Malicious Package

Overview nemo-reporter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in nemo-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42a43ec0a345170ad191fa1c25bdd4000595aa8ce733c6b9c69de6b65a1defb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4836 Malicious code in nemo-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 42a43ec0a345170ad191fa1c25bdd4000595aa8ce733c6b9c69de6b65a1defb2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @not-nemo/crypto-tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

CVE-2026-24216

NVIDIA BioNemo for Linux contains a vulnerability where a user could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, and data tampering...

CVE-2026-41314 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, litellm...

CVE-2026-41312 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, litellm...

CVE-2026-41313 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, litellm...

CVE-2026-41168 vulnerabilities

Vulnerabilities for packages: nemo, open-webui, litellm...

CVE-2026-41205 vulnerabilities

Vulnerabilities for packages: airflow-core, superset, airflow, open-webui, dagster-fips, nemo, pgadmin4-fips, dagster, prefect-fips, mlflow, jupyter-base-notebook...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2026-24222

NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environment variables not properly restricted during sandb...

CVE-2025-69872 vulnerabilities

Vulnerabilities for packages: nemo...

GHSA-W8V5-VHQR-4H9V vulnerabilities

Vulnerabilities for packages: nemo...

CVE-2026-40491 vulnerabilities

Vulnerabilities for packages: nemo...

GHSA-76HW-P97H-883F vulnerabilities

Vulnerabilities for packages: nemo...

Malicious code in nemo-jaws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac1bc6492690bd59f6e2ace3fd6aaf7512476fdcfd2e015423e1a20529bb8b2 The package nemo-jaws was found to contain malicious code...

MAL-2026-2785 Malicious code in nemo-jaws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ac1bc6492690bd59f6e2ace3fd6aaf7512476fdcfd2e015423e1a20529bb8b2 The package nemo-jaws was found to contain malicious code...

Malicious code in nemo-datadrive (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e279624646b095ac821ca5abba18d037f7c0171da7a5419ce7881330ba92be4 The package nemo-datadrive was found to contain malicious code...