2 matches found
Malicious code in rural_viper_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd9e1cc0ac354bbce939964618b4ce39289b73da160710d5a980e6c543e6d543 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-11195
Rapid7 AppSpider Pro versions below 7.5.021 are affected by a project name validation bypass. The issue arises from insufficient verification of project name uniqueness when editing the configuration file outside the application, allowing an attacker to set a project name to one that already exis...