MAL-2026-4441 Malicious code in @shadanai/openclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e2f02ab1bb3d99de1787ed7d69f1df97bd3b2d7c18cc8ba4e5f8688f649ce9 On npm install, scripts/postinstall.mjs performs several installer-harm actions. 1 Backdoor: writes /.openclaw/openclaw.json configuring a local...

MAL-2026-4645 Malicious code in prettier-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80a3bdd18c28c0c045aaed2a3e5725b3b38cb45bc9c16d0b795c4334caed17a5 Package name prettier-sdk impersonates the top-tier prettier package 50M weekly downloads, copying its README verbatim and forging metadata repositor...

GHSA-XMPW-2VMM-P4P6 Malicious code in guardrails-ai 0.10.1 (supply chain compromise)

Impact On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of guardrails-ai 0.10.1 to PyPI. Affected: any user who installed guardrails-ai==0.10.1 from PyPI on May 11, 2026. Security researchers identified the malicious package within approximately 2 hours ...

CVE-2026-8827

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

MAL-2026-4166 Malicious code in tarpackage (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 32df873f7d91846104a4637b94b2816fea2023260d81c2ecbc5f3c6d5b6a934a The package exfiltrates env variables during installation --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

CVE-2026-34883

The CVE-2026-34883 affects the Portrait Dell Color Management application (before version 3.7.0) on Windows systems used with Dell monitors. The root cause is a symbolic link vulnerability in the installer that runs with elevated privileges, allowing a local low-privileged user to escalate to Adm...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

Malicious code in foundry-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f62cf5a646cd39640b2be03720a6a2195dc4924813146e9a0d387bafa75c7de In specific environments, the package triggers silent code execution during installation. The code to execute is not included in the package. --- Category:...

Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Summary Two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink committed inside a remote APM dependency under .apm/prompts/.prompt.md or .apm/agents/.agent.md is...

PackageKit: race condition vulnerability leads to arbitrary package installation as root

A flaw was found in PackageKit. A time-of-check time-of-use TOCTOU race condition on transaction flags allows unprivileged users to install packages as root, resulting in a local privilege escalation...

bun-archive-traversal-poc

Bun Archive Extraction Traversal PoCs Target: oven-sh/bun...

CVE-2024-36334

Improper verification of cryptographic signature in the Radeon RGB tool could allow a malicious file placed in the installation directory to be run with elevated privileges potentially leading to arbitrary code execution...

GHSA-MQ5J-PW29-JCV3 Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Summary Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a local .tar.gz that is not recognized as a plugin-format bundle, APM probes whether it is a...

CVE-2026-46383 Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

CVE-2026-46383

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

CVE-2026-46383 Microsoft APM: Windows absolute-path tar member overwrite during legacy-bundle probing in `apm install`

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

CVE-2026-46383

Summary: CVE-2026-46383 affects Microsoft APM prior to 0.13.0, where the legacy-bundle probing during apm install on Windows can mishandle local .tar.gz archives. On Python 3.10/3.11, the probe may extract untrusted tar members with tar.extractall() without rejecting Windows absolute member name...

EUVD-2026-30559

Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure in the legacy-bundle probe used by apm install on supported Python 3.10 and 3.11 runtimes. When apm install is given a...

CVE-2026-45539 Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree

Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files with bare Path.glob / Path.rglob calls and read each match with Path.readtext, transparently following symbolic links. A symlink...