MAL-2026-4769 Malicious code in soundsource (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3285c5fec24c01c9c463e85c199934f5a08da7e94277583430a6e3feb274add The package's source distribution contains Token.txt at the tarball root holding a live PyPI API token prefix pypi-AgEIcHlwaS5vcmc.... Anyone who...

MAL-2026-4743 Malicious code in buddyme (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4ae4b8c00d27e82d54a5d2d960b1dc4f40ba15bc938355bad8421c338d6ef6 buddyme advertises a CLI agent. When installed and run, the default REPL routes every prompt the user types to third-party LLM providers Zhipu GLM at...

Malicious code in crw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597 Package 'crw' impersonates the Firecrawl SDK: it declares 'firecrawl' as a keyword, replicates Firecrawl's client surface...

Malicious code in claude-all-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c5a1f5a6f5bd2dadc4e207ff4e8e310c24cd4c99c751ed094251e00e0af8f3 On install, postinstall.js writes configuration into /.claude/, /.gemini/, /.codex/, and /.kiro/ that hard-wires AI tooling to author-controlled...

MAL-2026-4441 Malicious code in @shadanai/openclaw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0e2f02ab1bb3d99de1787ed7d69f1df97bd3b2d7c18cc8ba4e5f8688f649ce9 On npm install, scripts/postinstall.mjs performs several installer-harm actions. 1 Backdoor: writes /.openclaw/openclaw.json configuring a local...

GHSA-6VP2-6R7M-2JVX Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Summary The public API role unassignment endpoint POST /api/public/v1/roles/unassign updates user documents in CouchDB but does not invalidate the corresponding Redis user cache entries. Because the authentication middleware resolves user identity and permissions from this cache TTL: 3600 seconds...

GHSA-2VX9-7WPG-88JQ n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

Impact The ExecuteWorkflow node's localFile source option read workflow files from disk without applying checks enforced by other file-reading nodes. An authenticated user with permission to create or modify workflows could supply an arbitrary file path via the REST API, bypassing the...

Mailpit: Unauthenticated remote memory-exhaustion DoS via unlimited SMTP DATA and /api/v1/send body sizes

Summary The Mailpit SMTP server has a Server.MaxSize int field that controls the maximum allowed DATA payload size, but the field is never assigned anywhere outside test code, leaving it at Go's zero value 0 ⇒ "no limit". The same applies to the HTTP /api/v1/send endpoint, whose request body is...

Server-side Request Forgery (SSRF)

Overview @haxtheweb/open-apis is a Shared API infrastructure for HAXTheWeb advanced capabilities like importing, parsing, analysis, migration Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via improper hostname validation in the cacheAddress, JOSHelpers, and...

CVE-2026-42099

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

CVE-2026-42099 Race Condition in Sparx Pro Cloud Server

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

CVE-2026-42099

Technical details beyond the initial description are not publicly available in the provided documents. Monitor for updates.

GHSA-67C5-X5MF-RPPQ MLflow: Improper Origin Validation in MLflow Assistant /ajax-api Endpoints Enables Browser-Mediated Local Command Execution

In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to exploit cross-origin requests from a malicious webpage to interact with the MLflow Assistant running on a victim's local machine. ...

CVE-2026-8953

Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 151, Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

Origin Validation Error

Overview mlflow is a platform to streamline machine learning development, including tracking experiments, packaging code into reproducible runs, and sharing and deploying models. Affected versions of this package are vulnerable to Origin Validation Error in the /ajax-api endpoints. An attacker ca...

EUVD-2026-30882

A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID userId parameter. This vulnerability allows for cross-role personally identifiable information PII leakage,...

CVE-2026-37978 Keycloak: org.keycloak.services: keycloak: information disclosure via evaluate-scopes admin api

A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID userId parameter. This vulnerability allows for cross-role personally identifiable information PII leakage,...

CVE-2026-37978

A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints with an arbitrary user ID userId parameter. This vulnerability allows for cross-role personally identifiable information PII leakage,...

EUVD-2026-30879

A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference IDOR vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier UUID belonging to another Resource Server within the same realm,...

CVE-2026-4630

A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference IDOR vulnerability in the Authorization Services Protection API endpoint. By knowing or obtaining a resource's unique identifier UUID belonging to another Resource Server within the same realm,...