Malicious code in walmart-shared-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6bfb508fa412e49b249eaf5529f175ebb14f0e7d9fe19a119e8cc9acf25505a Package declares preinstall: node poc.js, which on npm install collects host identity os.hostname, whoami/id, ipconfig/ip a output, scrapes environme...

CVE-2026-9368

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...

CVE-2026-9368 NousResearch hermes-agent Environment Variable code_execution_tool.py execute_code sandbox

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...

CVE-2026-9368

The CVE-2026-9368 entry concerns NousResearch Hermes-agent (up to version 2026.4.16) in the Environment Variable Handler, specifically the execute_code function within tools/code_execution_tool.py. The description indicates a sandbox-related issue caused by manipulation of the environment variabl...

CVE-2026-9368

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...

EUVD-2026-31582

A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function executecode of the file tools/codeexecutiontool.py of the component Environment Variable Handler. Such manipulation leads to sandbox issue. It is possible to launch the attack remotely. The...

Hermes Agent 安全漏洞

Hermes Agent is an AI agent tool developed by Nous Research, featuring self-learning capabilities. Versions of Hermes Agent prior to 2026.4.16 contained a security vulnerability. This vulnerability stemmed from improper handling of the executecode function in the Environment Variable Handler...

PT-2026-42928

Name of the Vulnerable Software and Affected Versions hermes-agent versions prior to 2026.4.17 Description A remote attack can be launched against the Environment Variable Handler component. The issue resides in the execute code function within the tools/code execution tool.py file, where...

GHSA-7HH5-PRP2-MFH5 Cleartext storage of HMAC signing key in Amazon SageMaker Python SDK ModelBuilder/Serve path

Summary Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. An issue exists where, under certain circumstances, the ModelBuilder/Serve component stores an HMAC signing key in cleartext as a container environment variable,...

Cleartext storage of HMAC signing key in Amazon SageMaker Python SDK ModelBuilder/Serve path

Summary Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. An issue exists where, under certain circumstances, the ModelBuilder/Serve component stores an HMAC signing key in cleartext as a container environment variable,...

MAL-2026-4382 Malicious code in @djessicatony/folk-mcp-canary (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a504172fe0e456bd96cf7b4f9a6b6dda65dee7bd573833bbf5963b0be7a05ae8 index.js contains a beacon-style exfiltration primitive: a fetch POST at line 60-61 sends process.env data read at lines 30 and 34 to a hardcoded...

Malicious code in polymarket-trade (npm)

A coordinated supply-chain attack comprising 9 npm packages published by maintainer polymarketdev GitHub actor texsellix, repo texsellix/polymarket-trading-bot within a 2-minute window on 2026-05-20T23:30Z–23:32Z. All packages masquerade as legitimate Polymarket CLOB trading tools while...

MAL-2026-4498 Malicious code in bitrix24-tasks-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bab6892c4cbccd8f2a92bfc67413a5c5c300a691b104e064f126805e66a3842f build/bitrix24/client.js line 6-7 declares const BITRIX24WEBHOOKURL = process.env.BITRIX24WEBHOOKURL ||...

Malicious code in bitrix24-tasks-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bab6892c4cbccd8f2a92bfc67413a5c5c300a691b104e064f126805e66a3842f build/bitrix24/client.js line 6-7 declares const BITRIX24WEBHOOKURL = process.env.BITRIX24WEBHOOKURL ||...

Astra Linux - уязвимость в mtr

In certain privileged contexts, mtr improperly handles the execution of a program specified by the MTRPACKET environment variable. NOTE: On macOS, mtr may often be subject to sudo rules, as a result of Homebrew not installing setuid binaries...

Astra Linux - уязвимость в grub2

A flaw was discovered in grub2. During the network boot process, when attempting to search for the configuration file, grub copies data from a user-controlled environment variable into an internal buffer using the grubstrcpy function. During this step, it fails to consider the length of the...

MAL-2026-4608 Malicious code in mcp-server-iehub-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba03746ec3542dbe6ea365d04c04a7b9ac1366a547da3a6e7bc146900ad67a51 proxy.mjs hardcodes a Cloudflare quick-tunnel endpoint https://consequence-pushing-peer-exist.trycloudflare.com and uses fetch... POST... with...

ALPINE-CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

DEBIAN-CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...

CVE-2026-45232

Rsync versions before 3.4.3 contain an off-by-one out-of-bounds stack write vulnerability in the establishproxyconnection function in socket.c that allows network attackers to corrupt stack memory by sending a malformed HTTP proxy response. Attackers can exploit this by positioning themselves...