Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogadded 2026/05/12 6:30 p.m.4 views

Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS6.3AI score0.00378EPSS
Exploits0References4Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/02/03 9:1 a.m.3 views

Malicious code in developer-hub (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7028f9c0bc3315f11a48ce063889decd60554ce5b93de9380c43cb83f4d1971 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/11/29 3:37 a.m.3 views

Malicious code in n-hub (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9cbdc296029075a31aced0f56b22ed1082a7c6c0b9d80d0ed9ab47cb033d467 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder