Malicious code in msal-browser-1p (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b048f9df96df1367009fbcb80c4ad7b3ed89133bfe1fd86324c74e1c2d681c81 The package msal-browser-1p was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-3419 Malicious code in msal-browser-1p (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b048f9df96df1367009fbcb80c4ad7b3ed89133bfe1fd86324c74e1c2d681c81 The package msal-browser-1p was found to contain malicious code. Source: ossf-package-analysis...

Fedora 44 : python-msal (2026-64b1c7aa6b)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-64b1c7aa6b advisory. Update to v1.36.0 Full changelog: https://github.com/AzureAD/microsoft-authentication-library-for-python/releases/tag/1.36.0 Tenable has extracted the...

Fedora 43 : python-msal (2026-891d8718e7)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-891d8718e7 advisory. Update to v1.36.0 Full changelog: https://github.com/AzureAD/microsoft-authentication-library-for-python/releases/tag/1.36.0 Tenable has extracted the...

org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:azure__msal-node (=1.5.0) +7 more potentially affected by CVE-2025-65945 via org.webjars.npm:jws (>=3.2.2 <=4.0.0)

org.webjars.npm:jws MAVEN version =3.2.2, =1.6.1, =2.3.2, =5.5.4, =0.0.1, =1.0.0 Source cves: CVE-2025-65945 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14188254...

Malicious Package

Overview eslint-plugin-custom-msal-w is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

EUVD-2024-1332

Malicious code in bioql PyPI...

Malicious code in msal-node2 (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in msal-node1 (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-41393 Malicious code in msal-node1 (npm)

The package communicates with a domain associated with malicious activity...

CVE-2024-27086

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

CVE-2024-27086 MSAL.NET applications targeting Xamarin Android and .NET Android (MAUI) susceptible to local denial of service

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android e.g., MAUI using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer...

CVE-2024-27086

MSAL.NET for Xamarin Android and .NET Android (MAUI) is affected when using versions 4.48.0–4.60.0, due to an incorrect activity export configuration that can allow a local attacker on the device to cause a denial of service and block user login to affected apps. The vulnerability is classed as L...

MAL-2022-4722 Malicious code in msal-react-quickstart (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83dccba5ab95740ba60dc18619f1d94c4103d62925326a49c2b5db5be00cce01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in msal-react-quickstart (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83dccba5ab95740ba60dc18619f1d94c4103d62925326a49c2b5db5be00cce01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in msal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e629627b7937f8d6f569de9b7ca1983194dd52f6d325a6d52fd1b69a678fc43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4721 Malicious code in msal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e629627b7937f8d6f569de9b7ca1983194dd52f6d325a6d52fd1b69a678fc43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2019-1487

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library MSAL 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'...

CVE-2019-1487

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library MSAL 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'...

Information disclosure

An information disclosure vulnerability in Android Apps using Microsoft Authentication Library MSAL 0.3.1-Alpha or later exists under specific conditions, aka 'Microsoft Authentication Library for Android Information Disclosure Vulnerability'...