MAL-2026-4682 Malicious code in tango-app-api-trax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d8f3ef8e6fa016bfc17617ebcedce012c6cce870d89564965a476c3ec8da1c The tarball contains live, importable credentials for systems other than the installer's own. src/controllers/internalTrax.controller.js hardcodes...

CVE-2026-27941

OpenLIT is an open source platform for AI engineering. Prior to version 1.37.1, several GitHub Actions workflows in OpenLIT's GitHub repository use the pullrequesttarget event while checking out and executing untrusted code from forked pull requests. These workflows run with the security context ...

CVE-2023-27587

ReadtoMyShoe, a web app that lets users upload articles and listen to them later, generates an error message containing sensitive information prior to commit 8533b01. If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google...

ReadtoMyShoe 安全漏洞

ReadtoMyShoe is a web application used for speech-to-text conversion. A security vulnerability exists in ReadtoMyShoe that stems from a request URL containing a Google Cloud API key...