31 matches found
Malicious code in @uipath/agent.sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45bbbe2c268afd6e7d6f55939b26f9dda7bedc69e3d2e72655495584c35f0627 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
@uipath/widget.sdk (>=0.0.2 <=0.0.18) potentially affected by unknown CVE via @uipath/agent.sdk (>=0.0.1 <=0.0.17)
@uipath/agent.sdk NPM version =0.0.1, =0.0.2, =0.0.18 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3527...
MAL-2026-3527 Malicious code in @uipath/agent.sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45bbbe2c268afd6e7d6f55939b26f9dda7bedc69e3d2e72655495584c35f0627 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3525 Malicious code in @uipath/agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @uipath/agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2026-7235
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...
CVE-2026-7235 ErlichLiu claude-agent-sdk-master route.ts path traversal
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...
CVE-2026-7235
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...
CVE-2026-7235 ErlichLiu claude-agent-sdk-master route.ts path traversal
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...
PT-2026-35681
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file app/api/agent-output/route.ts. The manipulation of the argument outputFile leads to path traversal...
Claude Agent SDK Master 路径遍历漏洞
Claude Agent SDK Master is a progressive learning tutorial for Claude Agent SDK developed by Erlich. Claude Agent SDK Master has a path traversal vulnerability; this vulnerability stems from the outputFile parameter in the app/api/agent-output/route.ts file, which allows for path traversal,...
CVE-2026-35021
Rejected reason: This CVE ID has been rejected by its CVE Numbering Authority CNA. It was determined that the affected code path cannot be triggered through normal usage of Claude Code...
CVE-2026-35022
This CVE ID has been rejected by its CVE Numbering Authority CNA. It was determined that the -p flag behavior is documented in Anthropic's claude -h output with an explicit warning that non-interactive mode should only be used in trusted directories, making this intended and described behavior...
CVE-2026-35021
The CVE-2026-35021 entry is rejected by the CNA and does not represent an active vulnerability.
CVE-2026-35021
This CVE ID has been rejected by its CVE Numbering Authority CNA. It was determined that the affected code path cannot be triggered through normal usage of Claude Code...
CVE-2026-35020
...
CVE-2026-35020
...
Claude Code CLI和Claude Agent SDK 操作系统命令注入漏洞
Claude Code CLI and Claude Agent SDK are both open-source products developed by Anthropic. Claude Code CLI is a command-line AI coding assistant tool. Claude Agent SDK is a developer toolkit for AI coding assistants. Both Claude Code CLI and Claude Agent SDK have operating system command injectio...
Claude Code CLI和Claude Agent SDK 操作系统命令注入漏洞
Claude Code CLI and Claude Agent SDK are both open-source products developed by Anthropic. Claude Code CLI is a command-line AI coding assistant tool. Claude Agent SDK is a developer toolkit for AI coding assistants. Both Claude Code CLI and Claude Agent SDK have operating system command injectio...
Claude Code CLI和Claude Agent SDK 操作系统命令注入漏洞
Claude Code CLI and Claude Agent SDK are both open-source products developed by Anthropic. Claude Code CLI is a command-line AI coding assistant tool. Claude Agent SDK is a developer toolkit for AI coding assistants. Both Claude Code CLI and Claude Agent SDK have operating system command injectio...