MAL-2026-3673 Malicious code in 3pool-sushibar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5112bb2ea3570e56be6525c48ef026624f46dead693e78333696273c911c6c42 This package is a dependency-chain dropper. package.json declares 15 undocumented dependencies in three numbered families web3chain02032, rusttool070...

Malicious code in elf-stats-caroling-bow-570 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a19c932252f20cc27d0299d192c8bdb4eb89ab96f8fbdd7ec592450683e02ed8 The package elf-stats-caroling-bow-570 was found to contain malicious code...

MAL-2025-182102 Malicious code in gocay-guga-vivai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46ea120fa46b65790f471fa3f1560ec34a5c9506ede7e7969931bd1474efdf4d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-61985

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...

Malicious code in @zalastax/nolb-liol (npm)

The package @zalastax/nolb-liol was found to contain malicious code...

Malicious code in down-lo-ad-now-zip-mp3-261895-fake-it-flowers-fr14h-gmqthe (npm)

The package down-lo-ad-now-zip-mp3-261895-fake-it-flowers-fr14h-gmqthe was found to contain malicious code...

CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

Kedro allows Remote Code Execution by Pulling Micro Packages

In kedro-org/kedro version 0.19.8, the pullpackage API function allows users to download and extract micro packages from the Internet. However, the function projectwheelmetadata within the code path can execute the setup.py file inside the tar file, leading to remote code execution RCE by running...

@keystone-6/core's bundled cuid package known to be insecure

Summary The cuid package used by @keystone-6/ and upstream dependencies is deprecated and marked as insecure by the author. As reported by the author Cuid and other k-sortable and non-cryptographic ids Ulid, ObjectId, KSUID, all UUIDs are all insecure. Use @paralleldrive/cuid2 instead. What are...

PT-2023-32980 · Cuid +1 · Cuid +2

Name of the Vulnerable Software and Affected Versions: @keystone-6/ versions affected versions not specified Description: The cuid package is deprecated and marked as insecure by its author due to security concerns. It is recommended to use @paralleldrive/cuid2 instead. The issue affects...

Remote Code Execution (RCE)

d8s-math is vulnerable to remote code execution. The vulnerability exists because the library does not properly handle the package upload mechanism, allowing an attacker to inject and execute malicious packages...

Siemens SINEMA Remote Connect Server Parameter Handling Error Vulnerability

SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunnel connections VPNs between headquarters, service technicians, and installed machines or plants.A parameter handling error vulnerability exists in Siemens SINEMA Remote Connect Server, which stems from ...

Siemens SINEMA Remote Connect Server 安全漏洞

SINEMA Remote Connect is a remote network management platform that makes it easy to manage tunnel connections VPNs between headquarters, service technicians, and installed machines or plants.A parameter handling error vulnerability exists in Siemens SINEMA Remote Connect Server, which stems from ...

Safety - Check Your Installed Dependencies For Known Security Vulnerabilities

Safety checks your installed dependencies for known security vulnerabilities. By default it uses the open Python vulnerability database Safety DB, but can be upgraded to use pyup.io's Safety API using the --key option. Installation Install safety with pip. Keep in mind that we support only Python...

Code injection

The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load instead of its secure replacement safeLoad of the package js-yaml inside grunt.file.readYAML...

CVE-2019-11480

The pc-kernel snap build process hardcoded the --allow-insecure-repositories and --allow-unauthenticated apt options when creating the build chroot environment. This could allow an attacker who is able to perform a MITM attack between the build environment and the Ubuntu archive to install a...

Malicious package may avoid detection in python auditing

Python Auditing Vulnerability Demonstrates how a malicious package can insert a load-time poison pill to avoid detection by tools like Safety. Tools that are designed to find vulnerable packages can not ever run in the same python environment that they are trying to protect. Usage Install safety,...

GHSA-432J-4FW9-2G6F libsbml downloads Resources over HTTP

Affected versions of libsbml insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on the system...

Oracle Linux 5 : Important: / gnupg (ELSA-2007-0107)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2007-0107 advisory. 1.4.5-13 - incorporate patch from Werner to work around clients which can't tell that multiple plain messages have been processed 230457 Tenable has extracted t...