78 matches found
MAL-2026-4779 Malicious code in ether-bn.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cc5567869e3d616af151887f680ef13bf23f8a19fe5978343254b921c1c7c73 Package name 'ether-bn.js' resembles the widely-used 'bn.js' big-number library, and the README directs users to install yet another name...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the FormManager::create function. An attacker can access and exfiltrate sensitive database contents, including user credentials, by injecting arbitrary SQL statements through crafted input to the bnidnature parameter...
JLSEC-2026-216 There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with...
There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are...
EUVD-2026-17691
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in coolsnowwolf lede package/lean/mt/drivers/mt7603e/src/mt7603wifi/common modules. This vulnerability is associated with program files bnlib.C. This issue affects lede: through r25.10.1...
CVE-2026-2739
A flaw was found in bn.js. When calling the maskn0 function on a BN instance, there is potential for this action to corrupt the internal state of the library, causing critical methods such as toString and divmod to enter an infinite loop. The primary consequence is a Denial of Service DoS, where...
CVE-2026-2739
This affects versions of the package bn.js before 5.2.3. Calling maskn0 on any BN instance corrupts the internal state, causing toString, divmod, and other methods to enter an infinite loop, hanging the process indefinitely...
CVE-2026-24803
CVE-2026-24803 describes an infinite loop (unreachable exit condition) vulnerability in coolsnowwolf/lede within the MT7615D wifi drivers under mt_wifi/embedded/security modules, specifically associated with bn_lib.C. Affected software: LEDE project releases up to and including r25.10.1. Root cau...
PT-2026-4873
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in coolsnowwolf lede package/lean/mt/drivers/mt7603e/src/mt7603 wifi/common modules. This vulnerability is associated with program files bn lib.C. This issue affects lede: through r25.10.1...
PT-2026-4872
Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in coolsnowwolf lede package/lean/mt/drivers/mt7615d/src/mt wifi/embedded/security modules. This vulnerability is associated with program files bn lib.C. This issue affects lede: through r25.10.1...
EUVD-2025-139224
Malicious code in nuyar-adair-bn npm...
EUVD-2018-1488
Malware in sbrugna...
EUVD-2010-4833
Malware in sbrugna...
Malicious Package
Overview @pumpfun-sdk/bn-converter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in @pumpfun-sdk/bn-converter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06bcd5e8715873a001eadde3f34011c22ba27a599e02a712fde9f44036b62fb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47264 Malicious code in @pumpfun-sdk/bn-converter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 06bcd5e8715873a001eadde3f34011c22ba27a599e02a712fde9f44036b62fb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-41608 Malicious code in sqrt-bn-enhanced (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sqrt-bn-enhanced (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41607 Malicious code in sqrt-bn (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sqrt-bn (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-3510 Malicious code in rose-bn (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b255ebbe2f749770901182d7be69641b1f7e94bacd94fff31794262c33d998af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...