55 matches found
Mattermost 跨站脚本漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. Versions of Mattermost such as 11.5.1 and earlier 11.5.x series as well as 10.11.13 and earlier 10.11.x series have a cross-site scripting vulnerability. This vulnerability arises from variables that...
CVE-2026-25656
A vulnerability has been identified in SINEC NMS All versions V4.0 SP3, User Management Component UMC All versions V2.15.2.1. The affected application permits improper modification of a configuration file by a low-privileged user. This could allow an attacker to load malicious DLLs, potentially...
MAL-2025-189180 Malicious code in report-epsilon-socket-beta-sudo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86a374b6f621a7480a7de9e738180564cc75591db6337a7b845ed16decbc25ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymer-ids-drgaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1902611482a62127cb7d36f84f2a68e042e376a7287cd6f3a84f53cda1c99c82 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-176915 Malicious code in nurai-sutaf-dafida (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b27f95a19f496852b0363c98f7bb7e79e3458feba9832f7a56895adbc7c0e353 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-170724 Malicious code in aibadali (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8157170770250bd8439e83f5856f60235c54b6f14fd20d4ca6a07a8b7caf04d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-171706 Malicious code in othmanchocolat (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb2232f757a42d85d094915a082ad94e3fef4de3497f89641a37acb5124341cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in maya-teadf-daffmulle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c82e42d3b2e3821b4af0e57f704a3eb9fa5be79e799f9c84ee8b663387ab6fd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-166436 Malicious code in sunderlan-udk-vakumnaakuli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015ad0fc4724d26ac83e32e99ad863986fb178e461a0032d6c2f6d2182d7ceb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-150041 Malicious code in @mipta1/guyk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9c3ee0d418f7af2f867e220591ee77d064cc06d6e1f08a10289d4f690d209f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164665 Malicious code in rino-poke21 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07efbad554bbee7cb8966118c993a5b20a073613f42488b60631a32f2d7c79e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-157625 Malicious code in keyla-poke56 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a891a6e90b7ff8443a72ad9279275c1158804594ae0add8f0115b88d28459fca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154669 Malicious code in dioago-kamkoi-alioulima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b61c4f326b1ce34a54bad30e8db004243ed3bc25f040d914cb9d57fb429db9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168446 Malicious code in tealove-nanami18 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45d1347ddd7e910aad31f63d3ac595afe39f0425e962e85cd06514278cf13e7a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in icha-32 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d58f6d02e5dc7eb2e6e6c2caffea488c27fc26bf0bf95ad30b19753ba18e5c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mansida-nomduai-mungu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fad9f17590d91d60a6bce1c03541d1611b87f0c25a99ffbdb35f2786f6a7d2dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141651 Malicious code in dione-subscription-winston-helios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee660994a62fdbc5057c92951e6a2739b653f0b4ae38c2fef9fdced410d1b7b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144558 Malicious code in loopback-mutation-sagitta-titan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 462802e07ab661b8ece47a77f17dbb548914d1cfa70cd1bfcbabaa8d355d0c75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140790 Malicious code in cli-cluster-duplex-eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cf68f6b5a3c1515ddb9baf8daf27c3cab617523afea0af8495b163e358be257 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141829 Malicious code in dynamo-magellan-standard-dorado (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd0e6537f0509af7748578bf409c68509f2a78dd654ab1e5524a808f98d675ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...