Lucene search
K

9664 matches found

ossf
ossf
added 2026/06/27 2:32 a.m.10 views

Malicious code in chai-as-persisted (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cf9c49450e0fa0d47be1b6ae27991f844868ff6c435d2082948b5feae862709 The package's postinstall script npm run smoke:pino executes index.js, which spawns a detached node lib/initializeCaller.js child. That module hides...

6AI score
Exploits0References3
euvd
euvd
added 2026/06/26 11:20 p.m.7 views

EUVD-2026-39483

pnpm: Repository-controlled configDependencies can select a pacquet native install engine...

7.5CVSS5.8AI score0.00127EPSS
Exploits1References2
github
github
added 2026/06/26 11:20 p.m.21 views

pnpm: Repository-controlled configDependencies can select a pacquet native install engine

Maintainer Action Plan This report is ready to review with the shared patch branch. Start with the PR and the expected fixed behavior, then use the detailed exploit narrative below only if you want to replay the original path. - Advisory: CAND-PNPM-097 / GHSA-gj8w-mvpf-x27x - Advisory URL:...

8.8CVSS6.1AI score0.00127EPSS
Exploits1References3Affected Software1
github
github
added 2026/06/26 10:59 p.m.8 views

pnpm binds unscoped user-level npm auth credentials to a repository-selected registry

Summary pnpm can send user-level unscoped npm authentication credentials to a registry chosen by a repository-local .npmrc file. In the reproduced case, the user's npm config contains a default registry and an unscoped authToken. The repository does not provide a token-bearing auth line. It only...

6.9CVSS6AI score0.00254EPSS
Exploits1References3Affected Software1
ossf
ossf
added 2026/06/26 9:8 p.m.9 views

Malicious code in db-plog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 961a6a108104105727b81399e6a3a6d56636cb79ae8fbfbbc33528f90d890d99 On every Model instantiation — the package's documented primary API — dist/index.js executes execSync'npm install db-connector-log --no-warnings...

6AI score
Exploits0References3
nvd
nvd
added 2026/06/26 6:17 p.m.11 views

CVE-2026-54557

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination from the raw resolved version string for non-latest versions. Normal tool install paths use the sanitized version pathname, but the HTTP backend's symlin...

5.5CVSS0.00175EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/26 4:47 p.m.8 views

CVE-2026-54557

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination from the raw resolved version string for non-latest versions. Normal tool install paths use the sanitized version pathname, but the HTTP backend's symlin...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/26 4:47 p.m.37 views

CVE-2026-54557 mise HTTP backend uses raw version path for install symlink destination

mise manages dev tools like node, python, cmake, and terraform. Prior to 2026.6.1, the mise HTTP backend builds its install symlink destination from the raw resolved version string for non-latest versions. Normal tool install paths use the sanitized version pathname, but the HTTP backend's symlin...

5.5CVSS0.00175EPSS
Exploits0References1
cve
cve
added 2026/06/26 4:47 p.m.25 views

CVE-2026-54557

CVE-2026-54557 affects the mise HTTP backend. Before 2026.6.1, install symlinks were created using the raw resolved version string for non-latest versions, instead of the sanitized version pathname. This allows a repository-controlled .tool-versions entry to cause mise install to create a symlink...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References1
ossf
ossf
added 2026/06/26 3:45 p.m.10 views

Malicious code in react-dynammic-table-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d47aff9bb18dcd61350fa86e19d97ddee5ee7c5bdf7f0adea4a685e89d58fa4f [email protected] declares a preinstall lifecycle script node dist/setup.js that runs automatically on npm install. The script...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/26 3:45 p.m.6 views

MAL-2026-6534 Malicious code in react-dynammic-table-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d47aff9bb18dcd61350fa86e19d97ddee5ee7c5bdf7f0adea4a685e89d58fa4f [email protected] declares a preinstall lifecycle script node dist/setup.js that runs automatically on npm install. The script...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/26 3:42 p.m.10 views

MAL-2026-6527 Malicious code in @immobiliarelabs/backstage-plugin-gitlab-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 096fc86987f4a25a5fb6572968e0c7309d71ed3e6ab16c239427de98c7d30ae7 The package ships a binding.gyp at the package root whose contents use GYP command-expansion syntax !... inside its targets/sources fields. npm...

6.1AI score
Exploits0References5
osv
osv
added 2026/06/26 3:42 p.m.5 views

MAL-2026-6529 Malicious code in @immobiliarelabs/backstage-plugin-ldap-auth-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbe41ed7d4257171c43c1047d7fde036575b57305b26d18cec61d1f1a20d33b1 The package ships a binding.gyp at the package root containing GYP command-expansion syntax !... in its sources/targets configuration binding.gyp lin...

5.9AI score
Exploits0References5
osv
osv
added 2026/06/26 3:42 p.m.8 views

MAL-2026-6528 Malicious code in @immobiliarelabs/backstage-plugin-ldap-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e447b204a3dbe39ad2390ad721dfc14f32b64e2c27d8b4efaf99a27e9cde7b92 The package ships a binding.gyp at the tarball root that contains GYP command-expansion syntax !... / !@... in its sources/targets configuration...

6.5AI score
Exploits0References5
osv
osv
added 2026/06/26 3:42 p.m.16 views

MAL-2026-6526 Malicious code in @immobiliarelabs/backstage-plugin-gitlab (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00eb86df154a9532085ad285ee63cd4c4f9a95a6fe983b9930cd059dfb4cb3f5 The package ships a binding.gyp at the package root whose targets/sources fields contain GYP command-expansion syntax !... at line 6. npm implicitly...

5.8AI score
Exploits0References7
ossf
ossf
added 2026/06/26 2:16 p.m.7 views

Malicious code in ts-einkle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa992a8f9afcf95d3c0e35b6abc290ff565b450663f6d43511467cd370eefce8 [email protected] ships a comprehensive installer-side stealer in its main module peer-math.js. On require, syncSession runs a chain packProjectBundle,...

5.8AI score
Exploits0References5
ossf
ossf
added 2026/06/26 5:44 a.m.7 views

Malicious code in react-context-form-tdsss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a53e75a65681ee9ea818634ddee1ed52c6c8398dbd68e2b6abca255b24aaf37 [email protected] is a dependency-confusion payload. package.json declares scripts.preinstall="node index.js", and index.js issues an...

6.2AI score
Exploits0References1
ossf
ossf
added 2026/06/26 4:51 a.m.8 views

Malicious code in openblox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cdd874a78973f84b5373fc03a48472c338ca82ef0a258b7614f81a8359da1201 setup.py invokes GetGitCommitHash unconditionally at module top level, so it runs on pip install openblox and any setuptools invocation. On Windows t...

6.5AI score
Exploits0References7
ossf
ossf
added 2026/06/26 12:30 a.m.8 views

Malicious code in prism-silq (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb3e8b0ded57991e21f137aac7c905348a83f6be7914c4da619c18d2acd280c The package ships a binding.gyp whose sources field uses GYP command-expansion syntax !... at line 6. npm implicitly runs node-gyp rebuild whenever a...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/26 12:30 a.m.3 views

MAL-2026-6493 Malicious code in prism-silq (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb3e8b0ded57991e21f137aac7c905348a83f6be7914c4da619c18d2acd280c The package ships a binding.gyp whose sources field uses GYP command-expansion syntax !... at line 6. npm implicitly runs node-gyp rebuild whenever a...

5.9AI score
Exploits0References2
Rows per page
Query Builder