EUVD-2025-27489

Malicious code in bioql PyPI...

EUVD-2025-22503

Malicious code in bioql PyPI...

EUVD-2024-35453

Malicious code in bioql PyPI...

EUVD-2024-35454

Malicious code in bioql PyPI...

EUVD-2022-3456

Malicious code in bioql PyPI...

EUVD-2025-32283

Malicious code in bioql PyPI...

CVE-2025-9333

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2025-9333 Smart Docs <= 1.1.1 - Authenticated (Admin+) Stored Cross-Site Scripting

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

WordPress plugin Smart Docs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-40495

The Smart Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

Malicious Package

Overview plonkscript-docs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

@arcblock/gatsby-theme-docs (>=5.7.0 <=7.34.5), @changeinc/components (>=1.0.4 <=1.0.20) +87 more potentially affected by CVE-2025-3193 via algoliasearch-helper (>=2.13.0 <=2.2.0)

algoliasearch-helper NPM version =2.13.0, =5.7.0, =1.0.4, =1.0.4, =1.0.0, =2.2.1-custom, =0.0.7, =0.1.2, =0.1.4, =0.2.3, =0.2.1, =0.0.1, =2.0.0, =0.0.0, =1.9.0, =1.0.0, =1.4.2 and more Source cves: CVE-2025-3193 Source advisory: OSV:GHSA-529Q-4J3P-7C5R...

Malicious code in model-viewer-docs (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47689 Malicious code in model-viewer-docs (npm)

--- -= Per source details. Do not edit below this line.=-...

Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.6.5 release.

Red Hat Developer Hub 1.6.5 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

GHSA-XH92-RQRQ-227V Mastra Docs MCP Server `@mastra/mcp-docs-server` Leads to Information Exposure

The Mastra Docs MCP Server package @mastra/mcp-docs-server is a server designed to provide documentation context to AI agentic workflows, such as those used in AI-powered IDEs. Resources: Package URL: https://www.npmjs.com/package/@mastra/mcp-docs-server ----- Overview The @mastra/mcp-docs-server...

Security update for git

This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.7.1 release.

Red Hat Developer Hub 1.7.1 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

@bnsights-test/test-admin-portal (>=0.0.57 <=0.0.60), @bnsights/bbsf-admin-portal (>=1.0.0 <=1.2.19) +5 more potentially affected by unknown CVE via ng2-file-upload (=8.0.0)

ng2-file-upload NPM version =8.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @bnsights-test/test-admin-portal =0.0.57, =1.0.0, =1.0.194-beta.19-1, =49.0.0, =12.0.0, =1.4.0-A19, =14.1.0, =14.3.0 Source cves:...

@ottimis/angular-utils (>=1.3.36 <=5.6.1), @solidpepper/solidpepper-modal-media-selection (>=1.0.2 <=1.0.5) +3 more potentially affected by unknown CVE via ng2-file-upload (=9.0.0)

ng2-file-upload NPM version =9.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @ottimis/angular-utils =1.3.36, =1.0.2, =1.4.1-A20, =0.1.4, =0.1.31 Source cves: unknown CVE Source advisory:...