Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3198 (ALAS-2026-3198)

The version of thunderbird installed on the remote host is prior to 140.8.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3198 advisory. Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability affects Firefox 148, Firefox...

Malicious code in pru-lib-ng (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23f37bedfc6e1d85a81c4656a0af7b09fd927fb8d1562702d8766104ba806d95 The package pru-lib-ng was found to contain malicious code...

MAL-2026-1829 Malicious code in pru-lib-ng (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23f37bedfc6e1d85a81c4656a0af7b09fd927fb8d1562702d8766104ba806d95 The package pru-lib-ng was found to contain malicious code...

Malicious code in fe-lib-singleton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96b6a629661c8cb3dd5aa39a16e1bd92ea60352ea95d0e0edc72e1aa3a59ad78 The package fe-lib-singleton was found to contain malicious code...

Malicious code in fe-lib-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc3834e7b034601a3ed7f032e0575770c41742c9f13761e0e79ced9c7893af86 The package fe-lib-theme was found to contain malicious code...

MAL-2026-1736 Malicious code in fe-lib-singleton (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96b6a629661c8cb3dd5aa39a16e1bd92ea60352ea95d0e0edc72e1aa3a59ad78 The package fe-lib-singleton was found to contain malicious code...

MAL-2026-1737 Malicious code in fe-lib-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc3834e7b034601a3ed7f032e0575770c41742c9f13761e0e79ced9c7893af86 The package fe-lib-theme was found to contain malicious code...

Malicious code in fe-lib-sequences (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 970540348da1e5e01403124dd9005ee94f780965908149e1b563bb9667be89f7 The package fe-lib-sequences was found to contain malicious code...

MAL-2026-1735 Malicious code in fe-lib-sequences (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 970540348da1e5e01403124dd9005ee94f780965908149e1b563bb9667be89f7 The package fe-lib-sequences was found to contain malicious code...

EulerOS 2.0 SP11 : containerd (EulerOS-SA-2026-1572)

According to the versions of the containerd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and...

a10-octavia (>=1.0.0 <=2.2.0), a2grunnerp (>=0.1.0 <=0.1.8) +1182 more potentially affected by CVE-2026-27459 via pyopenssl (>=22.0.0 <=25.3.0)

pyopenssl PYPI version =22.0.0, =1.0.0, =0.1.0, =0.9.2, =2.3.36, =2.0.0, =2.4.15, =0.1.17, =0.1.0, =0.3.4, =0.2.0, =0.1.1, =0.0.1.dev7, =0.27.0 and more Source cves: CVE-2026-27459 Source advisory: OSV:GHSA-5PWR-322W-8JR4...

Malicious code in internal-lib-vulnerable (npm)

Malicious package due to data exfiltration, arbitrary code execution during installation via preinstall script, and suspicious hostname. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b46f6c2b8b094dc4a9864676457c3ea2af565204d854ab4cf1eb27be87aaa878 The package...

Malicious code in my-super-lib (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 58a8ef40f042f56d80d455abeb03442516dfd8ed81f462d9da071089ff82f31e During import, package decrypts and runs a malicious executable. The executable is hidden in an encoded and xored form in the JSON resource file. This is a...

MAL-2026-1428 Malicious code in @3stripes/lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cefc88878b1d12a39232d39387d16e564c71a9ce50047e025e7f26f848d4858 The package @3stripes/lib was found to contain malicious code. Source: ossf-package-analysis...

Malicious Package

Overview b2b-common-cb-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in b2b-common-cb-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0699be4242e2a015c76aad1b5ee1f2482f01a59017778511108ed33b8729a8e The package b2b-common-cb-lib was found to contain malicious code. Source: ghsa-malware...

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.9-2

CVE-2026-25068 affecting package alsa-lib for versions less than 1.2.9-2. A patched version of the package is available...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...

RHEL 9 : firefox (RHSA-2026:4152)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4152 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: libvpx: Heap...

firefox: thunderbird: Use-after-free in the Graphics: ImageLib component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Graphics: ImageLib component...