MAL-2026-2051 Malicious code in @emilgroup/insurance-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc13f3218d4cac889a3d7c9d646430c04959f242c5c6cb593d3a31f84baa7a4 The package @emilgroup/insurance-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/api-documentation (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58c245a310d05383d1fdf2e98691e5ea42d0505bdab8e27120537609d6bb4acd The package @emilgroup/api-documentation was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2071 Malicious code in react-leaflet-cluster-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0518fae392cbcd2e3f43b08af24b6736a313bcc053d67bfece2c36c7e609373 The package react-leaflet-cluster-layer was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2065 Malicious code in @opengov/ppf-eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9589ba5a93df27f74e2153118cf450e51df3df58d8c7abd8e4043cf28c0d8bf The package @opengov/ppf-eslint-config was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2027 Malicious code in opengov-k6-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d6d3e0e21551377d17f0e85338f6ea9650b7c18f717b6e1060b1d50962ed112 The package opengov-k6-core was found to contain malicious code. Source: ghsa-malware 1370c540f2157e1e42d9edb109b0b6c57f27d35cfcfd8ebef2a5dc2d44db6e3...

EUVD-2019-19839

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

CVE-2019-25545

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

CVE-2019-25568

Memu Play 6.0.7 contains an insecure file-permissions vulnerability that enables privilege escalation by replacing MemuService.exe in the installation directory with a malicious executable. An attacker can rename/overwrite MemuService.exe, causing the service to run at system level upon reboot. T...

CVE-2019-25545

Terminal Services Manager 3.2.1 contains a local buffer overflow in the computer name field (during computer addition). A 5000‑byte input in the 'Computer name or IP address' field can crash the server entry, causing a denial of service when the server entry is accessed. The impact is a LOCAL, HI...

CVE-2019-25545 Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

CVE-2019-25545

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

CVE-2019-25545 Terminal Services Manager 3.2.1 Local Buffer Overflow Denial of Service

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-propagating worm dubbed CanisterWorm. The name is a reference...

LizardSystems Terminal Services Manager 缓冲区错误漏洞

LizardSystems Terminal Services Manager is a terminal service management software developed by LizardSystems Corporation. Version 3.2.1 of LizardSystems Terminal Services Manager contains a buffer error vulnerability. This vulnerability stems from a local buffer overflow in the computer name fiel...

PT-2026-26890

Terminal Services Manager 3.2.1 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string in the computer name field. Attackers can input a 5000-byte buffer of data into the 'Computer name or IP address' field during...

Malicious code in innocent-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a43dfe9cc2eebd7f30e81c4d84f86e0375a8f68621f3dd52156c93a9062e67c7 The package innocent-pkg was found to contain malicious code. Source: ghsa-malware e6e3d2128a98a7bfca4b4ef2d91cc684dad0a7386877a5673ecb0911489bbd7a A...

MAL-2026-1974 Malicious code in @fr3newera/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fba6d334ab723d77261982b048c8728dfdd60454bac47a0c23322ac7251e4c8 The package @fr3newera/baileys was found to contain malicious code. Source: ghsa-malware...

Malicious code in xyztttxyz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ec60812ab8ac06f92ad0543c7a16f930da49afbc1ca5e10e6cabffe3ffe1ddb The package xyztttxyz was found to contain malicious code. Source: ghsa-malware c7299da569fb2428ffb4bcb1641a07a7879e89460f46405e2257197a6f4fe2a3 Any...

Malicious code in xyzttt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bf8be86e9fbf67b0bd783470b31f222a90f7723388dac7deb1b168e658cf45e The package xyzttt was found to contain malicious code. Source: ghsa-malware f9a2092cb0041e877889c537a1e182d10e0fd642e2bcdb26daa6e8e8a2f7077a Any...

MAL-2026-1982 Malicious code in xyztttxyz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ec60812ab8ac06f92ad0543c7a16f930da49afbc1ca5e10e6cabffe3ffe1ddb The package xyztttxyz was found to contain malicious code. Source: ghsa-malware c7299da569fb2428ffb4bcb1641a07a7879e89460f46405e2257197a6f4fe2a3 Any...