Command Injection

Overview aws-cdk-lib is a Version 2 of the AWS Cloud Development Kit library Affected versions of this package are vulnerable to Command Injection via the NodejsFunction local bundling pipeline, when an attacker controls the value of one or more of the properties externalModules, define, loader,...

CVE-2026-11417

OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow an actor who controls the value of one or more bundling properties externalModules, define, loader, inject, or esbuildArgs to execute arbitrary commands on the host...

CVE-2026-11417 OS Command Injection in NodejsFunction Bundling in aws-cdk-lib

OS command injection in the NodejsFunction local bundling pipeline in aws-cdk-lib before 2.245.0 2.246.0 on Windows might allow an actor who controls the value of one or more bundling properties externalModules, define, loader, inject, or esbuildArgs to execute arbitrary commands on the host...

PT-2026-48489

Name of the Vulnerable Software and Affected Versions aws-cdk-lib versions prior to 2.245.0 aws-cdk-lib versions prior to 2.246.0 Windows Description OS command injection exists in the NodejsFunction local bundling pipeline. An actor who controls the value of one or more bundling...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

Malicious Package

Overview reactive-cdk-app is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2026-4255 Malicious code in cdk-sagemaker-notebook-workflow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cc9c1db01ca14b294be21438478ec14dc6549a4b7b9ec5cf73dd7aa227f7ad8 The package declares a preinstall hook node index.js in package.json that fires automatically on npm install. The script collects os.hostname,...

Malicious code in reactive-cdk-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84d7572f96294e867b18a0448ac0e70af3d08769749aa73388b38d88492559e4 package.json declares preinstall: node index.js, so installation automatically executes index.js. The script reads /etc/passwd via fs.readFileSync,...

MAL-2026-4254 Malicious code in reactive-cdk-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84d7572f96294e867b18a0448ac0e70af3d08769749aa73388b38d88492559e4 package.json declares preinstall: node index.js, so installation automatically executes index.js. The script reads /etc/passwd via fs.readFileSync,...

EUVD-2025-10958

Malicious code in bioql PyPI...

EUVD-2025-9050

Malicious code in bioql PyPI...

EUVD-2025-7905

Malicious code in bioql PyPI...

MAL-2025-7848 Malicious code in @epc-tools/testutil-cdk-expect-policy (npm)

The package @epc-tools/testutil-cdk-expect-policy was found to contain malicious code...

Malicious code in @epc-tools/testutil-cdk-expect-policy (npm)

The package @epc-tools/testutil-cdk-expect-policy was found to contain malicious code...

Malicious code in cdk-integ-tools (npm)

The package cdk-integ-tools was found to contain malicious code...

MAL-2025-16694 Malicious code in cdk-integ-tools (npm)

The package cdk-integ-tools was found to contain malicious code...

Malicious code in @evt-cdk/codepipeline (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6830 Malicious code in @evt-cdk/codepipeline (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in @evt-cdk/core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8a0ad11a64b544d80bc12997810cd5b4bf68f64136221617a6f7d54173491f7 The OpenSSF Package Analysis project identified '@evt-cdk/core' @ 7.0...

MAL-2025-6831 Malicious code in @evt-cdk/core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8a0ad11a64b544d80bc12997810cd5b4bf68f64136221617a6f7d54173491f7 The OpenSSF Package Analysis project identified '@evt-cdk/core' @ 7.0...