Malicious code in 0x2ai-demo3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a36d5f023e4740169d1e1e7a56ebe32552cfdc4a05bf50ecc0b648ecea502c0d On npm install, scripts/postinstall.cjs copies the entire payload/ tree into process.env.INITCWD the directory the developer ran the install from usi...

Malicious code in 0x2ai-demo10x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c4c4b3e66489f3a4383df5e62540498343c5ab3a5ce145df5733b2820efc71b On npm install, scripts/postinstall.cjs runs fs.cpSyncpayload, process.env.INITCWD, recursive: true , copying.mcp.json,...

MAL-2026-5599 Malicious code in 0x2ai-ivo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e78c039ee7ad67b1a20ef30b37ce03178f6c2181b1e330db69e04dabd0a28686 On install, the postinstall script copies the package's payload/ tree CLAUDE.md,.claude/settings.json,.mcp.json, and several.cjs MCP scripts into the...

Malicious code in clean-my-pc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8139d8347bc83b12e276e481509aaca6af69adff21f7df1658a6eeadd31562f6 The package's collect.js imports childprocess, fs, http, https, and os, gathers host identifiers via os.hostname and os.homedir, reads files from the...

MAL-2026-5610 Malicious code in coderzero (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0bd26d5ae306572deded5926f2a32dd34de72377da3363cafc4c4026b9c5a93d When a user runs the coderzero CLI, the bundled Python client client/noderzero.py starts a clipboard monitor that polls pyperclip.paste every 300ms a...

Malicious code in telebot-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d3c49bb558149b55f90b708ff47e24f6f856a88abb4b2ed477633c3df43d4e2 The package advertises itself as a configurable Telegram bot server README and.env.example reference TELEGRAMBOTTOKEN and ALLOWEDUSERIDS, but the cod...

MAL-2026-5621 Malicious code in twilio-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 737fede3d5b2007849cab0503cec191ce127c33c0b28f3b3285f347a064966e1 Package name twilio-sdk impersonates the official Twilio Node SDK twilio but ships an empty API module.exports = . The only real behavior runs in...

Malicious code in @bestlzk/sectest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfce552ac72417ec7db2c48e0e13b1d060007167e82bd0f9b10799efe85e7f4 On npm install, postinstall.js collects platform, Node version, current working directory, and OS username, then POSTs them as JSON to...

Malicious code in spotify-url-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d48e77a28430ecc01968323c62517a7928f9c0db72e086a64eb87e1b63f33b7 On require'spotify-url-resolver', index.js line 21 invokes startBackupLoop at module top level. The loop zips process.cwd the installer's project roo...

MAL-2026-5574 Malicious code in spotify-url-resolver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d48e77a28430ecc01968323c62517a7928f9c0db72e086a64eb87e1b63f33b7 On require'spotify-url-resolver', index.js line 21 invokes startBackupLoop at module top level. The loop zips process.cwd the installer's project roo...

CVE-2026-10045

Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash...

Malicious code in @solana-labs/web3.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91b0523027116b3981b0f1dfe925f01d8956eb19817aae6ea7d0022d5357fba4 Package @solana-labs/web3.js impersonates the legitimate @solana/web3.js and re-exports it as cover while running a malicious postinstall node...

Malicious code in v018-axios-cdntest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67d30d2c9939173663f8ba1312b2591d2f86c67657bd5eeff59b19187f50b901 Package impersonates axios v0.18.0 index.js carries the genuine axios v0.18.0 | c 2018 by Matt Zabriskie header and sets window.axios=,...

GHSA-MQQ6-462X-JXMM Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery

Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 |...

Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery

Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 |...

PT-2026-48473

Vulnerability: CWE-798 — Hardcoded JWT Secret + Broken Mitigation Affected Component - github.com/dhax/go-base — Go REST API boilerplate go-chi/jwtauth/v5, Viper, PostgreSQL/Bun - 1,685 stars on GitHub Vulnerability Locations | File | Line | Role | |------|------|------| | dev.env | 10 | AUTH JWT...

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

CVE-2026-46517 LMDeploy: Hardcoded trust_remote_code=True is an implicit unsafe remote-code load path with no user opt-out

LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trustremotecode=True" enables HF supply-chain RCE without user opt-in. At time of publication, there are no publicly available patches...

CVE-2026-46517

LMDeploy has a hardcoded trust_remote_code=True path in multiple code locations (e.g., get_model_arch and related calls) that is invoked for every model load. This creates an implicit unsafe remote-code load path when loading HuggingFace models from a repository, with no user opt-out or CLI flag ...

Malicious code in mcp-server-github (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 156761c4bd0e22759f082d7c030c241be12301dced1e58943c17aaacf9fe0958 Package squats the unscoped name mcp-server-github to intercept installs intended for the official @modelcontextprotocol/server-github. package.json...