MAL-2026-4483 Malicious code in arnext-arkb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87f9eda6644870362103de6f3bf1877efb1039c4b2b771343bcf6c38f216ecc0 package.json declares "preinstall": "./bin/install-deps", which points at a 976,568-byte Linux x86-64 ELF executable shipped in the tarball with no...

Malicious code in wdb-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05323f987b64131618be124040867a2acb216aef96952a6a3dfc11c615501500 package.json declares "preinstall": "./dist/runtime.node", causing npm to spawn the shipped file as an executable on every install on Linux. Despite...

Malicious code in wdb-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...

Malicious code in cwao-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 821b56cf14d7125df010804baf204325703e58d8f238fc0f219bf82652d99f31 package.json declares "preinstall": "./scripts/postbuild", and scripts/postbuild is a 976,568-byte stripped Linux x86 ELF sha256 36abd242…. The packa...

MAL-2026-4480 Malicious code in aonote (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df30872a579b6ce2419993ff9bad621f42347097dd43551a26583223e6a98a7b package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976KB UPX-packed Linux x86-64 ELF sha256 36abd242... shipped ...

Malicious code in aonote (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df30872a579b6ce2419993ff9bad621f42347097dd43551a26583223e6a98a7b package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976KB UPX-packed Linux x86-64 ELF sha256 36abd242... shipped ...

Malicious code in @tailwind-core/oxide-linux-x64-gnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a107a0746f2f5159d661e4d332eac53f871b9d22f80caf5863bdd713e252ae00 The package name '@tailwind-core/oxide-linux-x64-gnu' impersonates the legitimate Tailwind CSS v4 oxide engine package...

Malicious code in @tailwind-core/oxide-win32-x64-msvc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d93cb69a6f12f5739ab03d78641f2a79179750b6182f65ba5b8fb8ec4a1399bc The package name @tailwind-core/oxide-win32-x64-msvc impersonates the legitimate Tailwind CSS scope @tailwindcss published by tailwindlabs. The READM...

Malicious code in ctf-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e47981485066b674150cc4d9d3709e41707e69111f188e54e772becc7349ab89 The package states to contain a modified curl library to allow low-level request modifications. However, there is also undisclosed malicious behavior: 1. The...

Security update for php7

This update for php7 fixes the following issues: Security fixes: CVE-2025-14178: heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE bsc1255711. Other fixes: Add all php7 packages to PackageHUB unsupported, no source changes...

CVE-2025-41086

Vulnerability in the access control system of the GAMS licensing system that allows unlimited valid licenses to be generated, bypassing any usage restrictions. The validator uses an insecure checksum algorithm; knowing this algorithm and the format of the license lines, an attacker can recalculat...

WSDL Import Failed

WSDL schema file could not be imported and cannot be used during the scan. No source data...

WSDL Import Success

WSDL schema file was successfully imported and can be used during the scan. No source data...

Agent2Agent (A2A) Card Detected

This is an informational notice that the scanner was able to detect an Agent2Agent A2A card on the target server. No source data...

GraphQL Import Failed

GraphQL schema file could not be imported and cannot be used during the scan. No source data...

ConnectWise ScreenConnect Detected

This is an informational notice that the scanner was able to detect a ConnectWise ScreenConnect instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

RustDesk Console Detected

RustDesk is a mote access and control software that enables management of computers and other devices. RustDesk server Pro embeds a web console allowing users to browse devices and perform configuration modification on the application. By leveraging this, a remote and unauthenticated attacker cou...

Pritunl Detected

This is an informational notice that the scanner was able to detect an Printunl Enterprise VPN Server on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

Apache Guacamole Detected

This is an informational notice that the scanner was able to detect an Apache Guacamole instance on the target server. Note that this detection is included in the Remote Access Tools category. No source data...

Docker Public Registry Detected

This is an informational notice that the scanner was able to detect a public Docker registry instance. No source data...