apm-cli
PyPI2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting apm-clipage 1 of 1
- CVE-2026-44641HIGHCVSS 7.1EG 7.1✓ Fixed in 0.8.122026-05-15
vulnerable: 0.1.0 ... 0.8.9 (49 versions)
Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components referenced in plugin.json into .apm/. The manifest fields agents…
- CVE-2026-46383MEDIUMCVSS 5.5EG 5.5✓ Fixed in 0.13.02026-05-15
vulnerable: 0.1.0 ... 0.9.4 (62 versions)
Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install <bundle> on s…
Check whether apm-cli is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for apm-cli CVEs against the assets you own.
Start Free Scan →