256 matches found
Malicious code in node-red-contrib-objstore (npm)
The package node-red-contrib-objstore was found to contain malicious code...
Malicious code in node-red-contrib-storfly-vtview (npm)
The package node-red-contrib-storfly-vtview was found to contain malicious code...
MAL-2025-12656 Malicious code in @zalastax/nolb-node-red-col (npm)
The package @zalastax/nolb-node-red-col was found to contain malicious code...
MAL-2025-12654 Malicious code in @zalastax/nolb-node-red-cl (npm)
The package @zalastax/nolb-node-red-cl was found to contain malicious code...
MAL-2025-27640 Malicious code in node-red-azure-iot-hub (npm)
The package node-red-azure-iot-hub was found to contain malicious code...
MAL-2025-12660 Malicious code in @zalastax/nolb-node-red-conti (npm)
The package @zalastax/nolb-node-red-conti was found to contain malicious code...
MAL-2025-12649 Malicious code in @zalastax/nolb-node-red-b (npm)
The package @zalastax/nolb-node-red-b was found to contain malicious code...
MAL-2025-12655 Malicious code in @zalastax/nolb-node-red-cm (npm)
The package @zalastax/nolb-node-red-cm was found to contain malicious code...
MAL-2025-12662 Malicious code in @zalastax/nolb-node-red-contrib-- (npm)
The package @zalastax/nolb-node-red-contrib-- was found to contain malicious code...
MAL-2025-12647 Malicious code in @zalastax/nolb-node-red-2 (npm)
The package @zalastax/nolb-node-red-2 was found to contain malicious code...
MAL-2025-12652 Malicious code in @zalastax/nolb-node-red-ch (npm)
The package @zalastax/nolb-node-red-ch was found to contain malicious code...
MAL-2025-12679 Malicious code in @zalastax/nolb-node-red-s (npm)
The package @zalastax/nolb-node-red-s was found to contain malicious code...
MAL-2025-27643 Malicious code in node-red-contrib-max31856 (npm)
The package node-red-contrib-max31856 was found to contain malicious code...
MAL-2025-12657 Malicious code in @zalastax/nolb-node-red-com (npm)
The package @zalastax/nolb-node-red-com was found to contain malicious code...
MAL-2025-27648 Malicious code in node-red-contrib-storfly-vtview (npm)
The package node-red-contrib-storfly-vtview was found to contain malicious code...
MAL-2025-27649 Malicious code in node-red-contrib-wotkit (npm)
The package node-red-contrib-wotkit was found to contain malicious code...
Malicious code in node-red-contrib-modbusio (npm)
The package node-red-contrib-modbusio was found to contain malicious code...
The vulnerability of the Node-RED visual programming tool’s server on the Pilz IndustrialPI operating system allows a perpetrator to execute arbitrary commands.
The vulnerability of the Node-RED visual programming tool on the Pilz IndustrialPI industrial computer server is related to the absence of default authentication settings. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
CVE-2025-41656
CVE-2025-41656 concerns the Pilz IndustrialPI Node-RED integration, where the authentication for the Node-RED server is not configured by default. This allows an unauthenticated remote attacker to execute arbitrary commands with high privileges on affected devices. The CVSS 3.1 base score is 10.0...
CVE-2025-41656 Pilz: Missing Authentication in Node-RED integration
An unauthenticated remote attacker can run arbitrary commands on the affected devices with high privileges because the authentication for the NodeRED server is not configured by default...