700 matches found
EUVD-2025-115282
Malicious code in cluster-geckodriver-child-process-sails npm...
EUVD-2025-123743
Malicious code in phoebe-sagitta-gridsome-child-process npm...
EUVD-2025-115352
Malicious code in child-process-registry-chai-nashira npm...
EUVD-2025-115356
Malicious code in child-process-metalsmith-sadr-nextjs npm...
EUVD-2025-116534
Malicious code in arcturus-dependencies-transport-child-process npm...
Malicious code in grus-child-process-server-inquirer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b28413cef90aca4f8fabcb9fcb9cc4c3737e32a1247520c569f1d849bef559a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114609
Malicious code in deimos-lint-staged-child-process-sedna npm...
EUVD-2025-115354
Malicious code in child-process-miranda-enif-nightwatch npm...
EUVD-2025-113562
Malicious code in fomalhaut-pyxis-child-process-terser npm...
EUVD-2025-114564
Malicious code in deneb-kaus-child-process-nightmare npm...
EUVD-2025-113992
Malicious code in equinox-child-process-deneb-changelog npm...
MAL-2025-148874 Malicious code in uglify-js-hexo-zenobia-child-process (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 934967d7940b8009db69a6f57f4813c107293a76d651412f11a90960aed262c3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-115353
Malicious code in child-process-prettier-stylelint-draco-vuepress npm...
MAL-2025-140747 Malicious code in child-process-framework-metalsmith-celeste (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 849be0aae93e5cfbd3e6a735ee71094677ea146394d513afeaba71ce013d555d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Mozilla Firefox Code Execution Vulnerability (CNVD-2025-26886)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that is caused by the use of a WebGPU internal release triggered by an infected child process. An attacker could exploit the vulnerability to...
CVE-2025-12380 Use-after-free in WebGPU internals triggered from a compromised child process
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
CVE-2025-12380
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox. This vulnerability was fixed in Firefox 144.0.2...
Figma Developer MCP < 0.6.3 RCE (GHSA-gxw4-4fc5-9gr5)
The remote host has a version of figma-developer-mcp prior to 0.6.3. A command injection vulnerability exists in the figma-developer-mcp MCP Server. The vulnerability is caused by the unsanitized use of input parameters within a call to childprocess.exec, enabling an attacker to inject arbitrary...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that is caused by the use of a WebGPU internal release triggered by an infected child process. An attacker could exploit the vulnerability to...
Security Vulnerabilities fixed in Firefox 144.0.2 — Mozilla
Starting with Firefox 142, it was possible for a compromised child process to trigger a use-after-free in the GPU or browser process using WebGPU-related IPC calls. This may have been usable to escape the child process sandbox...