Malicious code in sf-silly-goose-requests (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d1b2d16ce881d1e9b356ed424f8144ce9324d09010efa8761ad13ac8a46e7b60 Package uses trufflehog to detect secrets and exfiltrates them to a hardcoded location --- Category: MALICIOUS - The campaign has clearly malicious intent, lik...

CVE-2026-41889 vulnerabilities

Vulnerabilities for packages: dapr, falcosidekick, wal-g, gitlab-cng, vault-fips, spicedb-fips, ldap2pg, seaweedfs, goose-fips, gitaly, rke2-cloud-provider, cloudnative-pg, sqlexporter-fips, caddy-fips, step, amass, openbao-fips, step-ca-fips, dapr-fips, openfga-fips, bento-fips, rke2-runtime-fip...

Fedora 44 : goose (2026-6ff3ef2d32)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-6ff3ef2d32 advisory. Update goose to fix fedora2449678 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

[SECURITY] Fedora 43 Update: goose-1.23.2-7.fc43

Goose is your on-machine AI agent, capable of automating complex development tasks from start to finish. More than just code suggestions, goose can build entire projects from scratch, write and execute code, debug failures, orchestrate workflows, and interact with external APIs - autonomously...

Fedora: Security Advisory (FEDORA-2026-a45f438402)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : goose (2026-a45f438402)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-a45f438402 advisory. Update goose to fix fedora2449678 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

GHSA-8FJ7-8H3W-XWFM vulnerabilities

Vulnerabilities for packages: flux-kustomize-controller-fips, crossplane-provider-aws-cognitoidentity, apache-beam-python-3.12-sdk, crossplane-provider-aws-servicediscovery, flux-source-watcher-fips, terraform-provider-grafana-fips, apm-server-fips, buildkite-agent-fips, gitlab-cng,...

CVE-2026-27141 vulnerabilities

Vulnerabilities for packages: flux-kustomize-controller-fips, crossplane-provider-aws-cognitoidentity, apache-beam-python-3.12-sdk, crossplane-provider-aws-servicediscovery, flux-source-watcher-fips, terraform-provider-grafana-fips, apm-server-fips, buildkite-agent-fips, gitlab-cng,...

EUVD-2025-120026

Malicious code in classical-blush-goose npm...

Malicious code in classical-blush-goose (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4788edf05fd7a84c1d50968e29cb519dd07ef3c4707662ff8b3ca19a6d3ee6c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117055

Malicious code in strategic-red-goose npm...

EUVD-2025-116991

Malicious code in well-coffee-goose npm...

EUVD-2025-117331

Malicious code in helpful-indigo-goose npm...

Malicious code in fantastic_goose_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54df02975caedbb2c82c4f3d18ce184ce336d7b5a5bdc7fb1ced983c1ca579b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-131798 Malicious code in zeroth_goose_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b60484007c2d667553c2a173697906ee04260b1d2598e866146cf7918b6591 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-99283

Malicious code in endlessgoosez3n npm...

EUVD-2025-103739

Malicious code in mixedgoosez3n npm...

EUVD-2025-100130

Malicious code in deafeninggoosez3n npm...

EUVD-2025-95850

Malicious code in passivegoosez3n npm...

EUVD-2025-94816

Malicious code in swiftgoosez3n npm...