7894 matches found
MAL-2026-1713 Malicious code in dotenv-node-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5f6b181cb56922381245597b93fd06147dd83845cd9467098172f6eab07a7c0 The package dotenv-node-cli was found to contain malicious code...
MAL-2026-1710 Malicious code in dotenv-cli-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 914751db31692fb4c83c9e8e3e2fed123b349d261368499b9caf33dc411b62cd The package dotenv-cli-node was found to contain malicious code...
Malicious code in dotenv-cli-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 914751db31692fb4c83c9e8e3e2fed123b349d261368499b9caf33dc411b62cd The package dotenv-cli-node was found to contain malicious code...
Malicious code in chain-promised-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 905259914ab893ce8ca6d455af186ca553bb76d253657ea9f38457798519c708 The package chain-promised-cli was found to contain malicious code...
MAL-2026-1690 Malicious code in chain-promised-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 905259914ab893ce8ca6d455af186ca553bb76d253657ea9f38457798519c708 The package chain-promised-cli was found to contain malicious code...
MAL-2026-1687 Malicious code in chain-cli-promised (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7e399daf13fda688fc1a6bb911c0bf7582ef52fff3eb5af58fbd8c0934b88a The package chain-cli-promised was found to contain malicious code...
Malicious code in chain-cli-promised (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7e399daf13fda688fc1a6bb911c0bf7582ef52fff3eb5af58fbd8c0934b88a The package chain-cli-promised was found to contain malicious code...
MAL-2026-1681 Malicious code in chai-promised-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48b1d1fa87c7390aa0257628dfbbff9d4a72745789925a041968bcd789764340 The package chai-promised-cli was found to contain malicious code...
Malicious code in chai-promised-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48b1d1fa87c7390aa0257628dfbbff9d4a72745789925a041968bcd789764340 The package chai-promised-cli was found to contain malicious code...
Malicious code in chai-cli-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d9f4be84db26d0ce71d5bcfda424b1af08abddc37c23d3a2ef2b4263534fde2 The package chai-cli-async was found to contain malicious code...
MAL-2026-1677 Malicious code in chai-cli-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d9f4be84db26d0ce71d5bcfda424b1af08abddc37c23d3a2ef2b4263534fde2 The package chai-cli-async was found to contain malicious code...
MAL-2026-1674 Malicious code in chai-await-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eba2ac08d1a163026221030089df15f1e10a15be587c27714e659f4a98ec51bf The package chai-await-cli was found to contain malicious code...
CVE-2026-22321
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22321 Stack-Based Buffer Overflow in CLI Login Username Handling over CLI
A stack-based buffer overflow in the device's Telnet/SSH CLI login routine occurs when a unauthenticated attacker send an oversized or unexpected username input. An overflow condition crashes the thread handling the login attempt, forcing the session to close. Because other CLI sessions remain...
CVE-2026-22320
A stack-based buffer overflow in the CLI’s TFTP file-transfer command handling can be triggered by a low-privileged attacker with Telnet/SSH access by supplying an unexpected or oversized filename input. This memory corruption affects the internal buffer, rendering the CLI and web dashboard unava...
PT-2026-26315
Name of the Vulnerable Software and Affected Versions Grafana Tempo versions prior to 2.10.3 Description A flaw exists in Grafana Tempo that results in the exposure of the S3 SSE-C encryption key in plaintext. This exposure occurs through the /status/config API endpoint. Successful exploitation...
OPENSUSE-SU-2026:10390-1 tempo-cli-2.10.3-1.1 on GA media
These are all security issues fixed in the tempo-cli-2.10.3-1.1 package on the GA media of openSUSE Tumbleweed...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182RCEExploit REC Exploit is a Python-based secur...
Malicious code in dazaar-cli (npm)
The package 'dazaar-cli' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
MAL-2026-1545 Malicious code in dazaar-cli (npm)
The package 'dazaar-cli' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...