CVE-2026-54753

Summary (CVE-2026-54753) Nx's nx graph local HTTP server (in versions 17.0.4 through 22.7.2 and 23.0.0-beta.2) exposed an overly permissive CORS policy by returning Access-Control-Allow-Origin: * on every response. This enabled cross-origin access to sensitive server data, including the full proj...

EUVD-2026-39831

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

CVE-2026-54753 Nx: `nx graph` dev server permissive CORS policy

Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: on every response, letting any website a developer visited read the server's responses cross-origin — including...

Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47366 Malicious code in yargs-help-output (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1337d3becd83c0b3dc233069268371bc9e7395311560038f52cbe73384e4efa5 Any computer that has this package installed or running should be considered fully compromised. All...

SUSE: Security Advisory (SUSE-SU-2020:1294-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2020:2057-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue whe...

OPENSUSE-SU-2020:0677-1 Security update for file

This update for file fixes the following issues: Security issues fixed: - CVE-2019-18218: Fixed a heap-based buffer overflow in cdfreadpropertyinfo bsc1154661. Non-security issue fixed: - Fixed broken '--help' output bsc1169512. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2020:1294-1 Security update for file

This update for file fixes the following issues: Security issues fixed: - CVE-2019-18218: Fixed a heap-based buffer overflow in cdfreadpropertyinfo bsc1154661. Non-security issue fixed: - Fixed broken '--help' output bsc1169512...