18 matches found
PT-2026-49759
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.2 Description An environment variable injection exists where workspace .env files can influence the Python runtime selection during Gmail setup gcloud execution. Attackers with repository access can manipulate...
CVE-2026-44346
CVE-2026-44346 affects BentoML. A malicious bentofile.yaml with a newline-injected value in envs[*].name yields unquoted RUN directives in the BentoML-generated Dockerfile, causing those RUN commands to run on the host during docker build when running bentoml containerize. The issue stems from un...
GHSA-W2PM-X38X-JP44 Dockerfile command injection via envs[*].name in bentofile.yaml (sibling fix-bypass of CVE-2026-33744 and CVE-2026-35043)
BentoML envs.name Dockerfile command injection — sibling of CVE-2026-33744 / CVE-2026-35043 A malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentoml containerize on the imported...
Dockerfile command injection via envs[*].name in bentofile.yaml (sibling fix-bypass of CVE-2026-33744 and CVE-2026-35043)
BentoML envs.name Dockerfile command injection — sibling of CVE-2026-33744 / CVE-2026-35043 A malicious bentofile.yaml containing a newline-injected value in envs.name produces unquoted RUN directives in the BentoML-generated Dockerfile. When the victim runs bentoml containerize on the imported...
PT-2026-39664
Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39 Description BentoML is a Python library used for building online serving systems optimized for AI applications and model inference. A flaw exists where a malicious bentofile.yaml file containing a...
MAL-2026-2466 Malicious code in strapi-plugin-hextest (npm)
strapi-plugin-hextest is a malicious npm package disguised as a Strapi CMS plugin. On install, it runs a postinstall script that executes an 11-phase attack: stealing .env files, environment variables, Strapi configuration, private keys, Redis data, Docker/Kubernetes secrets, and network topology...
PT-2026-20564
Command Injection in aquasecurity/trivy-action via Unsanitized Environment Variable Export A command injection vulnerability exists in aquasecurity/trivy-action due to improper handling of action inputs when exporting environment variables. The action writes export VAR= lines to trivy envs.txt...
PT-2026-20567
Name of the Vulnerable Software and Affected Versions aquasecurity/trivy-action versions 0.31.0 through 0.33.1 Description A command injection issue exists in aquasecurity/trivy-action due to insufficient handling of action inputs when exporting environment variables. The action creates export VA...
Malicious code in gulp-inject-envs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...
EUVD-2025-199149
Malicious code in gulp-inject-envs npm...
MAL-2025-191105 Malicious code in gulp-inject-envs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d230a528331dc71aa1fa5cb1d9fd8146d79d7e92f3aae2efd2ce7c177640b337 The package gulp-inject-envs was found to contain malicious code. Source: ghsa-malware 5dafa09839ea07c586670ac1a302805fb65ffaf32d1641dcab2be569a68231...
ff-build (>=2.4.0 <=2.6.1) potentially affected by unknown CVE via gulp-inject-envs (=1.2.0)
gulp-inject-envs NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on gulp-inject-envs and may be impacted: - ff-build =2.4.0, =2.6.1 Source cves: unknown CVE Source advisory: SNYK:JS-GULPINJECTENVS-14103633...
Malicious code in envs-loader (npm)
The package envs-loader was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94802ccdee601e77ff6361593b03ef5b414dec7eaeccd58d8ed6b2305886b27d Any computer that has this package installed or running should be considered fully...
MAL-2025-47553 Malicious code in envs-loader (npm)
The package envs-loader was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94802ccdee601e77ff6361593b03ef5b414dec7eaeccd58d8ed6b2305886b27d Any computer that has this package installed or running should be considered fully...
Malicious Package
Overview envs-loader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
MAL-2025-5193 Malicious code in envs-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d66a16720127b714fd0b4972d056bd66309e46b1cbf745656b742fe3bc33f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in envs-validator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14d66a16720127b714fd0b4972d056bd66309e46b1cbf745656b742fe3bc33f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Solaris Runtime Linker (ld.so.1) Buffer Overflow Exploit (SPARC version
No description provided by source. / ld.so.1 exploit SPARC coded by: osker178 bjr213 psu.edu Alright, so this exploits a fairly standard buffer overflow in the default Solaris runtime linker ld.so.1 discovery by Jouko Pynnonen Only real deviation here from the standard overflow and return into li...