Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnChecksaid it first observed exploitation of CVE-2025-11953 aka Metro4Shell on December 21, 2025. With a...

GO-2026-4393 Rancher CLI skips TLS verification on Rancher CLI login command in github.com/rancher/rancher

Rancher CLI skips TLS verification on Rancher CLI login command in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

GHSA-MC24-7M59-4Q5P Rancher CLI skips TLS verification on Rancher CLI login command

Impact A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting...

Rancher CLI skips TLS verification on Rancher CLI login command

Impact A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting...

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2026-23864 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

Malicious code in tailwind-components-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3916984542c5471332406155adc38fde3d254e8748b6e65caa1b9680663602c The package tailwind-components-cli was found to contain malicious code. Source: ghsa-malware...

MAL-2026-543 Malicious code in tailwind-components-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3916984542c5471332406155adc38fde3d254e8748b6e65caa1b9680663602c The package tailwind-components-cli was found to contain malicious code. Source: ghsa-malware...

@saltcorn/cli (>=1.1.1 <=1.4.1-beta.3), @saltcorn/mobile-builder (>=1.1.1 <=1.4.1-beta.3) +1 more potentially affected by unknown CVE via @saltcorn/admin-models (>=1.1.1 <=1.4.1)

@saltcorn/admin-models NPM version =1.1.1, =1.1.1, =1.1.1, =1.1.1, =1.4.1-beta.3 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNADMINMODELS-15126138...

@saltcorn/cli (>=1.5.0-beta.0 <=1.5.0-beta.18), @saltcorn/mobile-builder (>=1.5.0-beta.0 <=1.5.0-beta.18) +1 more potentially affected by unknown CVE via @saltcorn/admin-models (>=1.5.0-beta.0 <=1.5.0-beta.18)

@saltcorn/admin-models NPM version =1.5.0-beta.0, =1.5.0-beta.0, =1.5.0-beta.0, =1.5.0-beta.0, =1.5.0-beta.18 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNADMINMODELS-15126138...

@saltcorn/cli (>=1.1.1 <=1.4.1-beta.3), @saltcorn/mobile-builder (>=1.1.1 <=1.4.1-beta.3) potentially affected by unknown CVE via @saltcorn/server (>=1.1.1 <=1.4.1)

@saltcorn/server NPM version =1.1.1, =1.1.1, =1.1.1, =1.4.1-beta.3 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNSERVER-15126139...

@saltcorn/cli (>=1.5.0-beta.0 <=1.5.0-beta.18), @saltcorn/mobile-builder (>=1.5.0-beta.0 <=1.5.0-beta.18) potentially affected by unknown CVE via @saltcorn/server (>=1.5.0-beta.0 <=1.5.0-beta.18)

@saltcorn/server NPM version =1.5.0-beta.0, =1.5.0-beta.0, =1.5.0-beta.0, =1.5.0-beta.18 Source cves: unknown CVE Source advisory: SNYK:JS-SALTCORNSERVER-15126139...

@saltcorn/cli (>=1.1.1 <=1.5.0-beta.18), @saltcorn/mobile-builder (>=1.1.1 <=1.5.0-beta.18) potentially affected by unknown CVE via @saltcorn/server (>=1.1.1 <=1.5.0-beta.18)

@saltcorn/server NPM version =1.1.1, =1.1.1, =1.1.1, =1.5.0-beta.18 Source cves: unknown CVE Source advisory: OSV:GHSA-CR3W-CW5W-H3FJ...

AZL-75413 CVE-2025-11065 affecting package docker-cli 25.0.7-1

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

GHSA-8RRH-RW8J-W5FX vulnerabilities

Vulnerabilities for packages: superset, kserve, py3-setuptools, py3-virtualenv, airflow, pip-zipapp, mlflow, datadog-agent, open-webui, aws-cli, pypy-3.11, semgrep, kubeflow-jupyter-web-app, tensorflow-cpu-jupyter, dask-kubernetes, emissary, pypy-3.10, kubeflow-katib...

GHSA-8RRH-RW8J-W5FX vulnerabilities

Vulnerabilities for packages: ansible-operator-fips, label-studio, datadog-agent, pip-zipapp, datadog-agent-fips, tensorflow-cpu-jupyter, apache-beam-python-3.11-sdk, awx, azure-functions-python-worker, nemo, kubeflow-katib, py3-setuptools, emissary, dbt-bigquery, aws-cli, py3-virtualenv,...

SUSE SLES12 Security Update : azure-cli-core (SUSE-SU-2026:0273-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0273-1 advisory. - CVE-2025-24049: Fix improper neutralization of special elements used in a command which allows an unauthorized attacker to elevate...

CVE-2026-24117 vulnerabilities

Vulnerabilities for packages: zot, kyverno-notation-aws, witness, cosign, falcoctl, trivy-operator, tekton-chains, gh, skaffold, buildkitd, gitsign, crossplane, zarf, tflint, goreleaser, spire-server, teleport, neuvector-sigstore-interface, slsa-verifier, tkn, kyverno, trivy, policy-controller,...

SUSE-SU-2026:0273-1 Security update for azure-cli-core

This update for azure-cli-core fixes the following issues: - CVE-2025-24049: Fix improper neutralization of special elements used in a command which allows an unauthorized attacker to elevate privileges locally. bsc1239460...

CVE-2026-0775

The CVE-2026-0775 entry concerns npm cli. Affected component: the module-loading path in npm cli, where modules are loaded from an unsecured location. Root cause: incorrect permission assignment that allows a local attacker who can run low-privileged code to escalate privileges and execute arbitr...

CVE-2026-0775 npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability

npm cli Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of npm cli. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploi...