50 matches found
Malicious code in polymarket-trading-developer-tool (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30ffc35841039a7a95d8b5590db211f34b662975513f3a054b8be282f0858c99 The package's postinstall lifecycle script performs install-time remote code execution. It reads a bundle URL from a JSON config hosted at...
Amazon Linux 2023 : rclone (ALAS2023-2026-1907)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1907 advisory. Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD reques...
Malicious code in clob-client-math (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b36bbf14a743630a93ba7f8d7529d3fae8073f0f585af4343506be6248fc1b59 [email protected] ships a postinstall script install-check.cjs that fetches a JSON config from...
Malicious code in poly-kelly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d3df5266b6e9d9347844e4e054ab744aad9517c6f55df4e68e6c6815e843da7 On npm install, the package's postinstall script reads the homepage field from package.json set to...
Rclone 1.46.x < 1.74.3 Unauthenticated Command Execution
The version of Rclone installed on the remote host is 1.46.x prior to 1.74.3. It is, therefore, affected by an unauthenticated command execution vulnerability: - rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form /remote:path/object. The remote value is parse...
MAL-2026-6160 Malicious code in firebase-readability (npm)
The npm package firebase-readability published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it registers...
MAL-2026-6170 Malicious code in onesignal-hooks (npm)
The npm package onesignal-hooks published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it registers...
MAL-2026-6145 Malicious code in accordion-animationtiming-authorization (npm)
The npm package accordion-animationtiming-authorization published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component moun...
MAL-2026-6166 Malicious code in jest-macos (npm)
The npm package jest-macos published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it registers...
MAL-2026-6163 Malicious code in framerate-interaction-permissions (npm)
The npm package framerate-interaction-permissions published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it...
MAL-2026-6178 Malicious code in streaming-downloads (npm)
The npm package streaming-downloads published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it registers...
MAL-2026-6156 Malicious code in documents-widgets (npm)
The npm package documents-widgets published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it registers...
MAL-2026-6181 Malicious code in virtualization-compression-collapse (npm)
The npm package virtualization-compression-collapse published by npm user sproger, [email protected] is a deceptive React Native component and part of a coordinated 37-package campaign across two attacker-controlled domains surrprisingcoompanny.lol and barbellmate.xyz. On component mount it...
Malicious code in noteparse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 270d4c797fe34bc0b9598608f45add8721f1fa80d1488e4fae750e3a7b38419e noteparse 1.1.27 ships live MinIO credentials in configReader.py endpoint uicfile.uniview.com, accesskey 'uicpro', secretkey 'uicpropass123' that are...
Malicious code in common-tg-service (npm)
Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions 1.0.1 through 1.3.207 are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure...
OpenClaw 访问控制错误漏洞
OpenClaw is an open-source intelligent artificial assistant. Versions of OpenClaw prior to 2026.2.12 had a access control vulnerability. This vulnerability stemmed from the Nostr plugin exposing unvalidated HTTP endpoints, which could allow remote attackers to read sensitive configuration file da...
CVE-2021-35486
A Cross-Site Request Forgery CSRF vulnerability in Nokia IMPACT through 19.11.2.10-20210118042150283 allows a remote attacker to import and overwrite the entire application configuration. Specifically, in /ui/rest-proxy/entity/import, neither the X-CSRF-NONCE HTTP header nor the CSRF-NONCE cookie...
MAL-2025-46989 Malicious code in ifood-faster-remote-config (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3b47856b6547efd8d456abded39dc3e710dfa04600ceb26aeeffdae16c33aa4f The OpenSSF Package Analysis project identified...
Malicious code in ifood-faster-remote-config (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3b47856b6547efd8d456abded39dc3e710dfa04600ceb26aeeffdae16c33aa4f The OpenSSF Package Analysis project identified...
Baidu BRCC 安全漏洞
Baidu BRCC Baidu Better Remote Config Center is a distributed configuration center of China's Baidu Baidu, which is used to unify the management of configuration information of application services, to avoid all kinds of resources scattered in various projects, and to simplify the maintenance cos...