Malicious code in zkjson (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 758a19e42db66cf6ae7a08d462278b30e3a154b56613d2d95f8020de3add3816 package.json declares "preinstall": "./.github/scripts/precheck", pointing to a 976 KB Linux ELF executable sha256...

RHEL 10 : mysql8.4 (RHSA-2026:20693)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20693 advisory. MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld an...

Atlassian Confluence 8.9.0 < 9.2.20 / 9.3.1 < 10.2.11 (CONFSERVER-103708)

The version of Atlassian Confluence Server running on the remote host is affected by a vulnerability as referenced in the CONFSERVER-103708 advisory. - This Improper Encoding or Escaping of Output vulnerability allows an unauthenticated attacker to potentially disclose sensitive information via t...

ALSA-2026:20606 Important: ruby4.0 security update

Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks as in Perl. It is simple, straight-forward, and extensible. Security Fixes: ruby/json: Ruby JSON: Denial of Service or Informatio...

kavita 安全漏洞

Kavita is a fast and feature-rich cross-platform reading server developed by Kavita OpenSource. Versions of Kavita prior to 0.9.0.2 contained security vulnerabilities. These vulnerabilities stemmed from improper token verification, which could allow remote unauthenticated attackers to obtain user...

MikroORM SQL注入漏洞

MikroORM is an open-source framework from MikroORM that supports type-safe object-relational mapping for multiple databases. MikroORM has a SQL injection vulnerability; this vulnerability arises from improper escaping of identifiers and JSON path injections, which may lead to SQL injections...

ALSA-2026:20596 Important: ruby:4.0 security update

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fixes: ruby/json: Ruby JSON: Denial of Service or Information Disclosure via format string injection CVE-2026-33210 erb: ERB: Arbitrary...

Cashu NUTs 数据伪造问题漏洞

Cashu NUTs is an open-source protocol specification developed by Cashu. Versions prior to Cashu NUTs 6.2.3 and 5.4.31 contained a data manipulation vulnerability. This vulnerability stemmed from the fact that access tokens accepted endpoints in v1 allowed JWTs signed with any key, without verifyi...

ALSA-2026:20693 Moderate: mysql8.4 security update

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files. Security Fixes: mysql:...

Security Bulletin: A json-path-2.6.0.jar vulnerability found by Scanner affects IBM Rational Functional Tester / DevOps Test UI

Summary There is a vulnerability in json-path-2.6.0.jar used by Rational Functional Tester RFT / DevOps Test UI Test UI. RFT/Test UI has addressed the applicable CVE Vulnerability Details CVEID:CVE-2023-51074 DESCRIPTION: json-path v2.8.0 was discovered to contain a stack overflow via the...

Malicious code in platform-tempo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d1c69e098c3ebeb2876b746523bea0220034b429f58e0a55683f0ee2c8776cd [email protected] declares a preinstall hook that runs poc.js on every npm install. The script collects host identity os.hostname, whoami /all /...

Malicious code in muaddib-scanner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8eea5d3ed390c4c82b5bfa89ac220f1d424fcaebe70fe71bbbe3bce66f0f48f package.json declares "loadash": "^1.0.0" as a runtime dependency. loadash is a well-known typosquat of lodash and is never required or imported...

MAL-2026-4511 Malicious code in chai-as-patch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b This package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported...

Malicious Package

Overview wm-plugin-json-conditions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-4338 Malicious code in wm-plugin-json-conditions (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43ae510c22e7ea36051bfaa2a241bc7f8035d9047c3fe927438ceef2f2ca81cf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Intelligent Detection and Mitigation of Carpet-Bombing DDoS Attacks in SDN Using Retrieval-Augmented Generation and Large Language Models

Software-Defined Networking SDN provides flexible and programmable network management; however, its centralized control architecture remains highly vulnerable to Distributed Denial-of-Service DDoS attacks, particularly Carpet-Bombing DDoS attacks that distribute malicious traffic across multiple...

Alibaba Cloud Linux 3 : 0115: jq (ALINUX3-SA-2026:0115)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0115 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-39979: A flaw was found in jq, a...

CVE-2026-4372

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious config.json file containing the attnimplementationinternal field set to an attacker-controlled HuggingFac...

Parse Server: Pre-authentication denial of service via client version header regex backtracking

Impact An unauthenticated attacker who knows a publicly-known Parse Application ID can submit a single HTTP request whose client SDK version field contains adversarial input that triggers polynomial backtracking in a request-header parser. The parsing runs before session authentication and before...

PT-2026-42860

Name of the Vulnerable Software and Affected Versions Parse Server affected versions not specified Description An unauthenticated attacker with knowledge of a public Parse Application ID can cause a denial of service by submitting a single HTTP request to any '/parse/' endpoint. The attack involv...