GO-2026-4762 Authorization bypass in gRPC-Go via missing leading slash in :path in google.golang.org/grpc

Authorization bypass in gRPC-Go via missing leading slash in :path in google.golang.org/grpc...

Malicious Package

Overview google-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-41266 Malicious code in google-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a306188997a3decdf3eb0566e9ec1b3f81c5b1e0b4269eff69342744a9bad64 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in google-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a306188997a3decdf3eb0566e9ec1b3f81c5b1e0b4269eff69342744a9bad64 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-39131

ced detects character encoding using Google’s compactencdet library. In ced v0.1.0, passing data types other than Buffer causes the Node.js process to crash. The problem has been patched in ced v1.0.0. As a workaround, before passing an argument to ced, verify it’s a Buffer using Buffer.isBuffero...