Lucene search
K

1340 matches found

Snyk
Snyk
added 2025/07/20 9:0 p.m.3 views

Embedded Malicious Package

Overview @toptal/picasso-charts is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2025/07/20 9:0 p.m.5 views

Embedded Malicious Package

Overview @toptal/picasso-tailwind is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2025/07/20 9:0 p.m.4 views

Embedded Malicious Package

Overview @toptal/picasso-shared is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private...

9.8CVSS7.4AI score
Exploits0References2
Snyk
Snyk
added 2025/07/20 9:0 p.m.4 views

Embedded Malicious Package

Overview @toptal/picasso-forms is a malicious package. through the preinstall and postinstall scripts. A potentially compromised account operating in Toptal's GitHub organization exposed an AWS token, leading to the account being taken over. This allowed the attackers to expose private...

9.8CVSS7.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/17 6:38 a.m.4 views

Malicious code in eslint-config-airbnb-compat (npm)

The npm package eslint-config-airbnb-compat is a malicious package impersonating the legitimate Airbnb ESLint configuration. It implements a multi-stage remote code execution attack: 1. The package uses a seemingly benign postinstall script that sets up an environment variable pointing to a...

8.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/17 6:38 a.m.5 views

Malicious code in ts-runtime-compat-check (npm)

The npm package ts-runtime-compat-check is a malicious package that functions as a key component in a remote code execution attack chain. This package: 1. Contains a postinstall script that executes lib/install.js 2. The install script makes HTTP requests to a server specified by an environment...

8.1AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/17 3:29 p.m.8 views

CVE-2024-13177

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

5.2CVSS7AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/15 3:21 p.m.18 views

CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

5.2CVSS7AI score0.00124EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/15 3:21 p.m.14 views

CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script

Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not properly validate the path of the file “nsinstallation”. A standard user could potentially create a symlink of the file “nsinstallation” to escalate the privileges of a different file on the system...

5.2CVSS0.00124EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.2 views

Netskope Client 安全漏洞

Netskope Client is a client program from Netskope USA for connecting to manage the Netskope Cloud Platform. A security vulnerability exists in Netskope Client that stems from a postinstall script that does not properly validate the path to the nsinstallation file, which could lead to elevation of...

5.2CVSS6.6AI score0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/01 12:0 a.m.4 views

CVE-2025-27554

ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows remote attackers to execute arbitrary commands on the build server e.g., read secrets from the desktopify config.prod.json file, and consequently deploy updates to any app, via a postinstall script in...

9.9CVSS9.7AI score0.00741EPSS
Exploits0References3
CVE
CVE
added 2025/03/01 12:0 a.m.74 views

CVE-2025-27554

CVE-2025-27554 affects ToDesktop builds prior to 2024-10-03 where a postinstall script in package.json can be abused to execute arbitrary commands on the build server (e.g., reading secrets from the desktopify config.prod.json) and deploy updates to any app. Multiple sources note no exploitation ...

9.9CVSS7.8AI score0.00741EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/03/01 12:0 a.m.4 views

ToDesktop 代码注入漏洞

ToDesktop is an application from ToDesktop, Inc. that converts a Web application code base into a cross-platform desktop application with native functionality. A security vulnerability exists in versions of ToDesktop prior to 2024-10-03, which stems from a postinstall script that allows a remote...

9.9CVSS7.6AI score0.00741EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/02/05 3:53 a.m.12 views

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang !/bin/zsh is being used...

7.3CVSS7.4AI score0.00321EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/08/07 12:9 p.m.6 views

Malicious code in tsc-aws-s3 (npm)

The package contains a postinstall script to download and execute an ELF Metasploit reverse shell...

7.1AI score
Exploits0
OSV
OSV
added 2024/08/07 12:9 p.m.7 views

MAL-2024-8009 Malicious code in tsc-aws-s3 (npm)

The package contains a postinstall script to download and execute an ELF Metasploit reverse shell...

7.2AI score
Exploits0
OSV
OSV
added 2024/07/31 11:56 a.m.7 views

MAL-2024-7869 Malicious code in distube-fast (npm)

This package is a starjack of distube with the addition of a malicious postinstall hook which downloads a PE with characteristics of a downloader/infostealer...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/31 11:56 a.m.2 views

Malicious code in distube-fast (npm)

This package is a starjack of distube with the addition of a malicious postinstall hook which downloads a PE with characteristics of a downloader/infostealer...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/22 2:35 p.m.5 views

Malicious code in roblox-ts-core (npm)

This package contains a malicious postinstall script which downloads further payloads and delivers QuasarRAT. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53e846a11945248574678fe65e4f8cd5b4a766ff129c761b615aef0f0c595fa5 Any computer that has this package installe...

6.8AI score
Exploits0References3
OSV
OSV
added 2024/07/22 2:35 p.m.14 views

MAL-2024-7792 Malicious code in roblox-ts-core (npm)

This package contains a malicious postinstall script which downloads further payloads and delivers QuasarRAT. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53e846a11945248574678fe65e4f8cd5b4a766ff129c761b615aef0f0c595fa5 Any computer that has this package installe...

7AI score
Exploits0References3
Rows per page
Query Builder