EUVD-2025-176671

Malicious code in resolvers-superflare-chalk-ini npm...

EUVD-2025-179636

Malicious code in commitlint-chalk-eclipse-init npm...

EUVD-2025-179635

Malicious code in commitlint-chalk-neptune-auriga npm...

EUVD-2025-179776

Malicious code in chalk-supercluster-repository-morgan npm...

EUVD-2025-115470

Malicious code in chalk-ganymede-delphinus-javascript npm...

EUVD-2025-115158

Malicious code in commitizen-webdriverio-chalk-figures npm...

MAL-2025-143114 Malicious code in gulp-cluster-chalk-phoenix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68d6adcdba26daeeb1c108de5db41a2f44f387d2a858d78207f3204892fc6cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-121089

Malicious code in typeorm-chalk-eslint-config-geckodriver npm...

EUVD-2025-121060

Malicious code in uglify-js-chalk-spica-zenith npm...

MAL-2025-29309 Malicious code in pino-xenon-duplex-chalk (npm)

The package pino-xenon-duplex-chalk was found to contain malicious code...

MAL-2025-41055 Malicious code in zooarchaeology-chalk-apollo-proxima (npm)

The package zooarchaeology-chalk-apollo-proxima was found to contain malicious code...

Malicious code in chalk-browserify-gulp-eventhoriz (npm)

The package chalk-browserify-gulp-eventhoriz was found to contain malicious code...

Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities

Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...

Security Bulletin: IBM QRadar Deployment Intelligence app for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Deployment Intelligence app for IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2020-24025 DESCRIPTION: node-sass...

Inefficient Regular Expression Complexity in chalk/ansi-regex

✍️ Description It allows cause a denial of service when matching crafted invalid ANSI escape codes. 🕵️‍♂️ Proof of Concept // PoC.mjs import ansiRegex from 'ansi-regex'; forvar i = 1; i = 50000; i++ var time = Date.now; var attackstr = "\u001B"+";".repeati10000; ansiRegex.testattackstr var timecost...