MAL-2026-2789 Malicious code in otomi-tasks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 801ad983065c3d079ec114f2e5c5fc207a1903c098b383a2b049060d4d64f654 The package otomi-tasks was found to contain malicious code...

CVE-2024-2374

creationtimestamp| type| source ---|---|--- 2026-04-16 10:08:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjm644xfd72t...

MAL-2026-2771 Malicious code in icims-express-dot-engine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cc7ed2f685a8199818c3090faeaf9536fa49cced26ffde16ff9061c729e3143 The package icims-express-dot-engine was found to contain malicious code...

MAL-2026-2743 Malicious code in chai-use-chain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d69d3debb629659a8d363e7f538314293640ed2e1625ef9ff51f9e9999ad2593 The package chai-use-chain was found to contain malicious code. Source: ghsa-malware 47423a7175b64aa5c431093d8c904461cce80e3c62c6d1895f3d96a2a43974db...

MAL-2026-2741 Malicious code in chai-chain-coremesh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0998d78c57b51efc4ff5789a97e24374a9f1a3ea3d50422802d4f0b189473877 The package chai-chain-coremesh was found to contain malicious code...

MAL-2026-2713 Malicious code in @fuego-tools/analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8b13e975286ea5f50f12e176e5b9399e209b890fc03e8d5f890f02d83a52489 The package @fuego-tools/analytics was found to contain malicious code...

Malicious code in @appleseed-apple/ac-sass-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c09c442c9bf5d1d38099a4ea05b85daf5b071a2d9e6e87dc72d030ecd4ca5404 The package @appleseed-apple/ac-sass-kit was found to contain malicious code...

Malicious code in @3stripes/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af3a9f22040b78bb5d4973940dff6f5acad0f3a338e26c8f025ca96245acacc9 The package @3stripes/core was found to contain malicious code...

CVE-2026-25219

creationtimestamp| type| source ---|---|--- 2026-04-15 15:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjk7qcmrjv2g 2026-04-15 15:50:32+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjkaqjucrm2t...

tp-xss

TP - Exploitation d'une Faille XSS Enonce du professeur...

CVE-2026-27292

creationtimestamp| type| source ---|---|--- 2026-04-15 01:19:06+00:00| seen| Telegram/dGt1m22sw1SGsA9Eug0OSHT5OJOK3joaNLENVhZetMIBpOs 2026-04-15 11:59:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjjtu5mxyn2k 2026-04-16 00:07:07+00:00| seen|...

CVE-2026-27288

creationtimestamp| type| source ---|---|--- 2026-04-15 00:18:27+00:00| seen| https://bsky.app/profile/adobedigest.bsky.social/post/3mjimntrqsi2i...

PT-2026-33010

🔒 CyberSecurity CVE-2024-44738 & CVE-2024-44337: n8n Workflow Automation Critical Flaws — Detec… "Security Arsenal’s analysis of the recent Pillar Security disclosure regarding n8n…" 🔗 https://t.co/U8qg6uYpWr CyberSecurity ThreatIntel alertfatigue triage alertmonitor...

CVE-2026-22828

creationtimestamp| type| source ---|---|--- 2026-04-14 16:51:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhtoef7zj2m 2026-04-14 17:28:08+00:00| seen| Telegram/Vdpd7lT308fxiW1s76LVsqR9F6P793RnQqd0qJzf2KghFE 2026-04-14 17:28:30+00:00| seen|...

CVE-2025-65135

creationtimestamp| type| source ---|---|--- 2026-04-14 16:43:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjhtagncml2g 2026-04-14 16:51:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjhtosxxmr2s...

Malicious Package

Overview pinstatsd is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

CVE-2025-13822

creationtimestamp| type| source ---|---|--- 2026-04-14 03:55:00+00:00| seen| https://cert.pl/en/posts/2026/04/CVE-2025-13822 2026-04-15 09:42:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116408066492828654...

CVE-2026-27681

creationtimestamp| type| source ---|---|--- 2026-04-14 01:00:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjg6jaq2s42h 2026-04-14 01:15:38+00:00| published-proof-of-concept| Telegram/j1YKUKFGBq5wmef4QEbA7k-TdRl9f0BaDNzVfGs6U0ZXPS4 2026-04-14 01:30:30+00:00| seen|...

Photon OS 5.0: Sudo PHSA-2026-5.0-0815

An update of the sudo package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0815. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2025-209417

Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert. When app.alert is called with more than one argument and the first argument evaluates to null for example, app.alertapp.activeDocs, true when app.activeDocs is null...