Lucene search
K

183 matches found

Snyk
Snyk
added 2026/03/06 7:14 a.m.6 views

Malicious Package

Overview @mosfe/beam-git-util is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/02/07 12:27 a.m.4 views

SUSE CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.4AI score0.00881EPSS
Exploits1References3
OSV
OSV
added 2026/02/02 9:5 p.m.6 views

GO-2026-4390 Beam Exposes sensitive information via joinCleanPath function in github.com/beam-cloud/beta9

Beam Exposes sensitive information via joinCleanPath function in github.com/beam-cloud/beta9...

6CVSS5.2AI score0.00881EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/01/27 3:23 p.m.6 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.9AI score0.00881EPSS
Exploits1References1
OSV
OSV
added 2026/01/22 6:30 p.m.3 views

GHSA-73JG-4QH6-3F4G Beam Exposes sensitive information via joinCleanPath function

Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.9AI score0.00881EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/01/22 6:30 p.m.7 views

Beam Exposes sensitive information via joinCleanPath function

Directory Traversal vulnerability in Beam beta9 v.0.1.552 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.9AI score0.00881EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2026/01/22 4:16 p.m.13 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS0.00881EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/01/22 12:0 a.m.4 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.9AI score0.00881EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/22 12:0 a.m.1 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

5.9AI score0.00881EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.4 views

PT-2026-3950

Name of the Vulnerable Software and Affected Versions Beam versions 0.1.552 beta9 Description A directory traversal issue exists in Beam beta9 version 0.1.552. This allows a remote attacker to potentially access sensitive information through the joinCleanPath function. Recommendations At the...

6CVSS5.9AI score0.00881EPSS
Exploits1References11
CVE
CVE
added 2026/01/22 12:0 a.m.24 views

CVE-2025-69820

CVE-2025-69820 concerns a Directory Traversal in Beam (beta9) involving the joinCleanPath function. Multiple sources (SUSE, Red Hat, OSV ecosystems, NVD/NVD-linked) describe exposure of sensitive information via crafted paths in Beam beta9 releases (notably versions around 0.1.521/0.1.552). The r...

6CVSS5.9AI score0.00881EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.11 views

Beam security vulnerabilities

Beam is an open-source artificial intelligence runtime environment developed by Beam. Version beam beta9 0.1.552 contains a security vulnerability. This vulnerability stems from the directory traversal vulnerability in the joinCleanPath function, which could allow remote attackers to obtain...

6CVSS5.8AI score0.00881EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/01/22 12:0 a.m.21 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

0.00881EPSS
Exploits1References3
OSV
OSV
added 2026/01/22 12:0 a.m.9 views

CVE-2025-69820

Directory Traversal vulnerability in Beam beta9 v.0.1.521 allows a remote attacker to obtain sensitive information via the joinCleanPath function...

6CVSS5.4AI score0.00881EPSS
Exploits1References5
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.1 views

GHSA-XQRQ-4MGF-FF32 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.11-sdk...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.15 views

CVE-2025-50817 vulnerabilities

Vulnerabilities for packages: apache-beam-python-3.11-sdk...

5.4CVSS6.4AI score0.00271EPSS
Exploits0
OSV
OSV
added 2025/10/29 10:51 p.m.4 views

MAL-2025-49065 Malicious code in wdr-beam (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16487b4b3ab32616874e0d9510ebc6c9ebf957bccdd7bfe6e84d60e0d1b89cf2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:51 p.m.6 views

Malicious code in wdr-beam (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16487b4b3ab32616874e0d9510ebc6c9ebf957bccdd7bfe6e84d60e0d1b89cf2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/29 10:51 p.m.4 views

EUVD-2025-36784

Malicious code in wdr-beam npm...

6.6AI score
Exploits0References1
Snyk
Snyk
added 2025/10/29 10:51 p.m.2 views

Malicious Package

Overview wdr-beam is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder