Malicious code in eslint-config-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3747d49c7b72e1659dde0b66b3e7b95bd198fc6a8f8f37d9a7a1bc2fc76dd54 The package eslint-config-stitch was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-204453

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

CVE-2025-14267 Unintended temporary cached data included in a structure only copy intended to be empty of data

Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation M-Files Server allows data leak exposure affecting versions before 25.12.15491.7...

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.12.15491.7, which stems from incomplete removal of sensitive information and could lead to a data leak...

Malicious code in eslint-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe353013f0da7eb67305f05b8a3b0db6e1dd3cd40ef4cc4a7bfc21029b380cf2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in click-action-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 863f4bd9c81749474f2360ad027e111369d13c2c699078f5ae2311e627b0d2fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Equity.restructureCapTable only restructures one address at a time

Lines of code Vulnerability details Equity.restructureCapTable allows qualified FPS holders to restructure the system, that is: burning shares of other holders that did not participate in putting equity above water. File: Equity.sol 309: function restructureCapTableaddress calldata helpers, addre...

Malicious code in tiaa-web-ui-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6307bc57608579648ccf1b24d5afbcd0d7f3c15e8c8da97a2a0d1a6a6e059fa9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dep-incompatible (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb537c14147bd009ef50b49f0aa9e6c60e693c01b44667d8b8ce0e9a295fbbe8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...