700 matches found
EUVD-2007-6388
Malware in sbrugna...
EUVD-2021-0530
Malware in sbrugna...
EUVD-2021-0626
Malware in sbrugna...
EUVD-2007-3832
Malware in sbrugna...
EUVD-2020-5109
Malware in sbrugna...
EUVD-2019-11570
Malware in sbrugna...
EUVD-2024-2956
Malicious code in bioql PyPI...
EUVD-2015-0250
Malicious code in bioql PyPI...
EUVD-2023-27697
Malicious code in bioql PyPI...
EUVD-2025-24619
Malicious code in bioql PyPI...
EUVD-2022-6434
Malicious code in bioql PyPI...
EUVD-2021-7368
Malicious code in bioql PyPI...
EUVD-2022-5610
Malicious code in bioql PyPI...
EUVD-2022-2257
Malicious code in bioql PyPI...
interactive-git-checkout has a Command Injection vulnerability
The npm package interactive-git-checkout is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via npm install -g interactive-git-checkout. Resources: Project'...
CVE-2025-54994
@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP...
GHSA-3CH2-JXXC-V4XF @akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
Command Injection in MCP Server The MCP Server at https://github.com/akoskm/create-mcp-server-stdio is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. Vulnerable tool The MCP Server exposes the to...
CVE-2025-54994 @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API
@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP...
CVE-2025-54994 @akoskm/create-mcp-server-stdio has Command Injection in MCP Server due to unsafe `exec` API
@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP...
Malicious code in asteroid-quito-child-process-rest (npm)
The package asteroid-quito-child-process-rest was found to contain malicious code...