311862 matches found
Malicious code in d4rktg (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3348d9f4bb35442b1de902c35ca46292f9336a8f83ac8deb7e870b2cd6af9019 The library's sole authorization primitive, CustomFilters.authorize in d4rk/Utils/filters.py, OR's the installer-supplied ownerid and sudousers list...
Malicious code in @dropout-ai/runtime (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2121b923a39177ed68ce5cf066cbb07891b7cb5d20ecf5ec66f2c953634eff10 On require/import, src/index.js replaces global.fetch with a wrapper that intercepts every fetch whose URL matches openai.com, anthropic.com,...
Malicious code in github.com/BufferZoneCorp/go-retryablehttp (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3633 Malicious code in knot-rack-session-store (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3621 Malicious code in github.com/BufferZoneCorp/go-envconfig (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3620 Malicious code in github.com/BufferZoneCorp/config-loader (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
MAL-2026-3622 Malicious code in github.com/BufferZoneCorp/go-metrics-sdk (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
Malicious code in amino-fix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 807db606fec148f1acf0e1ddb4ec2e0a68ba672bb8e5641f9eefd0d425f30a44 The asyncfix subpackage's signature helper in aminofix/asyncfix/lib/util/helpers.py lines 22-25 does not compute the NDC-MSG-SIG locally. Instead,...
MAL-2026-3686 Malicious code in amino-fix (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 807db606fec148f1acf0e1ddb4ec2e0a68ba672bb8e5641f9eefd0d425f30a44 The asyncfix subpackage's signature helper in aminofix/asyncfix/lib/util/helpers.py lines 22-25 does not compute the NDC-MSG-SIG locally. Instead,...
Malicious code in txwrap (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 72b4db77d156fffbfdf3253cda39d73180fda419676d356fdbc217130c289549 During importing, the remote code is downloaded. It then exfiltrates cryptocurrency wallet data to a hardcoded location and places a backdoor through a new...
Embedded Malicious Code
@tanstack/ packages are vulnerable to Embedded Malicious Code. The vulnerability is due to misconfigured GitHub Actions workflows and cache poisoning weaknesses that allowed attackers to extract OIDC tokens and publish malicious package versions under a trusted identity...
EUVD-2026-29554
Cognee thru v0.4.0 contains a critical remote code execution vulnerability in its notebook cell execution API endpoint. The endpoint is designed to execute arbitrary Python code provided by the user, but it does so using the unsafe exec function without any sandboxing, validation, or security...
CVE-2026-31236
The llm CLI tool thru 0.27.1 contains a critical code injection vulnerability via its --functions command-line argument. This argument is intended to allow users to provide custom Python function definitions. However, the tool directly executes the provided code using the unsafe exec function...
MAL-2026-3614 Malicious code in aoflmkt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d5581b164c03c1b17ecfa5e7bab0422b7168cb3a8d44108ac108467e37adbc2 The OpenSSF Package Analysis project identified 'aoflmkt' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicat...
EUVD-2025-209787
A Stored Cross-Site Scripting XSS vulnerability was discovered in the File Management module of FluentCMS 1.2.3. The flaw allows an authenticated administrator to upload crafted SVG files containing malicious JavaScript code. Once uploaded, the script executes in the browser of any user who...
CVE-2026-44742
A flaw was found in Postorius. This vulnerability allows an attacker to embed malicious code within the subject of an email message. When an administrator or user views the 'Held messages pop-up', this malicious code is executed in their web browser. This can lead to Cross-Site Scripting XSS,...
Malicious code in justenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b391e2932f5ed4a24b376c4c9ac84c98b88764799b6ddccdc68e19964346228 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in jwscube (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 325d4311f3dd1d82c8f9ee1ddc19a767eb69adf0a338625c8ce1e9d40062dec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3612 Malicious code in jwscube (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 325d4311f3dd1d82c8f9ee1ddc19a767eb69adf0a338625c8ce1e9d40062dec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3611 Malicious code in justenv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b391e2932f5ed4a24b376c4c9ac84c98b88764799b6ddccdc68e19964346228 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...