110 matches found
Malicious code in mddriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a5b264d05ffaf76e8be2d7a46cb2277211a045fa15e8c510ab60cdd5c5bae56 On require'mddriver', an IIFE in index.js invokes loadTokenData, which fetches https://www.jsonkeeper.com/b/C4H0M stored base64-encoded as...
MAL-2026-5791 Malicious code in mddriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a5b264d05ffaf76e8be2d7a46cb2277211a045fa15e8c510ab60cdd5c5bae56 On require'mddriver', an IIFE in index.js invokes loadTokenData, which fetches https://www.jsonkeeper.com/b/C4H0M stored base64-encoded as...
MAL-2026-5607 Malicious code in chai-net-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f4bb3d7abae3be57c7521b84016b6484d4c21bd2898fcde043d376513cf1e chai-net-test ships a remote-code-execution dropper behind its public chain API. When a consumer calls chain... the documented entry point,...
MAL-2026-5605 Malicious code in chai-as-victimed (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b60cf728d4e2f5932f37d3e420649f6facc08959a8380a4724ec9e885b88754 Package name impersonates chai-as-promised but ships a remote-code dropper. lib/caller.js base64-decodes a hardcoded URL pointing to...
lodash: lodash: Arbitrary code execution via untrusted input in template imports
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...
PT-2026-44157
Name of the Vulnerable Software and Affected Versions liquidjs versions prior to 10.26.0 Description An issue allows unauthenticated attackers to achieve remote code execution and server compromise through crafted templates. The flaw is triggered by abusing filter evaluation, prototype...
MAL-2026-4511 Malicious code in chai-as-patch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0f6b316992ec48b2d29d234f9debebcf239653a2371d54ab9f6e487c4fdba7b This package is a typosquat of chai-as-promised that delivers remote code execution to any installer that requires it and invokes the exported...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 React2Shell Analysis Report Sections require...
lodash: lodash: Arbitrary code execution via untrusted input in template imports
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...
CVE-2026-39911
Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directl...
lodash: lodash: Arbitrary code execution via untrusted input in template imports
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...
SUSE CVE-2026-4800
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...
lodash: lodash: Arbitrary code execution via untrusted input in template imports
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. Additionally, .template uses assignInWith to merge imports, whi...
EUVD-2026-20993
Hashgraph Guardian through version 3.5.0 contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directly to the Node.js Function...
CVE-2026-39911
Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directl...
EUVD-2026-17610
lodash vulnerable to Code Injection via .template imports key names...
CVE-2026-4800
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...
CVE-2026-4800
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...
UBUNTU-CVE-2026-4800
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...
CVE-2026-4800 lodash vulnerable to Code Injection via `_.template` imports key names
Impact: The fix for CVE-2021-23337 https://github.com/advisories/GHSA-35jh-r3h4-6jhm added validation for the variable option in .template but did not apply the same validation to options.imports key names. Both paths flow into the same Function constructor sink. When an application passes...