery - 1.12.2,org.webjars.npm:jquery:3.0.0,jQuery - 1.12.2,jQuery - 3.0.0,org.webjars.npm:jquery:1.12.2,org.webjars.npm:jquery:3.0.0,jquery - 3.0.0,jquery - 1.12.2,jQuery - 1.12.2,jquery-rails - 4.2.0 | None |
CVE-2025-13466Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ body-parser-2.2.0.tgz (Vulnerable Library) |
Medium |
5.8 | Transitive body-parser-2.2.0.tgz |
sdk-1.13.2.tgz | Transitive body-parser - 2.2.1 |
None |
MSC-2025-10533Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library) |
Medium |
5.3 | Direct jquery-3.7.1.tgz |
jquery-3.7.1.tgz | None | |
CVE-2026-27942Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> respect-core-1.34.5.tgz -> openapi-sampler-1.6.1.tgz -> ❌ fast-xml-parser-4.5.3.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive fast-xml-parser-4.5.3.tgz |
cli-1.34.5.tgz | Transitive https://github.com/naturalintelligence/fast-xml-parser.git - v5.3.8 |
None |
CVE-2026-27942Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> client-bedrock-runtime-3.883.0.tgz (Root Library) -> core-3.883.0.tgz -> ❌ fast-xml-parser-5.2.5.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive fast-xml-parser-5.2.5.tgz |
client-bedrock-runtime-3.883.0.tgz | Transitive https://github.com/naturalintelligence/fast-xml-parser.git - v5.3.8 |
None |
CVE-2026-2739Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> openpgp-5.11.3.tgz (Root Library) -> asn1.js-5.4.1.tgz -> ❌ bn.js-4.11.9.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive bn.js-4.11.9.tgz |
openpgp-5.11.3.tgz | Transitive https://github.com/indutny/bn.js.git - v5.2.3 |
None |
CVE-2026-24001Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> unidiff-1.0.4.tgz (Root Library) -> ❌ diff-5.2.0.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive diff-5.2.0.tgz |
unidiff-1.0.4.tgz | Transitive https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3 |
None |
CVE-2026-24001Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> plugin-help-5.2.20.tgz -> core-2.16.0.tgz -> ts-node-10.9.2.tgz -> ❌ diff-4.0.2.tgz (Vulnerable Library) |
Medium |
5.3 | Transitive diff-4.0.2.tgz |
bump-cli-2.8.4.tgz | Transitive https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3 |
None |
CVE-2026-24001Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ diff-8.0.2.tgz (Vulnerable Library) |
Medium |
5.3 | Direct diff-8.0.2.tgz |
diff-8.0.2.tgz | https://github.com/kpdecker/jsdiff.git - v4.0.4,https://github.com/kpdecker/jsdiff.git - v5.2.2,https://github.com/kpdecker/jsdiff.git - v8.0.3 | None |
CVE-2025-66030Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ node-forge-1.3.1.tgz (Vulnerable Library) |
Medium |
5.3 | Direct node-forge-1.3.1.tgz |
node-forge-1.3.1.tgz | node-forge - 1.3.2 | None |
CVE-2024-53382Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> eui-107.0.1.tgz (Root Library) -> refractor-3.6.0.tgz -> ❌ prismjs-1.27.0.tgz (Vulnerable Library) |
Medium |
4.9 | Transitive prismjs-1.27.0.tgz |
eui-107.0.1.tgz | Transitive 1.30.0 |
None |
CVE-2024-53382Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> redoc-2.5.0.tgz -> ❌ prismjs-1.29.0.tgz (Vulnerable Library) |
Medium |
4.9 | Transitive prismjs-1.29.0.tgz |
cli-1.34.5.tgz | Transitive 1.30.0 |
None |
CVE-2019-3820Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ jquery-3.7.1.tgz (Vulnerable Library) |
Medium |
4.8 | Direct jquery-3.7.1.tgz |
jquery-3.7.1.tgz | None | |
CVE-2026-2391Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> search-ui-1.24.1.tgz (Root Library) -> ❌ qs-6.14.0.tgz (Vulnerable Library) |
 Low |
3.7 | Transitive qs-6.14.0.tgz |
search-ui-1.24.1.tgz | Transitive 6.14.2 |
None |
CVE-2026-2391Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> body-parser-2.2.0.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library) |
Low |
3.7 | Transitive qs-6.14.0.tgz |
sdk-1.13.2.tgz | Transitive 6.14.2 |
None |
CVE-2026-2391Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ qs-6.13.0.tgz (Vulnerable Library) |
Low |
3.7 | Transitive qs-6.13.0.tgz |
sdk-1.13.2.tgz | Transitive 6.14.2 |
None |
CVE-2025-48985Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> ❌ ai-4.3.19.tgz (Vulnerable Library) |
Low |
3.7 | Direct ai-4.3.19.tgz |
ai-4.3.19.tgz | https://github.com/vercel/ai.git - ai@5.0.52 | None |
CVE-2025-15284Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> search-ui-1.24.1.tgz (Root Library) -> ❌ qs-6.14.0.tgz (Vulnerable Library) |
Low |
3.7 | Transitive qs-6.14.0.tgz |
search-ui-1.24.1.tgz | Transitive qs - 6.14.1 |
None |
CVE-2025-15284Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> body-parser-2.2.0.tgz -> ❌ qs-6.14.0.tgz (Vulnerable Library) |
Low |
3.7 | Transitive qs-6.14.0.tgz |
sdk-1.13.2.tgz | Transitive qs - 6.14.1 |
None |
CVE-2025-15284Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> express-5.0.1.tgz -> ❌ qs-6.13.0.tgz (Vulnerable Library) |
Low |
3.7 | Transitive qs-6.13.0.tgz |
sdk-1.13.2.tgz | Transitive qs - 6.14.1 |
None |
CVE-2025-5889Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> bump-cli-2.8.4.tgz (Root Library) -> core-1.20.4.tgz -> ejs-3.1.10.tgz -> jake-10.9.2.tgz -> filelist-1.0.4.tgz -> minimatch-5.1.6.tgz -> ❌ brace-expansion-2.0.1.tgz (Vulnerable Library) |
Low |
3.1 | Transitive brace-expansion-2.0.1.tgz |
bump-cli-2.8.4.tgz | Transitive 2.0.2 |
None |
CVE-2025-5889Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> openapi-core-1.34.5.tgz -> minimatch-5.1.6.tgz -> ❌ brace-expansion-2.0.1.tgz (Vulnerable Library) |
Low |
3.1 | Transitive brace-expansion-2.0.1.tgz |
cli-1.34.5.tgz | Transitive 1.1.12 |
None |
CVE-2025-5889Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json Dependency Hierarchy: -> cli-1.34.5.tgz (Root Library) -> glob-7.2.3.tgz -> minimatch-3.1.2.tgz -> ❌ brace-expansion-1.1.11.tgz (Vulnerable Library) |
Low |
3.1 | Transitive brace-expansion-1.1.11.tgz |
cli-1.34.5.tgz | Transitive 1.1.12 |
None |
CVE-2025-69873Path to dependency file: /oas_docs/package.json Path to vulnerable library: /oas_docs/package.json,/package.json Dependency Hierarchy: -> ❌ ajv-8.17.1.tgz (Vulnerable Library) |
Low |
2.9 | Direct ajv-8.17.1.tgz |
ajv-8.17.1.tgz | ajv - 8.18.0 | None |
CVE-2025-69873Path to dependency file: /package.json Path to vulnerable library: /package.json Dependency Hierarchy: -> sdk-1.13.2.tgz (Root Library) -> ❌ ajv-6.12.6.tgz (Vulnerable Library) |
Low |
2.9 | Transitive ajv-6.12.6.tgz |
sdk-1.13.2.tgz | Transitive ajv - 8.18.0 |
None |
Base branch total remaining vulnerabilities: 0
Base branch commit: 0d4c439f850955161bb80b25f879aa3be0fbc60d
Total libraries scanned: 3093
Scan token: 87393f836fd14b34a51cbfbaaa6805dd