CVE-2025-40760

A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly handle error messages and discloses sensitive password hash information when processing user authentication requests. This could allow a local attacker to extract password hashes fo...

CVE-2025-40763

A vulnerability has been identified in Altair Grid Engine All versions V2026.0.0. Affected products do not properly validate environment variables when loading shared libraries, allowing path hijacking through malicious library substitution. This could allow a local attacker to execute arbitrary...

CISA Releases 18 Industrial Control Systems Advisories

CISA released 18 Industrial Control Systems ICS Advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-317-01 Mitsubishi Electric MELSEC iQ-F Series ICSA-25-317-02 AVEVA Application Server IDE ICSA-25-317-03...

EUVD-2025-177994

Malicious code in lyra-archaeoastronomy-graviton-altair npm...

EUVD-2025-177926

Malicious code in mdx-zenobia-altair-colors npm...

EUVD-2025-180442

Malicious code in altair-async-jabbah-radioastronomy npm...

EUVD-2025-179971

Malicious code in brane-venus-betelgeuse-altair npm...

EUVD-2025-178494

Malicious code in hugo-unuk-leda-altair npm...

EUVD-2025-177347

Malicious code in paleontology-mensa-altair-exec npm...

EUVD-2025-176233

Malicious code in standard-altair-izar-sync npm...

Malicious code in quasar-backend-altair-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35756d40a25a4bdb4052a566e3b66b63592849244ddafa63fe0a0df31a150e39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in standard-altair-izar-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aa4728fd5bccd6fec6ad0f4459479b41c02571c837732ad3e92688a04eb9bf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176104

Malicious code in superposition-brane-gravity-altair npm...

EUVD-2025-177436

Malicious code in ophiuchus-whitedwarf-sirius-altair npm...

EUVD-2025-176847

Malicious code in quasar-backend-altair-callback npm...

EUVD-2025-176776

Malicious code in redgiant-callisto-altair-npm npm...

EUVD-2025-178456

Malicious code in ignite-cosmicray-accretion-altair npm...

EUVD-2025-178077

Malicious code in lint-isostasy-altair-less-loader npm...

EUVD-2025-179628

Malicious code in commitlint-prosthetics-altair-magnetosphere npm...

EUVD-2025-180441

Malicious code in altair-genomics-firebase-janus npm...