Malicious code in @business_promocode/cancel_promocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 002798d60b98859a68bc9daf0ebaf7794b8d83973b69fb4c8bfe9979f685e51d The package @businesspromocode/cancelpromocode was found to contain malicious code. Source: ghsa-malware...

Malicious code in @business_promocode/apply_promocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5adac459fd1c8fca06e818942c9a98e6f798828163fadd996266ae7660132ae7 The package @businesspromocode/applypromocode was found to contain malicious code. Source: ghsa-malware...

Malicious code in @apple-pay-trust/finish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9abd2d210c4a5df0e95f326e80b2e6618647c03ba4158e1d6ffbd36d9f7b800a The package @apple-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...

Malicious code in @apiary-annex/title (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a21d55a19694bb77a748bff53e74597f9c1ed88df95f421975af40efe38a4183 The package @apiary-annex/title was found to contain malicious code. Source: ghsa-malware...

CVE-2026-7124 Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack ca...

MAL-2026-3124 Malicious code in apple-internal-dev-check (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

mcp-stdio-exploit

MCP STDIO Exploit: A Local Reimplementation Vulnerability...

📄 Vienna Assistant 1.2.542 macOS Privilege Escalation

A macOS helper service interface implemented via NSXPC was observed exposing methods that may allow privileged operations such as file writing and command execution through a remote proxy connection...

MAL-2026-3057 Malicious code in @clearpool/streaming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector febaceb862fd80f68bdcefbbed2667f056ba0b09cc0607d92962dd0d1c2a8b5d The package @clearpool/streaming was found to contain malicious code. Source: ghsa-malware...

Malicious code in @clearpool/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81591bb660ad3ae2036615d00a3ff6960ccd2f36789a4f0df65a53ea7a557336 package.json declares preinstall and install lifecycle hooks that collect installer-identifying data whoami, hostname, pwd, $npmpackagename,...

MAL-2026-3080 Malicious code in frank-bot-gogle-cloning (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44bf385867bdd18d9634c115e9e423146f198038e6fdb1d6dca9c95743f3af4b The package frank-bot-gogle-cloning was found to contain malicious code. Source: ossf-package-analysis...

GHSA-RPM5-65CW-6HJ4 GitPython has Command Injection via Git options bypass

Summary GitPython blocks dangerous Git options such as --upload-pack and --receive-pack by default, but the equivalent Python kwargs uploadpack and receivepack bypass that check. If an application passes attacker-controlled kwargs into Repo.clonefrom, Remote.fetch, Remote.pull, or Remote.push, th...

LiteLLM: Authenticated command execution via MCP stdio test endpoints

Impact Two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full server configuration in the request body, including the command, args, and env fields used by the stdio transport. When called with a stdio...

Malicious code in @google-pay-trust/authorize-payment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34948be5ad2a3e52a1e1c577dafd82b6711762743bfd51bfd6433e7a780f7e36 The package @google-pay-trust/authorize-payment was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3064 Malicious code in @google-pay-trust/init-google-pay (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 155365fdfef6534b365ca7ef2fd9ec698aa3a0af9e1130483658eba525f70e81 The package @google-pay-trust/init-google-pay was found to contain malicious code. Source: ghsa-malware...

Malicious code in @tw-marionette/input (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6b93bf39d5351c220722a3326600c9855309a8e76cb6e10b8cff20f0d9bb102 The package @tw-marionette/input was found to contain malicious code. Source: ghsa-malware...

Malicious code in axis-abc-portal-menu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84dbd03fbc7970d1f3fc987743f698a9ea6a0af44ea2b89d0f2c1cbaa397f933 The package axis-abc-portal-menu was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in axis-abc-search-account (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 940253e64eab64d76178b547ceb87731aad0dbba1ca1f988571af776564c891b The package axis-abc-search-account was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3069 Malicious code in @tochka-ui/foundation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9575f5fa03036022a473218e67ec437c95aa1e3c0768e1006762695c772705c8 The package @tochka-ui/foundation was found to contain malicious code. Source: ghsa-malware...

MAL-2026-3060 Malicious code in @frengki0707/google-cloud-clone (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a278202a1e4a54c185b707e1eeed0b0df0438168bcec4a2a5b5741bcbd8a5e5c The package @frengki0707/google-cloud-clone was found to contain malicious code. Source: ossf-package-analysis...