Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Shai-Hulud / Miasma software supply chain campaign, a large scale operation that has affected numerous packages across open source ecosystems. The malicio...

OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins

Summary Workspace provider auth choices could auto-enable untrusted provider plugins. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.9 Impact Non-interactive onboarding could select a provider auth choice shadowed by an untrusted workspace plugin,...

Important: Red Hat Security Advisory: Red Hat Hardened Images RPM Release

Red Hat Hardened Images RPM Release Red Hat Hardened Images RPM Release...

MAL-2025-123552 Malicious code in theoretical_horse_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a10dd82fd3f56db830a6e929d284ad975dd4a605d4ebf338bfcd9a1e01bcf95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-112231 Malicious code in racial_turtle_azure-88 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12c1f16bc7a7baf79284744d7e22af19925bc788679de13b8dfb14f83e5c77cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Important: kernel-livepatch-6.1.150-174.273

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees...

Photon OS 5.0: Linux PHSA-2025-5.0-0648

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0648. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

OPENSUSE-SU-2025:15626-1 exim-4.98.2-4.1 on GA media

These are all security issues fixed in the exim-4.98.2-4.1 package on the GA media of openSUSE Tumbleweed...

Malicious code in release-it-exobiology-fork-aether (npm)

The package release-it-exobiology-fork-aether was found to contain malicious code...

Important Photon OS Security Update - PHSA-2025-5.0-0555

Updates of 'git' packages of Photon OS have been released...

Low Photon OS Security Update - PHSA-2025-4.0-0826

Updates of 'spdlog' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-5.0-0534

Updates of 'python3-setuptools' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-5.0-0490

Updates of 'libxslt', 'postgresql14', 'postgresql13', 'postgresql15' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-5.0-0487

Updates of 'kubernetes', 'libarchive' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-4.0-0758

Updates of 'emacs', 'openssl', 'libtasn1' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-4.0-0751

Updates of 'perl-Data-Validate-IP' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2025-4.0-0745

Updates of 'python-idna', 'python3-idna', 'git-lfs' packages of Photon OS have been released...

libndp security update

1.2-10.0.1 - Increasing release number as per Oracle package release policy...

Medium: ansible-core

Issue Overview: The upstream bug report describes this issue as follows: A flaw was found in Ansible, where a user's controller is vulnerable to template injection when internal templating operations may errantly remove the unsafe designation from template data. CVE-2023-5764 Affected Packages:...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2023-1649)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...