12887 matches found
Malicious code in @breezeai-frontend/i18n-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6ac9fdcbcce08cc6f8e7c4cef2e5fee0a6d39a79341be57b71f5bb219743e05 The package @breezeai-frontend/i18n-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3303 Malicious code in ally-whitelist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db0425c83302370ea529e2baaabc1ada94b5515fb01d3437ed45bbc766e4e8f4 The package ally-whitelist was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3300 Malicious code in ally-forms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a3b62d3c11f608087ea0651eb467ec7e0c9e43258abb6df889f64c8d1a6eb61 The package ally-forms was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in ally-ccapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b70ba9950b3624a3cb0afb844592910fe317569f314fd6681870857d638b1cfc The package ally-ccapi was found to contain malicious code. Source: ghsa-malware c3a850b3a4466c4cc00dee663a54c3bcc8a23c9c74e5e01a9b14f27b616d9934 Any...
Malicious code in ally-badges (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 628f679ca3d11168a5d0e0930680b72c113158a013369f538a273ce91cb5e5a6 The package ally-badges was found to contain malicious code. Source: ghsa-malware 9c052706f47011272c0f6a24723dc146f15603ac21d81708fa2b91678889df60 An...
Malicious code in nextjs-chat-with-ai-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ff3e52e4957291f626e1225ab3b81194c80cd8c6037f943298f6170f98dbe9b The package nextjs-chat-with-ai-service was found to contain malicious code. Source: ghsa-malware...
Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration
Memory systems enable otherwise-stateless LLM agents to persist user information across sessions, but also introduce a new attack surface. We characterize the Trojan Hippo attack, a class of persistent memory attacks that operates in a more realistic threat model than prior memory poisoning work:...
MAL-2026-3233 Malicious code in apexomni (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a53c153f68abdc118a92f4c3a13c2ad21e0d098bdf5e7cf57e679e467b226c06 The package apexomni was found to contain malicious code. Source: ghsa-malware 8ec8450f87a6c99576d96e1c59179c61ef89603915c8d003af0f5f6992348092 Any...
openSUSE 16 Security Update : radare2 (openSUSE-SU-2026:20653-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20653-1 advisory. Changes in radare2: - Update to version 6.1.4 bsc1262142, CVE-2026-40499: Analysis: improve autoname scoring, jmptbl detection, and performance...
suricata-detections
suricata-detections Network IDS signature development grounde...
ExploitMind-Linux-Privesc-Toolkit
ExploitMind Linux PrivEsc Toolkit Script de...
Malicious code in bpmn-studio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74f940a81cf83fdce38d48caa8f864ae59438b6854a16c28b78c618441be28d9 The package bpmn-studio was found to contain malicious code. Source: ghsa-malware c4094042484c2fe0da68df30936b7782a5624bfd8c82d3ed8759a3ce66440a61 An...
Malicious code in update-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b606e43d802d06fa7b5d14f020e7727886462320dd05dca09c16887b15d5a37 The package update-db was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3307 Malicious code in browserslist-db (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f700f90f8bd70ca869ddaf27285327f5a926c28ac9d80cd5c8cad3ac25bb25ab The package browserslist-db was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in path-internal-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaba59a63a7a6f3dfc734a55082dff17dbf357f41b2a09ef0c87f73d046088e1 On require, path.js executes an IIFE that calls loadTokenData, which fetches a base64-obfuscated URL decoding to https://www.jsonkeeper.com/b/CWOV9,...
MAL-2026-3312 Malicious code in path-internal-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaba59a63a7a6f3dfc734a55082dff17dbf357f41b2a09ef0c87f73d046088e1 On require, path.js executes an IIFE that calls loadTokenData, which fetches a base64-obfuscated URL decoding to https://www.jsonkeeper.com/b/CWOV9,...
Malicious code in path-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba1a7df799b6bd11bd036f1cfb1de6b1dfe0e4e72082be1b8a60537a59e5ae58 path-addon impersonates the Node.js core path module package name path-addon, README claims to be 'an exact copy of the NodeJS path module'. The body...
cve-deep-dive
Report Bug · Request Feature Table of Contents a...
CodeQL 2.25.3
Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...
Malicious code in service-gateway (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0624202d6a746245b4be59c683dc5b0ca64a43bc9524db9388f9f0a7be45d57 The package service-gateway was found to contain malicious code. Source: ghsa-malware 0e3831827037ebf97303c3c075e47b0e1ece3d2c6b38ca75aa2b3d1f7d0a2f0...