15467 matches found
MAL-2026-1005 Malicious code in argon-web3-chain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608cea5b2c28269fa6aa53d4dcd211b83843a935732729e7ec08a2a2130d9209 The package argon-web3-chain was found to contain malicious code. Source: ghsa-malware 6680014069f64072ffb4e22ed7e3779a0b88e7c503644cb0a491d67605078c...
MAL-2026-1010 Malicious code in modify-setting (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48505e42b99b10152a5e8587fc88350de886a6ff02ca5b70ada3d90c9a7e980f The package modify-setting was found to contain malicious code. Source: ghsa-malware 3420a3d9050f94ba247ff8853e7a7f98ee33ca16a7beda959c53463992b65c24...
CVE-2025-63946
A privilege escalation PE vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition...
CVE-2025-63946
CVE-2025-63946 is a local privilege escalation in Tencent PC Manager (Windows), up to v17.10.28554.205. The root cause is a race condition in handling a temporary folder under C:\Windows\Temp (pcmgr_scan_tmp_) used by QQPCRTP.exe, enabling a non-privileged user to trigger SYSTEM-level file operat...
Malicious code in naniod (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 770f12de16c059d53c80a9f7e99035fcf1f454cefcedcf6ad4e7893e8a775726 The package naniod was found to contain malicious code. Source: ghsa-malware 5956bf743e4cd707100421a35c80a88d7dfd99a213b2c584c50b27bcf12e0952 Any...
Malicious code in crypto-locale (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e346cfc58b0d84fb5b56985729f7ec92a226ef106b0ab10f299e65a62028834d The package crypto-locale was found to contain malicious code. Source: ghsa-malware 00686734db6a3f5477c1047f779749296dddb0c7eab5294000e13ed7b194c74d...
MAL-2026-960 Malicious code in hardhta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc27417b62c3ad399e369577764608120ee2b3662367f1d51bf5fb8378560bcf The package hardhta was found to contain malicious code. Source: ghsa-malware e4174e96a92d9c0d7bbe499ed40d2e4cab9635c61471a1602fd117d8115e2d38 Any...
MAL-2026-971 Malicious code in suport-color (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa28b384b2a4def64b3573ce8177cb8db3790508b4ad7b2b92345ffa222193e8 The package suport-color was found to contain malicious code. Source: ghsa-malware ca2fb15b3d908dd99e112e290646122d415a0a43d135631603a0a007e172ef8f A...
Malicious code in iruchache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89a5662924927fa4f51ea9338e9e71722d8554754b9c6a42d20651fbf209ed1 The package iruchache was found to contain malicious code. Source: ghsa-malware b44470c4008c04639889f53b9b4ab430335013659859007be3c55f551d2d68a9 Any...
MAL-2026-962 Malicious code in iruchache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89a5662924927fa4f51ea9338e9e71722d8554754b9c6a42d20651fbf209ed1 The package iruchache was found to contain malicious code. Source: ghsa-malware b44470c4008c04639889f53b9b4ab430335013659859007be3c55f551d2d68a9 Any...
MAL-2026-953 Malicious code in cloude (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b744a4fe3734f90aaf8d25e66146a0673fa2e1a806c8d6a573d9a7013ca04b6 The package cloude was found to contain malicious code. Source: ghsa-malware b64dc9c2967ed5f2f54160b6bd780fb24ad29af8c22355f706b026ea25c3b3e1 Any...
MAL-2026-952 Malicious code in claud-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 858992810c1a4133d95b6fa19033c07591db548a46df39b67e0d393d7dd212ad The package claud-code was found to contain malicious code. Source: ghsa-malware 5fe9842d778d45ad5b5e4d81db678d608711dd4b186e053569dae6f210481651 Any...
UBUNTU-CVE-2025-71235
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Delay module unload while fabric scan in progress System crash seen during load/unload test in a loop. 105954.384919 RBP: ffff914589838dc0 R08: 0000000000000000 R09: 0000000000000086 105954.384920 R10:...
Stable Channel Update for Desktop
The Stable channel has been updated to 145.0.7632.109/110 for Windows/Mac and 145.0.7632.109 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
OpenClaw macOS deep link confirmation truncation can conceal executed agent message
Summary OpenClaw macOS desktop client registers the openclaw:// URL scheme. For openclaw://agent deep links without an unattended key, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full message after the user clicked...
Malicious code in webpack-vite (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f7b28a9002453a46c97bba5ad0790e13ba1ba656971e78de46edf6efcd53154 The package webpack-vite was found to contain malicious code. Source: ghsa-malware cd525d679fa448615bd48fe06d94f5cd6d94cb97f6ae72ae6afbb179027cce9c A...
MAL-2026-895 Malicious code in json-mapping-src (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc958aaacb5ea616283510ccda98b0a4634c35d348eece1613366ac66ad41abb The package json-mapping-src was found to contain malicious code. Source: ghsa-malware 8e7f8a61a6a361880bea88321b1f130627266e5f1d54e8aa9d9f47d64c99db...
MAL-2026-872 Malicious code in stylelint-recommended (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3f0d274dda57eb9c09967bc0bfad1709fd8ddcbf3ec4c0e7e9828826e6d0d9a The package stylelint-recommended was found to contain malicious code. Source: ghsa-malware...
Malicious code in systemtest-network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8fadd3f7e7470daeb4e977c85dbe226a9225b2c4eae6c269a4d85fc01e96681 The package systemtest-network was found to contain malicious code. Source: ghsa-malware...
MAL-2026-859 Malicious code in systemtest-network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8fadd3f7e7470daeb4e977c85dbe226a9225b2c4eae6c269a4d85fc01e96681 The package systemtest-network was found to contain malicious code. Source: ghsa-malware...