MAL-2026-5565 Malicious code in ai-sdk-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 501daa3c8b2c9c2609dc60fd90ae59710a603ae56fa5dcc867d24913889c5413 [email protected] is a typosquat impersonating the Vercel AI SDK ecosystem homepage ai-sdk.guide, author 'AI SDK Guide '. On npm install,...

Malicious code in ai-sdk-ollama (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

@easbot/ollama-sdk (=0.1.0) potentially affected by unknown CVE via ai-sdk-ollama (=2.2.0)

ai-sdk-ollama NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ai-sdk-ollama and may be impacted: - @easbot/ollama-sdk =0.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

@agentic-dev-library/control (=1.2.0), @agentic-dev-library/triage (>=1.0.2 <=1.1.0) +38 more potentially affected by unknown CVE via ai-sdk-ollama (>=3.0.0 <=3.8.4)

ai-sdk-ollama NPM version =3.0.0, =1.0.2, =0.1.0, =0.1.1, =0.1.0, =1.3.0, =0.1.1, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.4.3 and more Source cves: unknown CVE Source advisory: SNYK:JS-AISDKOLLAMA-17146454...

@activepieces/piece-vapi (>=0.0.1 <=0.0.2), @keyman500/voice-ai-sdk (>=0.1.0 <=1.1.0) +2 more potentially affected by unknown CVE via @vapi-ai/server-sdk (>=0.10.2 <=0.11.0)

@vapi-ai/server-sdk NPM version =0.10.2, =0.0.1, =0.1.0, =1.0.0, =1.1.0 Source cves: unknown CVE Source advisory: SNYK:JS-VAPIAISERVERSDK-17146457...

Embedded Malicious Code

Overview ai-sdk-ollama is a Vercel AI SDK Provider for Ollama using official ollama-js library Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attemp...

0pflow (>=0.1.0 <=0.1.0-dev.f5622ac), 0xble (>=14.0.0 <=23.2.2) +9430 more potentially affected by CVE-2026-8769 via @ai-sdk/provider-utils (>=0.0.0-b66d09a8-20260328011513 <=5.0.0-canary.44)

@ai-sdk/provider-utils NPM version =0.0.0-b66d09a8-20260328011513, =0.1.0, =14.0.0, =1.1.5, =0.1.0, =1.0.0, =0.0.2, =0.1.6, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.1.0, =1.1.0, =0.1.0-alpha.1, =0.7.1 and more Source cves: CVE-2026-8769 Source advisory:...

org.webjars.npm:ai-sdk__vue (=3.0.33) potentially affected by CVE-2026-8768 via org.webjars.npm:ai (=6.0.33)

org.webjars.npm:ai MAVEN version =6.0.33 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:ai and may be impacted: - org.webjars.npm:ai-sdkvue =3.0.33 Source cves: CVE-2026-8768 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16734890...

0pflow (>=0.1.0 <=0.1.0-dev.f5622ac), 0xble (>=14.0.0 <=23.2.2) +9430 more potentially affected by CVE-2026-8768 via @ai-sdk/provider-utils (>=0.0.0-b66d09a8-20260328011513 <=5.0.0-canary.44)

@ai-sdk/provider-utils NPM version =0.0.0-b66d09a8-20260328011513, =0.1.0, =14.0.0, =1.1.5, =0.1.0, =1.0.0, =0.0.2, =0.1.6, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.1.0, =1.1.0, =0.1.0-alpha.1, =0.7.1 and more Source cves: CVE-2026-8768 Source advisory:...

Vercel AI SDK 资源管理错误漏洞

Vercel AI SDK is a JavaScript SDK provided by Vercel that supports the integration of large language models, streaming responses, and AI application development. Vercel AI SDK versions 3.0.97 and earlier contain a resource management vulnerability. This vulnerability stems from the functions...

Vercel AI SDK 代码问题漏洞

Vercel AI SDK is a JavaScript SDK developed by Vercel that supports the integration of large language models, streaming responses, and AI application development. Versions of Vercel AI 3.0.97 and earlier contain code vulnerabilities. These vulnerabilities stem from the validateDownloadUrl functio...

AI SDK 命令注入漏洞

AI SDK is a TypeScript AI toolkit open-sourced by Vercel. Versions of AI SDK 3.0.97 and earlier have a command injection vulnerability. This vulnerability stems from the run function in the PR Branch Name Interpolation component, where operating system commands can be injected, potentially allowi...

Malicious code in @dirigible-ai/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

MAL-2026-3593 Malicious code in @dirigible-ai/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 5e1924464368f0c5816ee84e000cc47017f44045140feafbbc9e685d847ed5a5 This package was compromised as part of the "Mini Shai-Hulud is back" worm by the TeamPCP threat actor. The package will steal credentials...

Exploit for CVE-2026-2472

🚨 CVE-2026-2472-Vertex-AI-SDK-Google-Cloud - Simple Proof of C...

Exploit for CVE-2026-2472

Unauthenticated Stored Cross-Site Scripting XSS in genai/e...

GHSA-QV8J-HGPC-VRQ8 Google Cloud Vertex AI SDK affected by Stored Cross-Site Scripting (XSS)

Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...

CVE-2026-2472

Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...

CVE-2026-2472

Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...

CVE-2026-2472 Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization

Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...