Security Bulletin: Due to use of compiler-18.2.14.tgz, IBM Sterling Connect:Direct Web Services is affected by Cross-Site Scripting (XSS).

Summary compiler-18.2.14.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-66412, CVE-2026-22610. Vulnerability Details CVEID:CVE-2025-66412 DESCRIPTION: Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other...

@excelltechkylc/code-generator (>=1.0.0 <=1.0.1), @excelltechkylc/compiler (>=1.0.0 <=1.0.1) +5 more potentially affected by CVE-2024-38985 via depath (=1.0.6)

depath NPM version =1.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on depath and may be impacted: - @excelltechkylc/code-generator =1.0.0, =1.0.0, =1.0.6, =1.0.6, =1.0.0, =1.0.4 - vitis-lowcode-renderer =1.0.0 - vitis-lowcode-simulator-renderer...

Malicious code in compiler-version (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73dd1634a0316a2945a7fa0fafbe7bed2c0bb9fc965eb0643686959203542796 Any computer that has this package installed or running should be considered...

Malicious code in complier (npm)

--- -= Per source details. Do not edit below this line.=-...