Lucene search
+L

4 matches found

CVE
CVE
added 3 days ago21 views

CVE-2026-46421

The CVE concerns a supply-chain compromise in the SAP Cloud Application Programming Model’s cap-js/cds-dbs monorepo. On 2026-04-29, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published; these malicious packages harvested credentials (n...

9.3CVSS6.1AI score0.00384EPSS
Exploits0References4
OSV
OSV
added 2026/05/20 3:33 p.m.9 views

GHSA-PVW4-CVR4-97P8 Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)

Impact On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that...

9.3CVSS5.8AI score0.00384EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/05/20 3:33 p.m.22 views

Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)

Impact On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that...

9.3CVSS5.8AI score0.00384EPSS
Exploits0References5Affected Software3
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.13 views

PT-2026-42206

Name of the Vulnerable Software and Affected Versions @cap-js/sqlite version 2.2.2 @cap-js/postgres version 2.2.2 @cap-js/db-service version 2.10.1 Description Compromised versions of these packages were published to harvest credentials and attempt self-propagation. If installed, any credentials...

9.3CVSS6.1AI score0.00384EPSS
Exploits0References10
Rows per page
Query Builder