48168 matches found
Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in clipboard-drop (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea807812d5f872524eab6c57931788239310050ffb4c477643977def9dac8fb9 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10565 Malicious code in relative-time-live (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffd93ad946d5607c42e226106c1f1b33370e92e92cf0a407928b7349523fec4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10566 Malicious code in sight-bind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10548 Malicious code in @amedit/vercel-builder-probe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...
Malicious code in @amedit/vercel-builder-probe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fe0b29ddff65cbd65167ea905c448d928fc6da661d69df415993635bf1bd3bc When wired in as a @vercel/build-utils Builder and the exported build runs in a Vercel deployment pipeline, index.js reads the installer's...
MAL-2026-10521 Malicious code in @flcik/flick.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31c087b34f156cf2b5ae7070222a57e2d760d68f9c4c73721c2800eb7b6bf62 @flcik/[email protected] replicates the discord.js public API surface FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, th...
Malicious code in @flcik/flick.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d31c087b34f156cf2b5ae7070222a57e2d760d68f9c4c73721c2800eb7b6bf62 @flcik/[email protected] replicates the discord.js public API surface FlickClient, GatewayIntentBits, SlashCommandBuilder, ButtonStyle, MessageFlags, th...
MAL-2026-10522 Malicious code in flick-test-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67f05e70375ac31032fb4fc3abf302d1c1122bf01504f810aa74d9fe59066d36 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
PT-2026-57989
Name of the Vulnerable Software and Affected Versions OpenShift Data Foundation 4 odf-multicluster-rhel9-operator affected versions not specified OpenShift GitOps argocd-image-updater-rhel8 affected versions not specified OpenShift GitOps argocd-rhel8 affected versions not specified OpenShift...
Malicious code in nodemon-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1d2f1b3c8848137e0ec6a9897d6f4056102623f1139549c9dd928fcb4482e69 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10513 Malicious code in nodemon-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1d2f1b3c8848137e0ec6a9897d6f4056102623f1139549c9dd928fcb4482e69 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10514 Malicious code in nodemon-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c506d75221403cde50b724defdd5c71441614ab87b54ff1ffa2a24af89678e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
CVE-2026-62185 Argo CD Helm Chart < 10.0.0 Missing Network Policy RCE
Argo CD Helm Chart before 10.0.0 fails to install network policies by default, allowing any pod on a cluster to access repo-server and other Argo APIs. Attackers can exploit this unrestricted network access through combined attacks to achieve cluster compromise and remote code execution...
Malicious code in @dervix/engine.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 118dd8f5224b1dcccddf25d74c6c9fe3543b444173ea293dafa28154e82689d5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @dervix/socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c299d96dca6144eec3e8be8770c98430139e9b6b982762da448ef50b7bde06a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10474 Malicious code in @dervix/engine.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 118dd8f5224b1dcccddf25d74c6c9fe3543b444173ea293dafa28154e82689d5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10475 Malicious code in @dervix/socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c299d96dca6144eec3e8be8770c98430139e9b6b982762da448ef50b7bde06a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @gleamkit/socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d6a306142d74b2781d66322adf2bc1b9898bfdb8e1814d2cb511c3e49b75c13 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10477 Malicious code in @gleamkit/socket.io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d6a306142d74b2781d66322adf2bc1b9898bfdb8e1814d2cb511c3e49b75c13 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...