1340 matches found
Remote Code Execution (RCE)
Signal K Server is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsanitized npm version specifiers in the appstore install API, where attacker-controlled URLs or git sources can be passed to npm, allowing execution of malicious postinstall scripts when an administrator...
CVE-2025-68619
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugi...
GHSA-93JC-VQQC-VVVH Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package
The SignalK appstore interface allows administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugin or webapp, the version parameter accepts arbitrary npm version specifiers including URLs. npm...
Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package
The SignalK appstore interface allows administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugin or webapp, the version parameter accepts arbitrary npm version specifiers including URLs. npm...
EUVD-2025-206137
Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package...
CVE-2025-68619 Signal K Server Vulnerable to Remote Code Execution via Malicious npm Package
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry as a known plugi...
CVE-2025-68619
CVE-2025-68619 affects the Signal K Server. The appstore REST endpoint allows admins to install npm packages by passing a version specifier, but the code does not sanitize this field and forwards it to npm. Because npm supports arbitrary version specifiers (including URLs and git sources) the att...
PT-2026-1023
Name of the Vulnerable Software and Affected Versions Signal K Server versions prior to 2.19.0 Description Signal K Server is a server application used in marine environments. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API...
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux
Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems. "The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprint...
MAL-2025-48511 Malicious code in test-postinstall-package-for-ctf-nfrejnfvjenjner (npm)
The package communicates with a domain associated with malicious activity...
EUVD-2016-5951
Malware in sbrugna...
EUVD-2018-18133
Malware in sbrugna...
EUVD-2024-54508
Malicious code in bioql PyPI...
EUVD-2025-27127
Malicious code in bioql PyPI...
EUVD-2025-5907
Malicious code in bioql PyPI...
Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
MAL-2025-47225 Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
MAL-2025-47230 Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
Malicious code in @operato/styles (npm)
Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...