Malicious code in mini-css-extract-plugin-jabbah-sagitta-graphql (npm)

The package mini-css-extract-plugin-jabbah-sagitta-graphql was found to contain malicious code...

Malicious code in mini-css-extract-plugin-materialize-technocracy-venus (npm)

The package mini-css-extract-plugin-materialize-technocracy-venus was found to contain malicious code...

Malicious code in nanotechnology-mini-css-extract-plugin-sociobiology-superagent (npm)

The package nanotechnology-mini-css-extract-plugin-sociobiology-superagent was found to contain malicious code...

Malicious code in postcss-loader-dotenv-safe-mini-css-extract-plugin-supervisor (npm)

The package postcss-loader-dotenv-safe-mini-css-extract-plugin-supervisor was found to contain malicious code...

Malicious code in server-mini-css-extract-plugin-orogeny-spawn (npm)

The package server-mini-css-extract-plugin-orogeny-spawn was found to contain malicious code...

Malicious code in unuk-morgan-mini-css-extract-plugin-sync (npm)

The package unuk-morgan-mini-css-extract-plugin-sync was found to contain malicious code...

MAL-2025-33004 Malicious code in server-mini-css-extract-plugin-orogeny-spawn (npm)

The package server-mini-css-extract-plugin-orogeny-spawn was found to contain malicious code...

MAL-2025-27076 Malicious code in nanotechnology-mini-css-extract-plugin-sociobiology-superagent (npm)

The package nanotechnology-mini-css-extract-plugin-sociobiology-superagent was found to contain malicious code...

MAL-2025-22136 Malicious code in halley-eclipse-mini-css-extract-plugin-nightwatch (npm)

The package halley-eclipse-mini-css-extract-plugin-nightwatch was found to contain malicious code...

MAL-2025-37883 Malicious code in unuk-morgan-mini-css-extract-plugin-sync (npm)

The package unuk-morgan-mini-css-extract-plugin-sync was found to contain malicious code...

MAL-2025-19658 Malicious code in enif-async-panspermia-mini-css-extract-plugin (npm)

The package enif-async-panspermia-mini-css-extract-plugin was found to contain malicious code...

MAL-2025-18287 Malicious code in dependencies-node-sass-arcturus-mini-css-extract-plugin (npm)

The package dependencies-node-sass-arcturus-mini-css-extract-plugin was found to contain malicious code...

MAL-2025-22780 Malicious code in hugo-draco-mini-css-extract-plugin-paleoanthropology (npm)

The package hugo-draco-mini-css-extract-plugin-paleoanthropology was found to contain malicious code...

MAL-2025-17737 Malicious code in cryptography-dagda-mini-css-extract-plugin-jabbah (npm)

The package cryptography-dagda-mini-css-extract-plugin-jabbah was found to contain malicious code...

MAL-2025-29539 Malicious code in postcss-loader-dotenv-safe-mini-css-extract-plugin-supervisor (npm)

The package postcss-loader-dotenv-safe-mini-css-extract-plugin-supervisor was found to contain malicious code...

MAL-2025-26424 Malicious code in mini-css-extract-plugin-jabbah-sagitta-graphql (npm)

The package mini-css-extract-plugin-jabbah-sagitta-graphql was found to contain malicious code...

CVE-2025-40752

A vulnerability has been identified in POWER METER SICAM Q100 7KG9501-0AA01-0AA1 All versions = V2.60 = V2.60 = V2.60 = V2.60 = V2.70 V2.80. Affected devices store the password for the SMTP account as plain text. This could allow an authenticated local attacker to extract it and use the configure...

BIT-LIBPHP-2021-21706 ZipArchive::extractTo may extract outside of destination dir

In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below 8.0.11, in Microsoft Windows environment, ZipArchive::extractTo may be tricked into writing a file outside target directory when extracting a ZIP file, thus potentially causing files to be created or overwritten, subject to OS...

BIT-LIBPYTHON-2025-4330 Extraction filter bypass for linking outside extraction directory

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

BIT-LIBPYTHON-2025-4138 Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory

Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...