311904 matches found
CVE-2026-28353 Trivy Vulnerability Scanner: Unauthorized AI Agent Execution Code Included in OpenVSX Extension Release
Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.8.12, which was distributed via OpenVSX marketplace was compromised and contained malicious code designed to leverage local AI coding agent to collect and exfiltrate sensitive...
MAL-2026-1247 Malicious code in @imhuman/corp-build-utils-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6184a6191df94d0d85ce593a41435ea200b954b17ce7a90c83cd1fb6ec5453db The package @imhuman/corp-build-utils-poc was found to contain malicious code. Source: ghsa-malware...
Malicious code in @imhuman/corp-build-utils-poc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6184a6191df94d0d85ce593a41435ea200b954b17ce7a90c83cd1fb6ec5453db The package @imhuman/corp-build-utils-poc was found to contain malicious code. Source: ghsa-malware...
Malicious code in @imhuman/fw-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21f635d2d8fbbcc0d1422e1b08e8b71b8efd04e68216dc4eb8ffaec0208f967 The package @imhuman/fw-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1249 Malicious code in imhuman-fw-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04a81e9c61dcf38b54d4e0ad070050a4817a509858f0f56725074b54c24288a1 The package imhuman-fw-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1248 Malicious code in @imhuman/fw-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21f635d2d8fbbcc0d1422e1b08e8b71b8efd04e68216dc4eb8ffaec0208f967 The package @imhuman/fw-logger was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1251 Malicious code in pear-apps-lib-ui-react-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 325efdb6f86d5a55bf6cf0630f6fc6be87fbe387047929a31e4e5e55a8ea6cdf The package pear-apps-lib-ui-react-hooks was found to contain malicious code. Source: ghsa-malware...
Malicious code in pear-apps-utils-avatar-initials (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097265e259265c0fcc8e4d53ebb4bfcdc33404ce2fc818308f0f1097d90de3d4 The package pear-apps-utils-avatar-initials was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1252 Malicious code in pear-apps-utils-avatar-initials (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 097265e259265c0fcc8e4d53ebb4bfcdc33404ce2fc818308f0f1097d90de3d4 The package pear-apps-utils-avatar-initials was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1253 Malicious code in pear-apps-utils-date (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65df5bee974b55dfd58d5816e480664604e9d8b3bf6a7c27c22b92aefeaca124 The package pear-apps-utils-date was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1254 Malicious code in pear-apps-utils-qr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8bf18757dd3797d845e6746f010e38421985192e8623264615f68c13b4ec0a1 The package pear-apps-utils-qr was found to contain malicious code. Source: ghsa-malware...
Malicious code in pearpass-lib-data-export (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd09913040448b75ce4023605c2191efccf04f01c8e894d4044e8ee3a04fa67c The package pearpass-lib-data-export was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1255 Malicious code in pearpass-lib-data-export (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd09913040448b75ce4023605c2191efccf04f01c8e894d4044e8ee3a04fa67c The package pearpass-lib-data-export was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1250 Malicious code in pear-apps-lib-feedback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1256 Malicious code in pearpass-lib-data-import (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1ab28e159d40d36665a0a745f8ff8a2f9d55884bfaff1f019638560083aaf42 The package pearpass-lib-data-import was found to contain malicious code. Source: ghsa-malware...
Malicious code in pearpass-utils-password-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49c29e613eb5defffe0f8db190791cd1e27be699c5aa6343ad0d60814b2e756 The package pearpass-utils-password-check was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1246 Malicious code in pearpass-utils-password-check (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e49c29e613eb5defffe0f8db190791cd1e27be699c5aa6343ad0d60814b2e756 The package pearpass-utils-password-check was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1245 Malicious code in nf-referral-backend-placeholder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44ad77b1a6ac52b4914c8516043f3f52e27f4a328b2940bf5b4d9c63e66662b2 The package nf-referral-backend-placeholder was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1244 Malicious code in spectral-corsair-navigator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4faab7d9e9e24067cf0a0ef23c529b2622cbb91b654a35430742ec584b827a54 The package spectral-corsair-navigator was found to contain malicious code. Source: ghsa-malware...
Trivy Action 安全漏洞
Trivy Action is a container vulnerability scanning tool developed by Aqua Security. Version 1.8.12 of Trivy Action contains a security vulnerability; this vulnerability stems from the inclusion of malicious code, which may lead to the collection and disclosure of sensitive information...