Malicious Package

Overview epic-asset-uploader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in epic-admin-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53764f149897a5c5d4373d2f217da3994123f2664db8150cfcf37b474ee632db The package epic-admin-ui was found to contain malicious code. Source: ghsa-malware 34cc1c893e75c3b3e5849e74fed6d7f75ce784c9e933d878d93e773fae313305...

MAL-2026-679 Malicious code in epic-admin-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53764f149897a5c5d4373d2f217da3994123f2664db8150cfcf37b474ee632db The package epic-admin-ui was found to contain malicious code. Source: ghsa-malware 34cc1c893e75c3b3e5849e74fed6d7f75ce784c9e933d878d93e773fae313305...

MAL-2026-594 Malicious code in epic-asset-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc2cb990940a69aa54175e17a56f993e9c380e4eb2bbe8fc9f6e86c09b252464 The package epic-asset-uploader was found to contain malicious code. Source: ghsa-malware...

Malicious code in epic-asset-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc2cb990940a69aa54175e17a56f993e9c380e4eb2bbe8fc9f6e86c09b252464 The package epic-asset-uploader was found to contain malicious code. Source: ghsa-malware...

Foxit, Epic Games Store, MedDreams vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

CVE-2025-61973

CVE-2025-61973 is a local privilege escalation in the Epic Games Store installation via Microsoft Store. Cisco Talos details a DLL hijacking path: a writable %TEMP% directory allows replacing dxupdate.dll, which DXSETUP.exe later loads with SYSTEM privileges, yielding elevation. Affected versions...

CVE-2025-61973

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

EUVD-2026-2749

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability

Talos Vulnerability Report TALOS-2025-2279 Epic Games Store Installation DLL Hijacking Privilege Escalation Vulnerability January 15, 2026 CVE Number CVE-2025-61973 SUMMARY A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A...

PT-2026-3020

A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges...

Epic Games Store security vulnerabilities

Epic Games Store is an online gaming platform operated by Epic Games, a company based in the United States. There is a security vulnerability in Epic Games Store, which stems from the ability for low-privilege users to replace DLL files during the installation process, potentially leading to an...

CVE-2020-7196

The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdcadminpassword in the source file of the u...

CVE-2020-10090

GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed...

@buttery/tokens (>=0.1.2 <=0.1.10), @common-stack/frontend-stack-react (>=6.0.6-alpha.23 <=9.0.2-alpha.7) +26 more potentially affected by CVE-2026-22030 via @remix-run/server-runtime (>=2.0.0-pre.0 <=2.17.2)

@remix-run/server-runtime NPM version =2.0.0-pre.0, =0.1.2, =6.0.6-alpha.23, =6.0.6-alpha.28, =0.1.0, =5.6.0, =5.13.0, =5.6.0, =5.6.0, =0.1.36, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.17.2 and more Source cves: CVE-2026-22030 Source advisory: SNYK:JS-REMIXRUNSERVERRUNTIME-14908428...

@buttery/tokens (>=0.1.2 <=0.1.10), @common-stack/frontend-stack-react (>=6.0.6-alpha.23 <=9.0.2-alpha.7) +18 more potentially affected by CVE-2025-61686 via @remix-run/node (>=2.0.0-pre.0 <=2.17.1)

@remix-run/node NPM version =2.0.0-pre.0, =0.1.2, =6.0.6-alpha.23, =6.0.6-alpha.28, =0.1.0, =5.6.0, =5.13.0, =5.6.0, =5.6.0, =0.1.36, =2.0.0, =2.10.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2025-61686 Source advisory: SNYK:JS-REMIXRUNNODE-14908858...