{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:5da3e921-e288-52e8-94a2-064ccf98ab9d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/next-rspack@16.0.6", "type": "library", "name": "next-rspack", "version": "16.0.6", "purl": "pkg:npm/next-rspack@16.0.6" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:d5c2e44a-dd5c-5179-b1fc-e78cc9520167", "id": "CVE-2025-59471", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59471 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:2feb1ae2-4f3b-53ab-9f8d-1563b347d93d", "id": "CVE-2025-59472", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-59472 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:18ddb266-2759-5096-9f6b-c4736981d656", "id": "CVE-2026-27977", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27977 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:665f546e-f201-5a26-a908-d5e7790e9757", "id": "CVE-2026-27978", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27978 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:ad894106-1e2f-513f-88fb-80624f8ad74e", "id": "CVE-2026-27979", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-27979 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:06a162de-bc34-5143-a863-897e8a154ec0", "id": "CVE-2026-44572", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44572 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:3a048235-699a-5172-a389-f8c5ce8d4f64", "id": "CVE-2026-44573", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44573 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:c51e8e27-df4e-5d87-95db-509bf16b2faf", "id": "CVE-2026-44574", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44574 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:68994d34-2f35-5855-b629-9d9c7c24cdf6", "id": "CVE-2026-44575", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44575 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:e9bb0dac-d97b-5973-afd2-3335fbd57579", "id": "CVE-2026-44576", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44576 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:9b5fc97f-dabd-5412-b226-d69150b2989b", "id": "CVE-2026-44577", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44577 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:ae85610b-d4ee-5ec4-a56e-3f2e5aa91178", "id": "CVE-2026-44578", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44578 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:a73209ba-302e-5039-8450-7c35d6eecf7e", "id": "CVE-2026-44579", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44579 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:3bb7a15c-6575-53a1-83a9-fa6e422d9546", "id": "CVE-2026-44580", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44580 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:63f2d916-cdd7-5c4d-8063-592ca5ac5e98", "id": "CVE-2026-44581", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44581 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:20f1ff9a-d5d3-5101-962d-811843c3f56b", "id": "CVE-2026-44582", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-44582 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:fd42aac8-6038-5041-aa56-14b427cbf632", "id": "CVE-2026-45109", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-45109 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:aca73350-4228-573a-93ed-12c63571e938", "id": "GHSA-8h8q-6873-q5fj", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-8h8q-6873-q5fj affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:4cf84820-c744-5170-aac9-cc8c7b0752b5", "id": "GHSA-9qr9-h5gf-34mp", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-9qr9-h5gf-34mp affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:a3f9d9d4-d356-5739-9838-579af9a464eb", "id": "GHSA-h25m-26qc-wcjf", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-h25m-26qc-wcjf affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:8135ed3d-0afd-5fa0-b04f-78af0e1d1d2e", "id": "GHSA-mwv6-3258-q52c", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-mwv6-3258-q52c affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:76e01545-8b5b-5540-8eec-573a0b23685c", "id": "GHSA-q4gf-8mx6-v5v3", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-q4gf-8mx6-v5v3 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }, { "bom-ref": "urn:uuid:141a84fa-cd8e-5934-8e16-21bc47511d0d", "id": "GHSA-w37m-7fhw-fmv9", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-w37m-7fhw-fmv9 affects version 16.0.6 of next-rspack." }, "affects": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] } ], "dependencies": [ { "ref": "pkg:npm/next-rspack@16.0.6" } ] }