Malicious code in prettier-plugin-markdown-server-grunt-supercluster (npm)

The package prettier-plugin-markdown-server-grunt-supercluster was found to contain malicious code...

MAL-2025-29629 Malicious code in prettier-plugin-markdown-server-grunt-supercluster (npm)

The package prettier-plugin-markdown-server-grunt-supercluster was found to contain malicious code...

PYSEC-2025-67

A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used...

Upsonic 路径遍历漏洞

Upsonic is an AI agent framework open-sourced by Upsonic. Upsonic 0.55.6 and earlier versions have a path traversal vulnerability, the vulnerability stems from a path traversal in the function os.path.join in the file markdown/server.py...