Crawl4AI: AST Sandbox Escape via gi_frame.f_back Chain - Pre-Auth RCE in Docker API

The safeevalexpression function in the computed fields feature uses an AST validator that only blocks attributes starting with underscore. Python generator and frame object attributes giframe, fback, fbuiltins do NOT start with underscore, enabling a complete sandbox escape to achieve arbitrary...

Malicious code in @antv/gi-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in @antv/gi-assets-advance (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Malicious code in @antv/gi-assets-basic (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4011 Malicious code in @antv/gi-cli (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4015 Malicious code in @antv/gi-sdk (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

MAL-2026-4016 Malicious code in @antv/gi-sdk-app (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@antv/gi-assets-xlab (>=0.1.0 <=0.1.30) potentially affected by unknown CVE via @antv/gi-assets-neo4j (=2.1.15)

@antv/gi-assets-neo4j NPM version =2.1.15 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/gi-assets-neo4j and may be impacted: - @antv/gi-assets-xlab =0.1.0, =0.1.30 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGIASSETSNEO4J-16754492...

@antv/gi-assets-xlab (>=0.1.0 <=0.1.30) potentially affected by unknown CVE via @antv/gi-assets-basic (=2.4.40)

@antv/gi-assets-basic NPM version =2.4.40 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/gi-assets-basic and may be impacted: - @antv/gi-assets-xlab =0.1.0, =0.1.30 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGIASSETSBASIC-16754358...

@antv/gi-assets-advance (>=1.0.0 <=2.5.22), @antv/gi-assets-algorithm (>=2.0.1 <=2.3.19) +12 more potentially affected by unknown CVE via @antv/gi-common-components (>=1.1.1 <=1.3.9)

@antv/gi-common-components NPM version =1.1.1, =1.0.0, =2.0.1, =1.0.0, =1.1.1, =2.0.5, =1.0.1, =1.0.1, =2.0.1, =2.0.1, =2.0.2, =0.1.0, =0.1.0, =2.0.1, =0.6.30, =0.6.43 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGICOMMONCOMPONENTS-16754420...

@antv/gi-assets-xlab (>=0.1.0 <=0.1.30) potentially affected by unknown CVE via @antv/gi-theme-antd (=0.6.11)

@antv/gi-theme-antd NPM version =0.6.11 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/gi-theme-antd and may be impacted: - @antv/gi-assets-xlab =0.1.0, =0.1.30 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGITHEMEANTD-16755091...

@antv/gi-assets-advance (>=1.0.0 <=2.2.1), @antv/gi-assets-algorithm (>=1.0.0 <=2.0.0) +11 more potentially affected by unknown CVE via @antv/gi-sdk (>=3.0.0-alpha.0 <=3.0.0)

@antv/gi-sdk NPM version =3.0.0-alpha.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0-beta.0, =1.0.1, =1.0.0, =1.0.0, =0.2.0, =0.6.25 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVGISDK-16754397...

Security update for python-gi-docgen (moderate)

openSUSE security update: security update for python-gi-docgen ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20497-1 Rating: moderate References: bsc1251961 Cross-References: CVE-2025-11687 CVSS scores: CVE-2025-11687 SUSE : 5.8...

OPENSUSE-SU-2026:20497-1 Security update for python-gi-docgen

This update for python-gi-docgen fixes the following issues: - CVE-2025-11687: Fixed reflected DOM XSS bsc1251961...

SUSE-SU-2026:21159-1 Security update for python-gi-docgen

This update for python-gi-docgen fixes the following issues: - CVE-2025-11687: Fixed reflected DOM XSS bsc1251961...

Cross-site Scripting (XSS)

Overview gi-docgen is a Documentation tool for GObject-based libraries Affected versions of this package are vulnerable to Cross-site Scripting XSS via the q GET parameter. An attacker can execute arbitrary JavaScript in the context of the page by crafting a malicious URL that injects code into t...

GI-DocGen vulnerable to Reflected XSS via unescaped query strings

A flaw was found in GI-DocGen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...

GHSA-6P6H-RQR6-62MV GI-DocGen vulnerable to Reflected XSS via unescaped query strings

A flaw was found in GI-DocGen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...

CVE-2025-11687

A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...

UBUNTU-CVE-2025-11687

A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...