PT-2026-38274

Name of the Vulnerable Software and Affected Versions Flight versions prior to 3.18.1 Description The default error handler Engine:: error writes the full exception message, exception code, and stack trace, including absolute filesystem paths, directly into the HTTP 500 response without debug...

Malicious Package

Overview flight-debug is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in flight-debug (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f68e2b41ce41ec300d19a5bfea6143aa90273b03ad4b7016083389bfd14919fe Any computer that has this package installed or running should be considered...

MAL-2025-48364 Malicious code in flight-debug (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f68e2b41ce41ec300d19a5bfea6143aa90273b03ad4b7016083389bfd14919fe Any computer that has this package installed or running should be considered...