packages
npm / PyPI / Rust / Java / Ruby / PHP + OSVKeeps: package, version, advisory
- 2026-06-25npm release: next 16.3.0-preview.4
The React Framework
package:npm:next - 2026-06-25npm release: next 16.3.0-canary.67
The React Framework
package:npm:next - 2026-06-24PyPI release: litellm 1.88.5
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-24PyPI release: openai 2.44.0
The official Python library for the openai API
OPENAIpackage:pypi:openai - 2026-06-24PyPI release: langflow 1.11.0.dev18
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow - 2026-06-24npm release: next 16.3.0-canary.66
The React Framework
package:npm:next - 2026-06-24PyPI release: anthropic 0.112.0
The official Python library for the anthropic API
ANTHROPICpackage:pypi:anthropic - 2026-06-24npm release: nx 23.1.0-beta.3
The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx - 2026-06-24PyPI release: litellm 1.87.5
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-24PyPI release: litellm 1.86.7
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-24npm release: next 16.3.0-canary.65
The React Framework
package:npm:next - 2026-06-24npm release: next 16.3.0-canary.64
The React Framework
package:npm:next - 2026-06-24PyPI release: litellm 1.85.7
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-24PyPI release: langflow 1.11.0.dev17
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow - 2026-06-24PyPI release: litellm 1.84.10
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-24npm release: next 16.3.0-canary.63
The React Framework
package:npm:next - 2026-06-23PyPI release: langflow 1.10.1
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow - 2026-06-23PyPI release: litellm 1.91.0.dev1
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx- 2026-06-23OSV advisory: langflow PYSEC-2026-224
Aliases: CVE-2026-55450, GHSA-x223-p2gf-v735 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, unauthenticated users can upload any amount of data to the server without any limitations. No need for any prior knowledge, only network acc
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-223
Aliases: CVE-2026-55446, GHSA-qwqc-p3q8-wcg9 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.0.19, an attacker can send a /api/v1/files/upload/ request without any authentication token/cookies and abuse a very long multipart form boundary
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-222
Aliases: CVE-2026-55423, GHSA-7hw8-6q6r-4276 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.7.0, the logout button does not clear the session. The previous user stays logged in unless another user explicitly logs in. This vulnerability i
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-221
Aliases: CVE-2026-55255, GHSA-qrpv-q767-xqq2 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-244
Aliases: CVE-2026-48520, GHSA-rcjh-r59h-gq37 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.10.0, the "Shareable Playground" (or "Public Flows" in code) contains a potential arbitrary file-read vulnerability, depending on the exact flow
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-243
Aliases: CVE-2026-48519, GHSA-v5ff-9q35-q26f Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability. Shareable Playground feature works by enabling
LANGFLOWosv:pypi:langflow - 2026-06-23OSV advisory: langflow PYSEC-2026-242
Aliases: CVE-2026-33760, GHSA-9c59-2mvc-vfr8 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on user-owned resources — messages, se
LANGFLOWosv:pypi:langflow - 2026-06-23npm release: nx 22.7.6
The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx - 2026-06-23npm release: nx 23.0.1
The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx - 2026-06-23npm release: next 16.3.0-canary.62
The React Framework
package:npm:next - 2026-06-23npm release: nx 23.1.0-beta.2
The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx Hooks for managing, caching and syncing asynchronous and remote data in React
TANSTACKpackage:npm:@tanstack/react-query- 2026-06-23PyPI release: langflow 1.11.0.dev16
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow - 2026-06-23npm release: next 16.3.0-canary.61
The React Framework
package:npm:next - 2026-06-22PyPI release: langflow 1.10.1rc3
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.
NXpackage:npm:nx- 2026-06-22PyPI release: langflow 1.10.1rc0
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow - 2026-06-22PyPI release: langflow 1.11.0.dev15
A Python package with a built-in web application
LANGFLOWpackage:pypi:langflow Aliases: CVE-2026-55447 Langflow: BaseFileComponent-based nodes arbitrary file read with RCE exploit
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55446, PYSEC-2026-223 Langflow: Unauthenticated DoS through multipart form boundary file upload
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55423, PYSEC-2026-222 Langflow: Logout button does not clear session
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55255, PYSEC-2026-221 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow
LANGFLOWosv:pypi:langflowAliases: CVE-2026-55450, PYSEC-2026-224 Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
LANGFLOWosv:pypi:langflowAliases: CVE-2026-49468 LiteLLM: Authentication Bypass via Host Header Injection
LITELLMosv:pypi:litellmAliases: CVE-2026-48520, PYSEC-2026-244 Langflow: Unauthenticated Shareable Playground arbitrary local or S3 file read
LANGFLOWosv:pypi:langflowAliases: CVE-2026-48519, PYSEC-2026-243 Langflow: Unauthenticated RCE in Shareable Playgrounds
LANGFLOWosv:pypi:langflowAliases: CVE-2026-42867 Langflow: Path Traversal in Knowledge Bases API via Creation Endpoint
LANGFLOWosv:pypi:langflowAliases: CVE-2026-33760, PYSEC-2026-242 Langflow: IDOR/BOLA in Monitor API — Missing Ownership Enforcement on 7 Endpoints
LANGFLOWosv:pypi:langflow- 2026-06-06npm release: next 16.3.0-canary.43
The React Framework
package:npm:next - 2026-06-06PyPI release: litellm 1.88.0
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm - 2026-06-06PyPI release: litellm 1.89.0rc1
Library to easily interface with LLM API providers
LITELLMpackage:pypi:litellm