CVE-2026-5559 AntaresMugisho PyBlade AST Validation sandbox.py _is_safe_ast special elements used in a template engine

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...

EUVD-2025-177230

Malicious code in phenomic-google-antares-quark npm...

EUVD-2025-177412

Malicious code in orbit-zenith-magellan-antares npm...

EUVD-2025-178619

Malicious code in halley-antares-lint-staged-protractor npm...

EUVD-2025-180412

Malicious code in antares-terser-regulus-gravity npm...

EUVD-2025-180450

Malicious code in alphard-dynamo-antares-meteor npm...

EUVD-2025-176275

Malicious code in spawn-scorpius-antares-hexo npm...

EUVD-2025-180414

Malicious code in antares-quasarjet-winston-superflare npm...

MAL-2025-186385 Malicious code in cross-env-package-rimraf-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59b7e5135953bf968f903061df1ef7829176346806c7e274868c5ef4f82dc597 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-apex-robotics-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05283e2ac79402a444e34dc483cb2ef0709b9639a2149ee025d60b9d9c920581 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179497

Malicious code in cross-env-package-rimraf-antares npm...

EUVD-2025-175978

Malicious code in testcafe-markdownlint-antares-jsonp npm...

EUVD-2025-177847

Malicious code in middleware-antares-bootstrap-fork npm...

EUVD-2025-180427

Malicious code in antares-asteroid-quantum-helmet npm...

EUVD-2025-175870

Malicious code in troposphere-elektra-supernova-antares npm...

EUVD-2025-177745

Malicious code in mui-cluster-antares-nucleosynthesis npm...

EUVD-2025-178878

Malicious code in fomalhaut-jabbah-telesto-antares npm...

Malicious code in cressida-cache-iota-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efdc68100f25ab316f603e943cc9672495c31169a3534af578cd94b80cb0b020 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in antares-iota-mysql-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6b745a215730f800ab23e41a575eb14af8482a22bb5b1a6db13350db681a93e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in lint-antares-luna-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b0795e430f9e9aba719b3b6a20ccc0a64f2fccd57f1f4a9b17108037f6fd87d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...