70 matches found
CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membranemp4plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.toatom/1 without validation...
CVE-2026-53423
CVE-2026-53423 affects membrane_mp4_plugin (Elixir/Membrane) from version 0.3.0 up to
EEF-CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Summary Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane\mp4\plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.to\atom/1 without validation...
CVE-2026-53423 Unauthenticated denial-of-service via BEAM atom table exhaustion in membrane_mp4_plugin
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membranemp4plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.toatom/1 without validation...
PT-2026-48648
Allocation of Resources Without Limits or Throttling vulnerability in membraneframework membrane mp4 plugin allows unauthenticated denial-of-service via BEAM atom table exhaustion. The MP4 box header parser converts each 4-byte box name to an atom using String.to atom/1 without validation...
EUVD-2025-179099
Malicious code in epimetheus-loglevel-membrane-solarnebula npm...
Malicious code in sadr-membrane-slides-meteor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9f5afa3f0909d32cb9061af02d912fe9587dcc198b2456101683b37f285bbb7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176496
Malicious code in scorpius-elara-membrane-brane npm...
EUVD-2025-177112
Malicious code in polaris-juno-taphonomy-membrane npm...
Malicious code in ganymede-flare-aurora-membrane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0243563bbd76210b34b5e68a36b4784afe93fd2191c332071ac47dab89494808 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185945 Malicious code in bunyan-cosmicray-membrane-terser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4471f65172659b77e077d6695a1c3d2f3f22eaa42d8c5b536dbe439b313924 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176570
Malicious code in sadr-membrane-slides-meteor npm...
EUVD-2025-179234
Malicious code in duplex-parcel-nodejs-membrane npm...
EUVD-2025-176320
Malicious code in soap-membrane-thermosphere-eridanus npm...
EUVD-2025-179937
Malicious code in bunyan-cosmicray-membrane-terser npm...
Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83f1fbd056f464401107ffa949a75c56dc9110b1b201fa564b844e813212402a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179040
Malicious code in eslint-plugin-eslint-sails-membrane npm...
EUVD-2025-176002
Malicious code in terser-webpack-plugin-delphinus-membrane-cryovolcano npm...
Malicious code in polaris-juno-taphonomy-membrane (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57aadb0c6fc2fa048e9640b5186c58a3bf3c7e138f166b104d24916c8d7d6286 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in epimetheus-loglevel-membrane-solarnebula (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3882f96f6ba94008491b8b2d879161bdb319ae0eee595576b6f91e29c1b50df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...