CVE-2026-12528

A flaw was found in 389 Directory Server in the aclpnormalizeacltxt function of aclparse.c. A malformed ACI Access Control Instruction string can trigger heap-buffer-overflow writes and reads during ACI parsing. The function fails to validate that the ACI keyword has sufficient length after...

GHSA-92MM-2PJQ-R785 vulnerabilities

Vulnerabilities for packages: cg, kots, tflint-fips, conftest-fips, chainctl, conftest, cloudbeat-fips, trivy-operator, zarf-fips, cloudbeat, opentofu-fips, packer-fips, task, tflint, terragrunt-fips, kubescape-server, xeol-fips, tfsec, terragrunt, wolfictl, kubescape, syft, terraform, trivy,...

MAL-2026-2177 Malicious code in linting (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb47704e5a0d8d5d241dd382567f85027854c50652bb5889cde58c2b6db00a7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in eslint-plugin-superhuman-custom-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e50258e14acd3712854f3059d043b8c4982563ab8d401555b253702a3212279 The package eslint-plugin-superhuman-custom-rules was found to contain malicious code...

EUVD-2026-3169

Malicious code in eslint-plugin-fuel-react npm...

EUVD-2026-1618

Malicious code in @zuora-marketing/linting npm...

Malicious code in @zuora-marketing/linting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddcfd1151af868e694a4a79307ce1284331ad88b8ff631651f3fd2c47fbf342a The package @zuora-marketing/linting was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-168 Malicious code in @zuora-marketing/linting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddcfd1151af868e694a4a79307ce1284331ad88b8ff631651f3fd2c47fbf342a The package @zuora-marketing/linting was found to contain malicious code. Source: ossf-package-analysis...

golang-cicd-poc

Golang CI/CD POC Project POC project for trying out different...

EUVD-2025-176037

Malicious code in technosignature-eslint-plugin-deimos-stop npm...

EUVD-2025-122842

Malicious code in readable-eslint-config-fomalhaut-dotenv npm...

Malicious code in eslint-config-socketio-development-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29f4ba7bcceda7e6c47a55286d07be81507c98e76b1293b35e26b1670af017aa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142206 Malicious code in eslint-config-prettier-plugin-markdown-zephyr-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b3ef52b43da2fe6d4c198943373ceb6eaaa3a2711589e609220e6dcda6cf2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in eslint-plugin-ethereumjs (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious Package

Overview vite-linting-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2021-17424

Malware in sbrugna...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in eslint-config-prettier

Summary IBM Watson Discovery Cartridge contains a vulnerable version of eslint-config-prettier Vulnerability Details CVEID:CVE-2025-54313 DESCRIPTION: eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package...

Malicious code in vite-linting-js (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-47741 Malicious code in vite-linting-js (npm)

--- -= Per source details. Do not edit below this line.=-...

@alfresco/aca-generators (>=1.0.0 <=1.0.1), @alfresco/adw-generators (>=1.0.0 <=1.0.1) +98 more potentially affected by CVE-2025-10894 via nx (>=21.5.1-beta.3 <=21.7.0-canary.20250930-e144408)

nx NPM version =21.5.1-beta.3, =1.0.0, =1.0.0, =0.0.1, =11.0.0, =0.52.0, =2.23.0, =0.7.10, =1.0.0, =3.22.0, =9.0.0-next.68, =1.4.0, =3.1.1, =1.0.0, =1.1.2 and more Source cves: CVE-2025-10894 Source advisory: OSV:MAL-2025-41443...