2 matches found
MAL-2026-10424 Malicious code in terminal-mascot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3fdf1ac60d0060cb78970c884bcfa7bb5360d9f700c0f8992b66af09cce22ae [email protected] ships a postinstall script install-check.cjs that resolves a bundle URL from a remote JSON config at...
CVE-2026-41132
CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, the configured SMTP server may be spoofed with any certificate e.g. self-signed, leaving credentials and all emails sent open to MITM attacks. This vulnerability is fixed in...