CVE-2026-5559 AntaresMugisho PyBlade AST Validation sandbox.py _is_safe_ast special elements used in a template engine

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function issafeast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack may...

EUVD-2025-177230

Malicious code in phenomic-google-antares-quark npm...

EUVD-2025-180403

Malicious code in apex-antares-polaris-cosmology npm...

EUVD-2025-180426

Malicious code in antares-aurora-mocha-corvus npm...

Malicious code in antares-apex-robotics-quito (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05283e2ac79402a444e34dc483cb2ef0709b9639a2149ee025d60b9d9c920581 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in holography-antares-enif-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc8649af4f582c4122138a6cc2191c5208ae130c40e0a81317dfb3433f22d4eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177609

Malicious code in nightmare-europa-restart-antares npm...

Malicious code in nightmare-europa-restart-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1282148b41a453d5bba2f2e2c6359c5beb40a47dde6f6cefae0d1cf108effa41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185472 Malicious code in antares-planckscale-helmet-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2f72530dd247b457218e0e4f8916ac3dc415a8a2eab4401eb9bd37f23deb50d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179753

Malicious code in chariklo-perseus-chalk-antares npm...

EUVD-2025-178266

Malicious code in joviology-exobiology-antares-webpack npm...

EUVD-2025-177847

Malicious code in middleware-antares-bootstrap-fork npm...

EUVD-2025-177980

Malicious code in magellan-gammarayburst-passport-antares npm...

Malicious code in antares-asteroid-quantum-helmet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06b7c61d916fabec1f02468b65e006f419ee4361732312623ac970b55b57cdc7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-176275

Malicious code in spawn-scorpius-antares-hexo npm...

EUVD-2025-178619

Malicious code in halley-antares-lint-staged-protractor npm...

EUVD-2025-177745

Malicious code in mui-cluster-antares-nucleosynthesis npm...

EUVD-2025-178080

Malicious code in lint-antares-luna-nashira npm...

EUVD-2025-175591

Malicious code in webdriverio-vuetify-antares-wezen npm...

EUVD-2025-180425

Malicious code in antares-bunyan-apollo-deimos npm...