Package impact
PyPI / apm-cli
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44641 | high | 7.1 | 7.1 | 14d ago | Microsoft APM CLI's plugin.json component paths escape plugin root and copy arbitrary host files during install | |||
| CVE-2026-46383 | medium | 5.5 | 5.5 | 14d ago | Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install` |