OpenClaw Authorization Problem Vulnerability (CNVD-2026-16621)

OpenClaw is a command line tool for rights management. A security vulnerability exists in versions of OpenClaw prior to 2026.3.11, which stems from the failure of the system.run approval function to properly bind variable file operands for specific script runners such as tsx, jiti, and others. An...

Embedded Malicious Code

Overview @velora-dex/sdk is a SDK for the Velora API Affected versions of this package are vulnerable to Embedded Malicious Code that delivers a malicious payload through dist/index.js. An attacker uploaded a compromised version of the package directly to the npm registry. The payload runs a...

Malicious code in strapi-plugin-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 322f1a7c9723db125a9be39dcb3f897ca2f65146b7b71874bb3ec26a4825d521 The package strapi-plugin-cache was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2504 Malicious code in strapi-plugin-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 322f1a7c9723db125a9be39dcb3f897ca2f65146b7b71874bb3ec26a4825d521 The package strapi-plugin-cache was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2505 Malicious code in @aspect-security/argon2 (npm)

The package performs data exfiltration, arbitrary command execution in preinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b426577fc5361773d25297fdb9fce28835e15d9ab86909c6652f5c1b71c4e543 The package @aspect-security/argon2 was found to contain...

MAL-2026-2871 Malicious code in devkitx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 533ba14fdd7bd4a9722b6958993e6814b7f5b492ed9664250012deab8161401b The package devkitx was found to contain malicious code. Source: ghsa-malware 6344b4de933cb52dfd12ac4a38d68b3ea57498248f6cb291252a1a56d9963b55 Any...

MAL-2026-2526 Malicious code in request-js-validator (npm)

Copy of 'request' library with injected payload. Spawns detached child process that fetches stage-2 and executes via new Function.constructor'require', payload. Same pattern as express-session-js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

MAL-2026-2499 Malicious code in nerite-security-audit (npm)

Collects and exfiltrates sensitive data env vars, SSH keys, keystores, history via HTTPS and DNS. Suspicious domain and disabled SSL validation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87776a4e480d244c862e76238cd498aa49bd919403dad6de21a85326d6b451ed The...

Malicious code in totally-safe-util (npm)

Multiple suspicious behaviors: postinstall script, hex obfuscation, OS command execution to open a Rickroll, and attempt to hide execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d45a8a1395a8ff66e2ea74cacd9d8de0ebaa9e88e0170a6907b3e4861a2acc5 The packa...

Malicious code in df-sandbox-test (npm)

Multiple evidences indicate malicious behaviors: data exfiltration, sensitive file access, obfuscated code, and suspicious network connections. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97761ee82976dcee2c3d8438258e8ace733bec2d2c7e1020035e9e390f9fa02f The...

MAL-2026-2498 Malicious code in df-sandbox-test (npm)

Multiple evidences indicate malicious behaviors: data exfiltration, sensitive file access, obfuscated code, and suspicious network connections. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97761ee82976dcee2c3d8438258e8ace733bec2d2c7e1020035e9e390f9fa02f The...

EUVD-2019-20087

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...

RUSTSEC-2026-0081 `logtrace` was removed from crates.io for malicious code

logtrace appeared to be downloading a RAT. The malicious crate had 2 versions published on 2026-04-01 that had a total of 30 downloads. There were no crates depending on this crate on crates.io. Thanks to Socket.dev for detecting and reporting this to the crates.io team!...

`logtrace` was removed from crates.io for malicious code

logtrace appeared to be downloading a RAT. The malicious crate had 2 versions published on 2026-04-01 that had a total of 30 downloads. There were no crates depending on this crate on crates.io. Thanks to Socket.dev for detecting and reporting this to the crates.io team!...

Malicious code in @needl-ai/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1b98ae2755d0fd7d61bc3dfd378dc1bad2eadf7ef0033ba66bbf1383a711e5c The package @needl-ai/common was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2716 Malicious code in @needl-ai/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1b98ae2755d0fd7d61bc3dfd378dc1bad2eadf7ef0033ba66bbf1383a711e5c The package @needl-ai/common was found to contain malicious code. Source: ossf-package-analysis...

Ask Expert Script 跨站脚本漏洞

Ask Expert Script is an online Q&A system script for the PHP Scripts Mall community. Version 3.0.5 of the Ask Expert Script contains a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting and SQL injection vulnerabilities, which may allow unverified attackers to...

Embedded Malicious Code

Overview mgc is a Module Generate Cli Affected versions of this package are vulnerable to Embedded Malicious Code. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and the author of this package. RAT Behavior The package...

Malicious code in supervisors (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c9f99997c1443b3be7bee7a7d490d05077e1d1c48bdd801f7357881ab1a73ca0 The setup.py contains a malicious code that skips execution if the system uses Russian language. Otherwise, it downloads the URL of the next stage payload from...

Malicious code in @toprank/partner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78a6d41a400b329c496f199f979216a151264b95d960a177b3b0347e6b3cf10e The package @toprank/partner was found to contain malicious code. Source: ossf-package-analysis...