Malicious code in @tc-core/provider-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware addb58e3e730bb8adc78d7f15f7d35857ec0c6944ec4ba1827fbf87902debe97 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in compliance-check-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09baf2402c56bbf2219f28a1113df9b623522a17b3a199cf9a6d58f8cbb0b68a On npm install, the package's postinstall hook runs npx env-security-scanner@latest auditenvironment via childprocess.execSync, fetching and executin...

MAL-2026-3980 Malicious code in @antv/g2plot (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-3872 Malicious code in @antv/dipper-map (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4106 Malicious code in @antv/x6-plugin-minimap (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-3967 Malicious code in @antv/g-webgpu (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4129 Malicious code in babel-plugin-version (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in marathon-assets (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1cdc9efb8f4187062e02260f2126eda85583ad4d7e274c7f3c5d72b900e3eff3 The package marathon-assets was found to contain malicious code. Source: ghsa-malware 79835a80726adeabd12385031ae8c8a34d577b780fce22a9eb86304161ab2aa...

MAL-2026-3501 Malicious code in @tanstack/zod-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b6bc07c0e2b0175dd6e6bd29157ea6967bb2bcb66f643f9dafd89ab77a9f6fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2026-16293

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

CVE-2026-26213

The CVE-2026-26213 issue affects thingino-firmware up to firmware-2026-03-16, where an unauthenticated OS command injection exists in the WiFi captive portal CGI script. An attacker can inject malicious code through unsanitized HTTP parameter names, exploiting eval in parse_query() and parse_post...

MAL-2026-1193 Malicious code in cloud-apis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d014766db57fb4d6cceffc9e45821e7c14135a358abdc4db25a0310538266699 The package cloud-apis was found to contain malicious code. Source: ghsa-malware 34de661e0892c5941755ca8d9db5fbcd64da940f5b21755f4b20862a758fe769 Any...

MAL-2026-1111 Malicious code in mqttoken (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aca93be8c1540d3f53af3e84ab54ac100f00390a05d10931f80ca2941beeb39 The package mqttoken was found to contain malicious code. Source: ghsa-malware c91a888cf7be32a16813cf296ec094ba2d56bf4706c030246a92f686bac1ea2c Any...

CVE-2026-26351

GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...

Malicious code in ethres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba3cafe0e65ebbd1b4bdd577f7277b921eb7e3cf52e5fb46d8e6f6f34b2debd5 The package ethres was found to contain malicious code. Source: ghsa-malware 10924cf4fae0e118a99b95cf45376a7f42ff743f1e8830e78e801c473e0ddd88 Any...

Malicious code in baileys-dtz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 109634c377dbfbc10a7374fb473b28d85fcd47c764895f0c5e685a1f974a0120 The package baileys-dtz was found to contain malicious code. Source: ghsa-malware 14a91b23d2ef0b2dede76b5344cd84626e539f40e791d84f2a793b34d285e196 An...

Malicious code in llamaindex-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1049a24d3b448f16e3c35acfe33ee0f28346e3a3e4908d0a033e58b0758bf4ef The package llamaindex-js was found to contain malicious code. Source: ghsa-malware 7f3515bafa1614c3bea7c792295bd9574fdf82e263b87963b347e4f082d0dc3f...

CVE-2025-59694

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to persistently modify firmware and influence the insecurely configured appliance boot process. To exploit this, the attacker must modify the...

MAL-2025-191463 Malicious code in initial-path (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdfbaf17e5ea42f67e6327f5dfe8766f8a5f8d83fb4b390fc8d780da5555187 The package initial-path was found to contain malicious code. Source: ghsa-malware 014c829694ccb06463ad706603727d070cbf38be1e103200b54c1235ccc82611 A...

Malicious code in victoria-wallet-type (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db5621bc10f18615bd2282fd957a36730167a4e9318f35873c35258f033b2aad The package victoria-wallet-type was found to contain malicious code. Source: ghsa-malware...