Malicious code in btcli-security (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b868f818b1a81f5fccee1967f70c3ff9d75c218d14ec09882c576a9c2c213e Package clones a legitimate bittensor-cli library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious...

MAL-2026-162 Malicious code in btcli-security (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4b868f818b1a81f5fccee1967f70c3ff9d75c218d14ec09882c576a9c2c213e Package clones a legitimate bittensor-cli library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious...

EUVD-2026-1628

Malicious code in sparkling-cli npm...

Malicious code in sparkling-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49e0e650696ea120abbbc0a198865731fbeea781cc9ee947bd39c8f7d76c4eab The package sparkling-cli was found to contain malicious code. Source: ghsa-malware 6185870baa4e15b65e8df51e713dcb6e3e54d79fd00389cfa0f86421cef94f6e...

MAL-2026-156 Malicious code in sparkling-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49e0e650696ea120abbbc0a198865731fbeea781cc9ee947bd39c8f7d76c4eab The package sparkling-cli was found to contain malicious code. Source: ghsa-malware 6185870baa4e15b65e8df51e713dcb6e3e54d79fd00389cfa0f86421cef94f6e...

CVE-2019-12130

In ONAP CLI through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

abc-network (>=0.1.0 <=0.1.3), accelerometry-annotator (>=3.2.0 <=3.5.3) +191 more potentially affected by CVE-2026-21883 via bokeh (>=3.0.0 <=3.8.1)

bokeh PYPI version =3.0.0, =0.1.0, =3.2.0, =0.2.1, =2.3.0, =1.0.0, =3.2.2, =0.3.1.1, =1.77.5, =0.2.0, =0.1.1, =0.1.0, =1.4.0, =1.0.1, =1.2.3 and more Source cves: CVE-2026-21883 Source advisory: SNYK:PYTHON-BOKEH-14894275...

@datatitian/vega (=5.17.0), @lumere/vega (=5.17.0) +4 more potentially affected by CVE-2025-66648 via vega-functions (>=5.8.0 <=6.0.0)

vega-functions NPM version =5.8.0, =2.5.0, =5.16.0, =5.16.0, =6.1.2 Source cves: CVE-2025-66648 Source advisory: SNYK:JS-VEGAFUNCTIONS-14872001...

MAL-2026-55 Malicious code in lium-io-gztensor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f87521be2fb53979b969dc362d41bfcf6c9f860f8d6517a76889a81dedc06a1 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

Malicious code in gztensor-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

Malicious code in common-cli-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4c7bdeaa334d938afac649a1c3195ff47bf6fef18168e78b61ad22c6252450 The package common-cli-utils was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2026-0022

Malicious code in common-cli-utils npm...

MAL-2026-2 Malicious code in common-cli-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4c7bdeaa334d938afac649a1c3195ff47bf6fef18168e78b61ad22c6252450 The package common-cli-utils was found to contain malicious code. Source: ossf-package-analysis...

Insufficiently Protected Credentials

Overview rdsai-cli is an AI-powered CLI tool for Relation database management and analysis Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insecure local storage of sensitive credentials. An attacker can exploit this by accessing the configuration...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

Exploit for CVE-2025-59532

CVE-2025-59532 Docker Environment A Docker-based research env...

CVE-2018-25145

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/mcli/', and '/tmp' to access syst...

Malicious code in chalk-cli (RubyGems)

--- -= Per source details. Do not edit below this line.=-...