CVE-2026-32102

OliveTin's 3000.10.2 and earlier versions expose action output via the live EventStream to authenticated dashboard subscribers without per-action authorization, enabling a low-privileged user to view restricted outputs. Affected component: EventStream/broadcast of execution events and action outp...

Malicious code in eventstream-serde-config-resolver (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9605 Malicious code in eventstream-serde-universal (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in eventstream-serde-universal (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9604 Malicious code in eventstream-serde-config-resolver (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9603 Malicious code in eventstream-serde-browser (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in eventstream-serde-browser (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9602 Malicious code in eventstream-codec (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in eventstream-codec (npm)

--- -= Per source details. Do not edit below this line.=-...