Server-side Request Forgery (SSRF)

Overview ai is an AI SDK by Vercel - The AI Toolkit for TypeScript and JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the order of operations in the validateDownloadUrl implementation in download-blob.ts and download.ts. The fetch operation...

MAL-2026-3607 Malicious code in guardrails-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

MAL-2026-2716 Malicious code in @needl-ai/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1b98ae2755d0fd7d61bc3dfd378dc1bad2eadf7ef0033ba66bbf1383a711e5c The package @needl-ai/common was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in responsible-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c11d73745aba3675053c5e949e3d5cf48ec050f6c5df589f613c094a8a038e The package responsible-ai was found to contain malicious code. Source: ghsa-malware 9b9159173d856834d97152b44c3f78779ff8f3dd4368b5d113920865417044c3...

Malicious Package

Overview responsible-ai is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-204938

Malicious code in booms-ai npm...

EUVD-2025-198636

Malicious code in @posthog/ai npm...

@ai-sdk/angular (>=1.1.0-beta.0 <=1.1.0-beta.28), @ai-sdk/langchain (>=1.1.0-beta.0 <=1.1.0-beta.28) +5 more potentially affected by CVE-2025-48985 via ai (>=5.1.0-beta.0 <=5.1.0-beta.8)

ai NPM version =5.1.0-beta.0, =1.1.0-beta.0, =1.1.0-beta.0, =1.1.0-beta.0, =2.1.0-beta.0, =1.1.0-beta.0, =3.1.0-beta.0, =2.1.0-beta.0, =2.1.0-beta.28 Source cves: CVE-2025-48985 Source advisory: SNYK:JS-AI-13863465...

MAL-2025-48473 Malicious code in @undress-ai/best-undress-ai (npm)

The package @undress-ai/best-undress-ai was found to contain malicious code...

CVE-2025-2828 SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

MAL-2025-2684 Malicious code in maga-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7324ae340bc742957fa3933df85f2f8d4ce90fad2c5a4f7e97b2685a1acf5f6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-12351 Malicious code in spy-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d71096c3aa8cb143ba7fab208ab313a240e8f1f9846b17b947a01f729fc1864a Every time the user sends a message to the AI, the user IP, message as well as the response are exfiltrated to a hardcoded telegram channel. This behaviour is...

Malicious code in Betalgo.Open.AI (NuGet)

--- -= Per source details. Do not edit below this line.=-...