Lucene search
K

4 matches found

OSV
OSV
added 2026/05/13 3:33 p.m.4 views

GHSA-GMMV-4CC5-WR9R SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs

Summary SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST /api/storage/updateRecentDocCloseTime, POST...

7.2CVSS5.8AI score0.00207EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 6:9 p.m.5 views

Malicious code in namei-mla-abunubuiau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c715bf67d8c4af083c124f69f0b9ece2c1bcd7a8967a4a7b15d5086526ce5dab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.2 views

Malicious code in fatidra-nutay-tatu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70eef2c4ae797950672c0b8ac90a6ea07ffcab5027135e457358708b59fe1504 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 5:21 p.m.2 views

Malicious code in hanafi-kupat50-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68934e5556ed9a34acc93e5b9bb5b460f140d8bb35986cca0c3461f193c964db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder