EUVD-2026-38245

IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute arbitrary code on the host system, resulting in complete compromise...

EUVD-2026-37042

Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resulting in full system compromise...

Malicious code in sea-bound-siren (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...

Malicious code in @iobeya/spa-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9a974281dcc6456d815e6cb8b755c3084c7ba2d4026264474e459681a9a25cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @hatcha-captcha/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9a9310a4e2c8c3906b130725a5d8366ccad0df5529428fa9056c62f69f4c3b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5663 Malicious code in @tenforce/toolbox-fontmap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc43bc0434418226ca77115c791ff0ea0031a0d314e73acfe0a62686528ceaad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5655 Malicious code in @hatcha-captcha/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9a9310a4e2c8c3906b130725a5d8366ccad0df5529428fa9056c62f69f4c3b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5671 Malicious code in sitecore-mm-component-style (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1e025725001efb60959449e734f39db775cc54e77abb0c97364f7929cf54a8c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in emittery_styled (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f21dd8eb533d5ecf0c5123429a9cc453f24eb9426a6cfadcac5c2d299fa5a23 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5546 Malicious code in @common-stack/generate-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54a3dc296ec3f6dbded973e24aa9794b498cc1e8305fc3d1f88a4fdff7335df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5307 Malicious code in classwind-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4fa5abd0e91f5e73a3a17597ecdddbef2409d61a680fd92ea62ce3a908ffb836 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5131 Malicious code in @redhat-cloud-services/sources-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

MAL-2026-5078 Malicious code in raven-i18n-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16965d1a02185ab8a7880951f6889127e66f0c1b3ffc718023ce2ac3593bffc7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5052 Malicious code in @timelycare/api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d515fabb5cd16f351ff33b669a0667cb546d3f75fd308680d21d0edbc411c60a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4341 Malicious code in wm-plugin-set-walkme-language (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3a79fac1678c77b806378e3a6a61fbe14204f4ff38758d151a231e0d990ea94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in levex-press (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f33c109f544ebe960d2fe2880abba71a8abbbcfc1b8042ca5c5d5d9e6ac6b557 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-44076

A flaw was found in Netatalk. A local user with high privileges could exploit this vulnerability by injecting shell commands through a crafted volume path. This shell injection could lead to arbitrary code execution, allowing the attacker to gain full control over the affected system...

Malicious code in etherjs-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 335b4f699510e2bb1171a9137655f6977d5554f508e612eab97b4239c1249be1 package.json declares a postinstall script that performs an HTTPS GET to an ephemeral pinggy-free.link tunnel URL...

MAL-2026-3828 Malicious code in validate-api-key (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c2249a9b57bfab0277840b52fc1774c096dd7c3022b9bd0d0ae5cfeda0b14c The package validate-api-key was found to contain malicious code. Source: ghsa-malware db221657101473a5da0e59194e2ba30d99b576faae8b3e7ff21c5d68b83ff1...

Malicious code in dowload_ebok_also_an_octopus_by_maggie_tokuda_hall_ah2ip (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8458191c9d9b588edbefd52034669969e6511810e2ebe6e187a48e4405673f1 The package dowloadebokalsoanoctopusbymaggietokudahallah2ip was found to contain malicious code. Source: ghsa-malware...