MAL-2026-5423 Malicious code in @nstrlabs/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36d8d7c327560bb7a4c08d906db240a2dc146e20f828d9dfc5ab79497b155355 On npm install, the package's preinstall script node index.js || true executes automatically and collects host identifiers from the installer's machi...

MAL-2026-5418 Malicious code in @nstrlabs/api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de7b47a7f81209dbbaff286599b46f4f030ff992b6d0c25d947cc84739b838d9 @nstrlabs/[email protected] is a hollow package whose only behavior is an install-time exfiltration beacon. package.json declares "preinstall": "node...

MAL-2026-5422 Malicious code in @nstrlabs/shared-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efc72373a5a06d31becb2dd02ced949866c9da14ae6d0bfdb3b4f4c882e40445 On npm install, the package's preinstall script runs index.js, which collects host identifiers os.hostname, os.userInfo.username, dirname, process.cw...

MAL-2026-5419 Malicious code in @nstrlabs/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608be3457e7c809e60c1b76b9406489652f0ef708bfb97db2b6e0bb92b6836c2 On npm install, the package's preinstall hook node index.js || true, declared in package.json automatically collects host identifiers — os.hostname,...

MAL-2026-5427 Malicious code in @payment-review/store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d624eaefbb0245bf0c9a7b598c461a3ba5ec48005cfec223898062741ef8c2e package.json declares preinstall: node index.js || true, so installing the package automatically runs index.js on npm install. The script collects ho...

Malicious code in @klapp-about/routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 715f07e0a1984fc9eb7d6432fc2491b08139755426b3c8905ba2d9274e2d4875 On npm install, the package's preinstall hook node index.js collects host and user identity data — os.hostname, os.userInfo.username, dirname,...

MAL-2026-5414 Malicious code in @klapp-login-platform/oidc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c2b86b9675d4d22e101f4f10f521cc36069ecebd1680d4c3ecfa0c04e8169da On npm install, the package executes node index.js via its preinstall hook. index.js collects the installer's hostname os.hostname, username...

Malicious code in @klapp-login-platform/oidc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c2b86b9675d4d22e101f4f10f521cc36069ecebd1680d4c3ecfa0c04e8169da On npm install, the package executes node index.js via its preinstall hook. index.js collects the installer's hostname os.hostname, username...

CVE-2026-10731

creationtimestamp| type| source ---|---|--- 2026-06-09 11:52:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnu53r2lny2v...

CVE-2018-25422

creationtimestamp| type| source ---|---|--- 2026-05-30 17:07:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3jzf4v5u2e...

MAL-2026-4629 Malicious code in openmct-couch-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8eff366d17efa64bf8605941d009d01cf7a24aaf011af30faec449fc4a2e28 On npm install, the package's preinstall script runs node index.js and then curls the output of hostname && whoami to...

CVE-2026-7841

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the fronte...

Gotenberg 代码问题漏洞

Gotenberg is an open-source, developer-friendly API developed by Gotenberg. It is used to convert various document formats into PDF files. Version 8.29.1 of Gotenberg contains a code vulnerability. This vulnerability stems from the FilterDeadline function, which returns nil unconditionally when...

CVE-2026-28525

SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoosemultipart.c that allows unauthenticated attackers to cause a denial of service by sending a crafted HTTP POST request to /upload with a malformed multipart boundary and controlled TCP stream timing...

CVE-2026-34538

creationtimestamp| type| source ---|---|--- 2026-04-09 09:38:50+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mj2j6e76qs26 2026-04-09 12:17:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj2s2ho2t52q...

CVE-2025-50666

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /webpost.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in parameters such as name, en, userid, log, and time...

CVE-2026-5642

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...

EUVD-2026-18426

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...

CVE-2026-34118 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2.6 version contains a security vulnerability. This vulnerability stems from a lack of verification for the remaining buffer capacity after dynamic allocation in the HTTP POST body parsing logic. Th...