1214 matches found
CVE-2026-22221
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
MAL-2026-642 Malicious code in @hemanshu_patil/xcode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92580bc2a85c310fea71fe37f7acd35ce4f2662de3983ddd9357a4391208c790 The package @hemanshupatil/xcode was found to contain malicious code. Source: ghsa-malware...
MAL-2026-565 Malicious code in converse-rn-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5d76925473e0e05137943f3ba72835d43a14fecbcd07a36ff4f8b362342a303 The package converse-rn-lib was found to contain malicious code. Source: ghsa-malware 2d5c359e434d151a2156ad29e2d3b287cd665dd67ede66ac8c32a968f2ebaef...
MAL-2026-529 Malicious code in fileupload-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cfeee070d9e37cd2dda0d7557f93098e1589be17d77ff38abf265f564574ca3 The package fileupload-core was found to contain malicious code. Source: ghsa-malware aa58dfc19074922a9db4713e1aa1c17edc8de5a937d01a5c08271d4940bcc38...
MAL-2026-516 Malicious code in overstock-login-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 359cd99825c90001defddafc25d74d784b4e71a75a8adf92e90f2371dbf8a124 The package overstock-login-layer was found to contain malicious code. Source: ghsa-malware...
MAL-2026-487 Malicious code in ntwsc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 101f5ffdce019ee61ce0775bc9de5dba96de50e5e03e8fd70ac1b30b28cf13e0 The package ntwsc was found to contain malicious code. Source: ghsa-malware ef0dd5d822ddc7c0a00339f31b43d1a99cf79532857cdd157bf1eeb4b2a31ea2 Any...
Malicious code in aligntype (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00d265590e58665b4942474738b7d5beca8f636eb79e8761f736088d603f9277 The package aligntype was found to contain malicious code. Source: ghsa-malware b0d41c223d47ebc018df2b4ee07cde5c197d028c7b973a32f34bcb4e19e9a7fd Any...
Malicious code in hw-app-eth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b26da97535a707e0e93acd8bc34d6e7ad13756f38c37d34b362a36d4dbdef24a The package hw-app-eth was found to contain malicious code. Source: ghsa-malware 2f92f05cefb6ff5250762470390af00c1d4ccaf51b04cf8f1c15ab1721573a3f Any...
Malicious code in chai-dex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f3981723ad48f842f54ac0b50b2d0002851c9aa3843894eb2b3032c5e9e49ce The package chai-dex was found to contain malicious code. Source: ghsa-malware 553083422e15551842621151db7ca73578cf9dcc235c0bec2fab4493009bea34 Any...
Malicious code in manage-root (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ade61c26597c5b0a24785713d87a304ddf30ae13dd50c69ba89e653ec4c2729 The package manage-root was found to contain malicious code. Source: ghsa-malware 6b0fc8397f56e86ac97a5adedd2c89de19045dffbdabbf982ffcf5944449b178 An...
Malicious code in natateste (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 223884e033273ef49ab45ba4ac8c051419acbd5c7613c862e86fea2a817d5226 The package natateste was found to contain malicious code. Source: ghsa-malware b2bc57aed3208a3a97a2ed539e0782979641ab8312a75dcdb5056540c564d870 Any...
Malicious code in webmd-debug (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5693e1af021faa1bcf410e9bdf757b9deebbae4505daa969275ef365e719227 The package webmd-debug was found to contain malicious code. Source: ghsa-malware b74e0fa5da459a8e2a346f0ad74dcf61ebdf972a7840b7f61292e46ea5aa58db An...
MAL-2026-243 Malicious code in francium-web-visitors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72629df67c0b81a1d120987aca534bd8096a0cbb2a9898a327a2dc2d1b8a0a49 The package francium-web-visitors was found to contain malicious code. Source: ghsa-malware...
MAL-2026-233 Malicious code in simple-string-utils3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13d9f9db863d718f528caa234dfa722b2631eb76195f504f47670898aeb0634a The package simple-string-utils3 was found to contain malicious code. Source: ghsa-malware...
Malicious code in @workleap-widgets/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef0a9fe50f30201e6a1a6a853aa62e6b2b64237598b60ac59e8c74974d8e33ca The package @workleap-widgets/client was found to contain malicious code. Source: ghsa-malware...
CVE-2025-68719
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user is logged in and maintains an active session, an attacker can directly query the backup endpoint and download a full configuration archive. This archive contains sensitive files such as /etc/shadow,...
Malicious code in chai-tests-async (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b1116b21de9a6d4e20096c4af06f91c10ce3eaadd3d722923988084ddd4899a The package chai-tests-async was found to contain malicious code. Source: ghsa-malware dcf794e17cf7abc4b2cb2473da8d9425c720cdcf72e279adab300048154cd6...
CVE-2025-68719
CVE-2025-68719 affects KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1. The issue is a configuration management flaw that allows an authenticated user with an active session to access the backup endpoint and download a full configuration archive, including sensitive files such as /etc/shadow. Th...
MAL-2026-139 Malicious code in rt-global-nav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02bd8de33c5be198041c736003639439fad9b5df269d489cc4ab29b59191cab7 The package rt-global-nav was found to contain malicious code. Source: ghsa-malware e72ac5f9f497c4ba74c3c745f0cbfce94d7acf109ca98ff38f916fd8afa59e0f...
MAL-2026-123 Malicious code in wifzap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3be4876590c997a82e63ea5e8f107a5045d475a221e64ce755c478c2e10270d9 The package wifzap was found to contain malicious code. Source: ghsa-malware 1e5ec30d2613d271e1254cf809673eeac52f74766ce48c5e8c59f291e2c37b9f Any...