Malicious code in webservices.rest-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9c78a4d0c87def69bbc5337e41a730e7ca6ae898426759915f053dc584581c package.json declares both preinstall and postinstall hooks that execute index.js, which exfiltrates installer data to a base64-encoded Cloudflare...

MAL-2026-4549 Malicious code in dot-utils-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3091b9bb8cbf714d9391a59f7303a3748e183bbdf0fba2264b7496a2072e717f On every import, dist/index.js base64-decodes a hardcoded AES-256-CBC ciphertext, derives a key from environment variable VITEDOTUTILSAESSECRET,...

GHSA-65PC-FJ4G-8RJX vulnerabilities

Vulnerabilities for packages: dask-kubernetes, httpie, kubeflow-pipelines, airflow, semgrep, kubeflow-volumes-web-app, kubeflow-pipelines-visualization-server, reflex, ggshield, open-webui, datadog-agent, confluent-docker-utils, kserve, jupyter-base-notebook, py3-cassandra-medusa, jwt-tool, mlflo...

CLSA-2026-1779267466 shadow-utils: Fix of CVE-2023-4641

CVE-2023-4641: fix password leak in gpasswd...

Malicious code in pretty-logger-utils (npm)

pretty-logger-utils is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper...

Malicious code in ts-logger-pack (npm)

ts-logger-pack is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Do not use freedevicenode in graphutilParsedai The commit 419d1918105e states that “ASoC: simple-card-utils: Use freedevicenode for devicenode.” However, freedevicenode is used for dlc-ofnode, but it need...

Astra Linux - уязвимость в shadow

A flaw was discovered in shadow-utils. When requesting a new password, shadow-utils asks for the password twice. If the password is incorrect on the second attempt, shadow-utils fails in clearing the buffer used to store the first entry. This may allow an attacker with sufficient access to retrie...

Astra Linux - уязвимость в linux, linux-5.15

A flaw was discovered in cifs-utils. When attempting to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may result in the disclosure of sensitive data from the host’s Kerberos...

Astra Linux - уязвимость в node-loader-utils

A prototype pollution vulnerability exists in the parseQuery function in parseQuery.js, within the webpack-loader-utils module. This issue affects all versions prior to 1.4.1 and 2.0.3...

MAL-2026-4562 Malicious code in figma-d2c-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b65db74a06749bbb141552f97e91b15d5bdd91b57a0136dfc8bfb4034b659c8f The package ships dist/report.js, a one-line module that issues an HTTPS POST to https://www.baidu.com carrying values read from process.env. The...

MAL-2026-4652 Malicious code in python-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b94c01fae325c5f5e92abd5da03527c54e22bb48202b1dc8b3e2c64947753b2 package.json declares "preinstall": "./dist/typecheck.js". The referenced file is not JavaScript — it is a 5,224,556-byte Linux x86 ELF executable...

Malicious code in etherjs-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 335b4f699510e2bb1171a9137655f6977d5554f508e612eab97b4239c1249be1 package.json declares a postinstall script that performs an HTTPS GET to an ephemeral pinggy-free.link tunnel URL...

Amazon Linux 2023 : dnsmasq, dnsmasq-utils (ALAS2023-2026-1516)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1516 advisory. dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an...

CVE-2026-8769

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...

ALSA-2026:18162 Moderate: iputils security update

The iputils packages contain basic utilities for monitoring a network, including ping. Security Fixes: iputils: iputils integer overflow CVE-2025-48964 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE...

Malicious code in solana-web3-alt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3846bb2c80cb984e05f37cddc24548b73067be9aaca692e401a06f7c323e7b9 In specific environments, the package triggers silent code execution during installation. The code to execute is not included in the package. --- Category:...

MAL-2026-3835 Malicious code in solana-web3-alt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3846bb2c80cb984e05f37cddc24548b73067be9aaca692e401a06f7c323e7b9 In specific environments, the package triggers silent code execution during installation. The code to execute is not included in the package. --- Category:...

MAL-2026-3834 Malicious code in foundry-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f62cf5a646cd39640b2be03720a6a2195dc4924813146e9a0d387bafa75c7de In specific environments, the package triggers silent code execution during installation. The code to execute is not included in the package. --- Category:...

au.csiro.pathling:encoders (>=6.2.2 <=9.6.0), au.csiro.pathling:fhir-server (>=6.2.2 <=7.2.0) +246 more potentially affected by CVE-2026-45367 via ca.uhn.hapi.fhir:org.hl7.fhir.utilities (>=6.0.0 <=6.9.6)

ca.uhn.hapi.fhir:org.hl7.fhir.utilities MAVEN version =6.0.0, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.2.2, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =6.6.0, =8.10.0 and more Source cves: CVE-2026-45367 Source advisory: SNYK:JAVA-CAUHNHAPIFHIR-16757891...