agent-skill-poc

Agent Skill POC - LLM-driven Interactive CLI Agent An LLM-dri...

CVE-2026-33252 vulnerabilities

Vulnerabilities for packages: ferretdb, flux-operator, glab, opencost, gitlab-workhorse-ce-fips, osv-scanner, jaeger-fips, flux-operator-fips, jaeger, datadog-agent, livekit-cli, opencost-fips, datadog-agent-fips, gitlab-workhorse-ce...

GHSA-Q382-VC8Q-7JHJ vulnerabilities

Vulnerabilities for packages: ferretdb, flux-operator, glab, opencost, gitlab-workhorse-ce-fips, osv-scanner, jaeger-fips, flux-operator-fips, jaeger, datadog-agent, livekit-cli, opencost-fips, datadog-agent-fips, gitlab-workhorse-ce...

GHSA-89XV-2J6F-QHC8 vulnerabilities

Vulnerabilities for packages: ferretdb, flux-operator, glab, opencost, gitlab-workhorse-ce-fips, osv-scanner, jaeger-fips, flux-operator-fips, jaeger, datadog-agent, livekit-cli, opencost-fips, datadog-agent-fips, gitlab-workhorse-ce...

Malicious Package

Overview novi-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview couplus-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

MAL-2026-1961 Malicious code in novi-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...

Malicious code in couplus-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...

MAL-2026-1944 Malicious code in couplus-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...

Malicious code in novi-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...

tempo-cli-2.10.3-1.1 on GA media (moderate)

tempo-cli-2.10.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10390-1 Rating: moderate Cross-References: CVE-2026-28377 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

CVE-2026-33002

A flaw was found in Jenkins. A remote attacker could exploit a vulnerability in the origin validation of requests made through the Command Line Interface CLI WebSocket endpoint. By manipulating the Host or X-Forwarded-Host HTTP headers, an attacker can perform Domain Name System DNS rebinding...

au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +322 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4 (>=0.0.1 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.r4 MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

GHSA-PHHV-63FH-RRC8 Jenkins has a DNS rebinding vulnerability in WebSocket CLI origin validation

Jenkins 2.442 through 2.554 both inclusive, LTS 2.426.3 through LTS 2.541.2 both inclusive performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable t...

Insecure Temporary File

Overview @capgo/cli is an A CLI to upload to capgo servers Affected versions of this package are vulnerable to Insecure Temporary File via unsafe file operations that follow symlinks and do not enforce secure permissions. An attacker can overwrite arbitrary files or expose sensitive credential...

CVE-2026-33002

Jenkins 2.442 through 2.554 both inclusive, LTS 2.426.3 through LTS 2.541.2 both inclusive performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable t...

MAL-2026-1802 Malicious code in node-cli-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b7df6bef20ed41b1a5c7e3ca57da4665f799cfcc6d6cf27b6dc87f8fa0560bc The package node-cli-dotenv was found to contain malicious code...

MAL-2026-1712 Malicious code in dotenv-mono-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...

Malicious code in dotenv-node-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5f6b181cb56922381245597b93fd06147dd83845cd9467098172f6eab07a7c0 The package dotenv-node-cli was found to contain malicious code...

Malicious code in dotenv-mono-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78e4774845081c77828c11c246f1224738c74e91df84182defb19b32ff6a8757 The package dotenv-mono-cli was found to contain malicious code...