171 matches found
MAL-2026-6498 Malicious code in dttfdsdee (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae565bed85ec0db27f1ff658c7e9491591ce40edc56f423cd8b1122bc209c69c package.json declares a postinstall script that runs automatically on npm install. The script walks the entire filesystem with find to locate databas...
CVE-2026-52808
Gogs is an open source self-hosted Git service. Prior to 0.14.3, three API endpoints — PATCH /api/v1/repos/:owner/:repo/issue-tracker, PATCH /api/v1/repos/:owner/:repo/wiki, and POST /api/v1/repos/:owner/:repo/mirror-sync — are gated by reqRepoWriter rather than reqRepoAdmin. The equivalent...
Malicious code in markdownlint-cli2-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7d5154ecbbcc636198bd2314e1916e5f0673d37ab7b14caca2ea96ad5ac5e1 Package name 'markdownlint-cli2-fix' impersonates the popular 'markdownlint-cli2' linter but contains no linter functionality — the README states...
MAL-2026-6353 Malicious code in markdownlint-cli2-fix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca7d5154ecbbcc636198bd2314e1916e5f0673d37ab7b14caca2ea96ad5ac5e1 Package name 'markdownlint-cli2-fix' impersonates the popular 'markdownlint-cli2' linter but contains no linter functionality — the README states...
GHSA-4565-R4X7-HG8J Gogs Vulnerable to Privilege Escalation via Collaboration Access Mode Validation
Summary A repository admin collaborator can escalate their privileges to owner-level access by exploiting an off-by-one error in the ChangeCollaborationAccessMode function. Vulnerable Code In internal/database/repocollaboration.go, line 129: go func r Repository ChangeCollaborationAccessModeuserI...
MAL-2026-6143 Malicious code in node-vfs-polyfill (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fb213e524ed75dcb54961d6d2ee9431ea6a32f4fdcb9d777bc260102920d81b On install, postinstall.js executes automatically and exfiltrates host reconnaissance data to attacker-controlled subdomains on oastify.com Burp...
MAL-2026-5838 Malicious code in tn-advertisement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b13ed4147b360eee88a36d9fe649dccbef37cf9019072841e697b88b6e4d3d2 On require, index.js performs an unconditional http.get to a unique subdomain of oastify.com Burp Suite Collaborator out-of-band testing...
Malicious code in vend-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ed34c4d09a0f8bb373f141d18157203eb73efec9461434a7957dfe17ba72f1 package.json declares preinstall: node index.js, causing index.js to run automatically on npm install. The script collects installer host identity...
MAL-2026-5832 Malicious code in vend-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89ed34c4d09a0f8bb373f141d18157203eb73efec9461434a7957dfe17ba72f1 package.json declares preinstall: node index.js, causing index.js to run automatically on npm install. The script collects installer host identity...
Malicious code in cardano-addresses-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d99ae2a620ac8a3db31cde344d6d1e46914f785b3d5f4b8debdb20d64fa9c75 package.json declares a preinstall hook node index.js that runs automatically on npm install. index.js collects host identifiers os.hostname,...
MAL-2026-5802 Malicious code in cardano-addresses-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d99ae2a620ac8a3db31cde344d6d1e46914f785b3d5f4b8debdb20d64fa9c75 package.json declares a preinstall hook node index.js that runs automatically on npm install. index.js collects host identifiers os.hostname,...
MAL-2026-5747 Malicious code in @giftyhq/widget-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ad3f12a6a12fbfa60e4a72747df6974f89906200568926b99a8c93c489b5e62 package.json declares "preinstall": "node index.js", which fires automatically on npm install. index.js collects host fingerprinting data —...
MAL-2026-5745 Malicious code in oa-crm-webapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00cdaf89f7ae5fd12400ea55acd4849e8e5095dfc51188d3339ecdfa5dc0f2a1 [email protected] is a dependency-confusion payload squatting an internal-sounding package name. package.json declares a postinstall hook node...
Malicious code in axl-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fbc071f0ee6323c87fa6be049a9b151217f7146605ef89b4494f7ef07e7d534 [email protected] is a dependency-confusion squat targeting an internal package name. package.json declares a postinstall hook node beacon.js that fires...
Malicious code in loadninja-shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc01a627a5f67d1af201bfe6575973437cce899d9767312d44a40369dc16cc46 [email protected] is a dependency-confusion package targeting an internal/private package namespace. package.json declares "postinstall": "node...
Malicious code in ttspc-server-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ea79d9fce12a87d3949dc748617f8077a1ae0822fadab451c27d2c8a2feb9b [email protected] declares postinstall: node index.js in package.json, so on npm install it automatically executes index.js. The script...
MAL-2026-5707 Malicious code in ttspc-server-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98ea79d9fce12a87d3949dc748617f8077a1ae0822fadab451c27d2c8a2feb9b [email protected] declares postinstall: node index.js in package.json, so on npm install it automatically executes index.js. The script...
Malicious code in eslint-plugin-mistica-local-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1d21f50741178986b63d1f330373131c2f3f502a5b94e76ca921ce185fab123 package.json declares a preinstall hook that runs index.js automatically on npm install. index.js collects host identity os.hostname, os.platform,...
MAL-2026-5703 Malicious code in eslint-plugin-mistica-local-rules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1d21f50741178986b63d1f330373131c2f3f502a5b94e76ca921ce185fab123 package.json declares a preinstall hook that runs index.js automatically on npm install. index.js collects host identity os.hostname, os.platform,...
Malicious code in @w2d/web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b8292b80f3e692b249561a14d94d2dfa0196f2377e7eee027b8dd630d251bd1 The package targets the @w2d scope with an artificially high version 2.999.999 — the canonical dependency-confusion shape designed to outrank an...