@george.talusan/node-red-contrib-copilot (>=0.0.5 <=1.0.5), @github/copilot-sdk (>=0.1.9 <=0.1.31-unstable.0) +19 more potentially affected by CVE-2026-29783 via @github/copilot (>=0.0.375 <=0.0.421)

@github/copilot NPM version =0.0.375, =0.0.5, =0.1.9, =1.1.0, =0.0.0, =0.0.1, =1.2.3, =0.6.0, =1.0.1, =0.1.0, =1.0.0, =1.0.0, =1.0.15 - devdoctor-js =0.1.0 and more Source cves: CVE-2026-29783 Source advisory: SNYK:JS-GITHUBCOPILOT-15468228...

EUVD-2026-10049

GitHub Copilot CLI Dangerous Shell Expansion Patterns Enable Arbitrary Code Execution...

GHSA-G8R9-G2V8-JV6F GitHub Copilot CLI Dangerous Shell Expansion Patterns Enable Arbitrary Code Execution

Summary A security vulnerability has been identified in GitHub Copilot CLI's shell tool that could allow arbitrary code execution through crafted bash parameter expansion patterns. An attacker who can influence the commands executed by the agent e.g., via prompt injection through repository files...

CVE-2026-29783 GitHub Copilot CLI allows for dangerous shell expansion patterns that enable arbitrary command execution

The shell tool within GitHub Copilot CLI versions prior to and including 0.0.422 can allow arbitrary code execution through crafted bash parameter expansion patterns. An attacker who can influence the commands executed by the agent e.g., via prompt injection through repository files, MCP server...

Beware of fake OpenClaw installers, even if Bing points you to GitHub

Attackers are abusing OpenClaw’s popularity by seeding fake “installers” on GitHub, boosted by Bing AI search results, to deliver infostealers and proxy malware instead of the AI assistant users were looking for. OpenClaw is an open‑source, self‑hosted AI agent that runs locally on your machine...

Malicious Package

Overview relay-github-root is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

ifood2-github-io (=9.9.9) potentially affected by unknown CVE via ifood-github-io (=9.9.9)

ifood-github-io NPM version =9.9.9 is affected by a known vulnerability. The following packages have a transitive dependency on ifood-github-io and may be impacted: - ifood2-github-io =9.9.9 Source cves: unknown CVE Source advisory: SNYK:JS-IFOODGITHUBIO-16300296...

Malicious Package

Overview ifood2-github-io is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

GitHub Copilot CLI 操作系统命令注入漏洞

GitHub Copilot CLI is a terminal AI programming assistant open sourced by GitHub. Versions of GitHub Copilot CLI 0.0.422 and earlier had an operating system command injection vulnerability. This vulnerability stemmed from defects in shell security assessments, which could lead to arbitrary code...

PT-2026-23732

Name of the Vulnerable Software and Affected Versions GitHub Copilot CLI versions prior to 0.0.423 Description The shell tool within GitHub Copilot CLI is susceptible to arbitrary code execution through crafted bash parameter expansion patterns. An attacker influencing commands executed by the...

CVE-2026-30824

creationtimestamp| type| source ---|---|--- 2026-03-05 21:31:50+00:00| published-proof-of-concept| https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-5f53-522j-j454 2026-04-15 07:09:15+00:00| confirmed|...

Incorrect Regular Expression

Overview fastify is an overhead web framework, for Node.js. Affected versions of this package are vulnerable to Incorrect Regular Expression in the Content-Type header validation. An attacker can cause the server to incorrectly process requests with malformed Content-Type headers by sending value...

GHSA-HFPC-8R3F-GW53 vulnerabilities

Vulnerabilities for packages: linkerd2, efs-utils, komodo, zellij, deno, ztunnel, lychee, linkerd-extension-init, pixi, linkerd2-cni-plugin, zizmor, parseable, cargo-audit, ntpd-rs, rustls-ffi, linkerd2-proxy, nushell, zed, uv, rustup, garage, py3-xet-core, buck2, linkerd-network-validator...

GHSA-747P-WMPV-9C78 vulnerabilities

Vulnerabilities for packages: localstack...

Backstage vulnerable to potential reading of SCM URLs using built in token

Impact A vulnerability in the SCM URL parsing used by Backstage integrations allowed path traversal sequences in encoded form to be included in file paths. When these URLs were processed by integration functions that construct API URLs, the traversal segments could redirect requests to unintended...

GHSA-95V5-PRP4-5GV5 Backstage vulnerable to potential reading of SCM URLs using built in token

Impact A vulnerability in the SCM URL parsing used by Backstage integrations allowed path traversal sequences in encoded form to be included in file paths. When these URLs were processed by integration functions that construct API URLs, the traversal segments could redirect requests to unintended...

GHSA-WF45-3GPW-VRQV

creationtimestamp| type| source ---|---|--- 2026-03-05 00:10:05+00:00| seen| https://gist.github.com/alon710/ae14f3ab86f97e851dfebe5b270a8a84...

The Iranian Cyber Capability 2026

The Iranian Cyber Capability 2026 By John Fokker and Ernesto Fernández Provecho · March 5, 2026 Introduction In 2024, we published an assessment of the Islamic Republic of Iran’s cyber capabilities, outlining the structure, tradecraft, and strategic intent of Iranian-aligned threat actors. The co...

New BoryptGrab Stealer Targets Windows Users via Deceptive GitHub Pages

The BoryptGrab campaign uses fake SEO‑optimized GitHub repositories and deceptive download pages to distribute a data‑stealing malware family that delivers multiple payloads, including a reverse SSH backdoor, to Windows users...

@zextras/carbonio-design-system (=12.0.3), react-native-github-markdown (>=2.1.0 <=2.2.0) potentially affected by CVE-2025-68467 via darkreader (>=4.7.15 <=4.9.105)

darkreader NPM version =4.7.15, =2.1.0, =2.2.0 Source cves: CVE-2025-68467 Source advisory: SNYK:JS-DARKREADER-15441035...