1875 matches found
MAL-2026-2018 Malicious code in @modals/blockchain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9883b4336552c287c2c3ed9bb5888cc22173cd8b39fd181552f858607f0ffa70 The package @modals/blockchain was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2012 Malicious code in characterai-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376ab6840d12bf4d2b6ff51f365071cdefb5fae185ba150f7a8db8b70b925155 The package characterai-poc was found to contain malicious code. Source: ghsa-malware e45663d55a0e072d7245ee8cf3a8557710aef6e643c135b20a0918aa96d2da9...
Malicious Package
Overview @get-wrecked/overlay is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview trex-proxy-browser-extension-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The...
Malicious Package
Overview vitest-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview delta666 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2025-208741
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
EUVD-2025-208720
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
CVE-2025-52646 HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
CVE-2025-52646
Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security trackers to obtain affected versions, root cause, impact, and remediation.
CVE-2025-52637
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
PT-2026-25756
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
PT-2026-25706
HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...
VoiceSHIELD-Small: Real-Time Malicious Speech Detection and Transcription
Voice interfaces are quickly becoming a common way for people to interact with AI systems. This also brings new security risks, such as prompt injection, social engineering, and harmful voice commands. Traditional security methods rely on converting speech to text and then filtering that text,...
Malicious Package
Overview bloxupgrade is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Malicious Package
Overview @saferpay/logging is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview sap-avatars is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Malicious Package
Overview @cb-global-design-system-tokens/tailwind is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizati...
Malicious Package
Overview @toloka-tb/core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...