Lucene search
K

58 matches found

Tenable Nessus
Tenable Nessus
added 4 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-55689

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenFGA is an authorization/permission engine built for developers. Prior to 1.18.0, OpenFGA's OIDC authenticator skipped JWT audience validation when...

8.1CVSS6.1AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 4:7 p.m.3 views

CVE-2026-55412 ToolJet Cloud - SSRF to Azure Cloud Infrastructure Compromise

ToolJet is the open-source foundation am AI-native platform for building and deploying internal tools, workflows and AI agents. Prior to 3.20.178-lts, there's an SSRF in the RestAPI data source component. The RestAPI data source executes HTTP requests server-side, and its private IP filter only...

8.3CVSS6AI score0.00193EPSS
Exploits0References3
OSV
OSV
added 2026/06/23 3:21 p.m.8 views

MAL-2026-6301 Malicious code in date-format-helper2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66c1775ce65ad47476ee1a0f1c7c5373e61466ec3eb4543cc658e67d2de22960 Package is advertised as a React date-formatting utility, but its postinstall.js performs targeted credential harvesting on npm install. The script...

5.8AI score
Exploits0References8
Snyk
Snyk
added 2026/06/06 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5205 Malicious code in @forjacms/analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44f7217965dcd60b165d3303ec44e2fbd7419e287110e70011a1434d7b5870e0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.15 views

MAL-2026-5242 Malicious code in creditcard.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d465ca657b19d32867e41b0ef3e049313241bba9db41c54c9e73d1682d7c1300 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in executable-stories-formatters (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf4dee9166e156fd18cdc223be5d4da38eaa0eda8b28f6fde07190bc5244fd0 No concrete installer-harm indicators were identified in this version of the package. No lifecycle hooks, hardcoded network destinations, credential...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in executable-stories-cypress (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 838176fbbb9290f1ee55af50cd6e292d461f33565a675a6e965bbe50d3b6c3ec No concrete installer-harm evidence was identified in this version of executable-stories-cypress. No lifecycle hook payloads, hardcoded exfiltration...

6.1AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in awaitly-visualizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7f392622f2aeb9a1cd98719278777d45ea44442e6f3979175ed8d8b6f8a0389 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References24
OSV
OSV
added 2026/06/05 12:53 a.m.21 views

MAL-2026-5219 Malicious code in autotel-drizzle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed16d2715633927ef05b9b370a8d37f95581137f46144053bcb53f94430f2f33 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.14 views

MAL-2026-5258 Malicious code in executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9900528338f5a1325fa66f8ebc1b72d1a24d63d708b42bbd5c54146ad7a6cbd No concrete installer-harm indicators were identified in this package version. No lifecycle-script behavior, network beacon, credential read, or...

6.2AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in executable-stories-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc974c5748dbf6c421d343ec3924e31bcc8a56a1202e59818e5282bc239a14f2 [email protected] ships a bundled HTTP server module dist/http.cjs and dist/http.js where pattern matchers flagged co-occurrence of...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in github-archiver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4d8f3a21af0a31a899de9e8eabd09e30c6e05e620ab3a7d7af420c34214898b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.13 views

Malicious code in eslint-plugin-executable-stories-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3b2b639cf616d5d975e12b917cfd679b4e247fce023e0b2bbf64b7a1482b596 No concrete installer-harm signals were identified in this package version. No lifecycle scripts, hardcoded network destinations, credential-path...

6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.18 views

Malicious code in eslint-plugin-awaitly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dbd803fb072d271da9c655f60d16fa4e33582d1acb075aa6427449c2a417b72 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5263 Malicious code in node-env-resolver-aws (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4d561f58633262592e17233481bba8398f047eb830948370396c51b6d952c90 No concrete installer-harm signals were identified in this version of the package. Coverage of the package contents was partial, so a human reviewer...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5206 Malicious code in @forjacms/client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e53cc7a866c8a2316aec94a20aa737e6bdb4a71202c0f363e301219ae1291ac The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5240 Malicious code in create-cf-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56d9884f6d63e063d1320b8d8efbfb8852f00bd3c18c87b03b445f6978897570 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5248 Malicious code in eslint-plugin-executable-stories-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3b2b639cf616d5d975e12b917cfd679b4e247fce023e0b2bbf64b7a1482b596 No concrete installer-harm signals were identified in this package version. No lifecycle scripts, hardcoded network destinations, credential-path...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5208 Malicious code in @forjacms/sections-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02715041554bf7c08c47813a9919c23a7adc633c39a9a794fd9eada9fcc00663 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
Rows per page
Query Builder