Malicious code in sunruse-influx-libraries (npm)

The package sunruse-influx-libraries was found to contain malicious code...

Malicious code in @epc-libraries/common-types (npm)

The package @epc-libraries/common-types was found to contain malicious code...

MAL-2025-40632 Malicious code in ysb-ui-libraries (npm)

The package ysb-ui-libraries was found to contain malicious code...

MAL-2025-17429 Malicious code in common-node-libraries (npm)

The package common-node-libraries was found to contain malicious code...

Malicious code in @solana-libs/check-balance (npm)

The package @solana-libs/check-balance was found to contain malicious code...

MAL-2025-34179 Malicious code in sunruse-influx-libraries (npm)

The package sunruse-influx-libraries was found to contain malicious code...

MAL-2025-27830 Malicious code in npm-eurostar-libs (npm)

The package npm-eurostar-libs was found to contain malicious code...

CVE-2025-24302

Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

Malicious Package

Overview node-smsk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate legitimate WhatsApp libraries, there is no connection between that organization and this package...

Malicious Package

Overview naya-clone is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate legitimate WhatsApp libraries, there is no connection between that organization and this package...

Malicious Package

Overview nvlore-hsc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate legitimate WhatsApp libraries, there is no connection between that organization and this package...

Malicious Package

Overview naya-flore is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate legitimate WhatsApp libraries, there is no connection between that organization and this package...

Malicious Package

Overview @veryflore/disc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate legitimate WhatsApp libraries, there is no connection between that organization and this...

HEIR: a Universal Compiler for Homomorphic Encryption

This work presents Homomorphic Encryption Intermediate Representation HEIR, a unified approach to building homomorphic encryption HE compilers. HEIR aims to support all mainstream techniques in homomorphic encryption, integrate with all major software libraries and hardware accelerators, and...

CVE-2025-8916

Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...

com.ascentstream.pulsar:bcfips-include-test (>=3.0.7.0-SNAPSHOT-a030c50 <=3.0.8.0-SNAPSHOT-16a7bcc), com.ascentstream.pulsar:bouncy-castle-bcfips (>=3.0.7.0-SNAPSHOT-a030c50 <=4.0.11.0) +13 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcpkix-fips (>=1.0.5 <=2.0.11)

org.bouncycastle:bcpkix-fips MAVEN version =1.0.5, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =2.1.2, =8.0.0, =1.2.0, =1.17.0, =1.17.0, =3.1.0, =3.0.0.1, =3.0.0.1, =3.13.14, =3.0.0, =1.0.4, =1.0.0, =19.0.0, =25.0.6 Source cves: CVE-2025-8916 Source advisory:...

br.com.swconsultoria:java-cte (>=3.00.4 <=3.00.8), br.com.swconsultoria:java-mdfe (>=3.00.3 <=3.00.4) +1215 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk16 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk16 MAVEN version =1.38, =3.00.4, =3.00.3, =4.00.10, =1.0, =2.0, =1.2.4, =2.0.0, =2.1, =2.1, =2.10.0, =2.10.0, =2.11.0 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789707...

cn.jarkata:jarkata-encrypt (=1.0.0), cn.ponfee:commons-core (>=1.1 <=1.4) +481 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-ext-jdk18on (>=1.71 <=1.78.1)

org.bouncycastle:bcprov-ext-jdk18on MAVEN version =1.71, =1.1, =2.4.1, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50, =3.0.7.0-SNAPSHOT-a030c50,...

ae.teletronics.nlp:entityextraction (>=1.3 <=1.4), ai.h2o:h2o-app (>=0.1.22 <=0.1.25) +1040 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk15 (>=1.38 <=1.46)

org.bouncycastle:bcprov-jdk15 MAVEN version =1.38, =1.3, =0.1.22, =0.1.22, =1.0.0, =2.1.0, =1.0.1, =4.2.0, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.1.2, =1.0.3, =1.3.3 and more Source cves: CVE-2025-8916 Source advisory:...

[SECURITY] Fedora 42 Update: python3.13-3.13.6-1.fc42

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries...