251470 matches found
browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler
Summary The HTTP handler /log in lib/server.js lines 491–515 of browserstack-runner passes unauthenticated user-supplied data to vm.runInNewContext combined with eval, enabling a sandbox escape and arbitrary code execution on the host system. Details When browserstack-runner starts, it creates an...
malla: Stored XSS via Meshtastic node names in multiple frontend pages
Node names longname, shortname received via MQTT are stored in SQLite without sanitization and rendered into the DOM without escaping. Any participant on a public Meshtastic MQTT broker can set a malicious node name that executes JavaScript in the browser of every Malla dashboard visitor. Affecte...
GHSA-CH57-39Q2-4CRM malla: Stored XSS via Meshtastic node names in multiple frontend pages
Node names longname, shortname received via MQTT are stored in SQLite without sanitization and rendered into the DOM without escaping. Any participant on a public Meshtastic MQTT broker can set a malicious node name that executes JavaScript in the browser of every Malla dashboard visitor. Affecte...
MAL-2026-5179 Malicious code in chai-midpatch (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4deffa7a98fc055452391610a3ab832bace310cf34ecc058287f45cab02c656c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security update 5.0.8 for Multi-Linux Manager Client Tools
This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248707 golang-github-prometheus-nodeexporter was updated from version 1.5.0 to 1.10.2: Security Fixes: Version 1.9.1:...
Security update 5.0.8 for Multi-Linux Manager Client Tools
This update fixes the following issues: prometheus-postgresexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCounter bsc1248699 golang-github-QubitProducts-exporterexporter: Security Fixes: CVE-2022-21698: Fixed denial of service using InstrumentHandlerCount...
MAL-2026-5175 Malicious code in webpack-json (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd3559fc62e362d5e4d5068126317096f7e2e483d97bba9f59e192a9d49a363 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Optimize AI Inference: Real-Time NodeBalancers Metrics for AI Workloads
...
ROOT-APP-NPM-CVE-2022-24772 CVE-2022-24772 in @rootio/node-forge - Patched by Root
Root has patched CVE-2022-24772 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-33896 CVE-2026-33896 in @rootio/node-forge - Patched by Root
Root has patched CVE-2026-33896 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-66031 CVE-2025-66031 in @rootio/node-forge - Patched by Root
Root has patched CVE-2025-66031 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-12816 CVE-2025-12816 in @rootio/node-forge - Patched by Root
Root has patched CVE-2025-12816 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-33894 CVE-2026-33894 in @rootio/node-forge - Patched by Root
Root has patched CVE-2026-33894 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2022-24771 CVE-2022-24771 in @rootio/node-forge - Patched by Root
Root has patched CVE-2022-24771 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-33891 CVE-2026-33891 in @rootio/node-forge - Patched by Root
Root has patched CVE-2026-33891 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2020-7720 CVE-2020-7720 in @rootio/node-forge - Patched by Root
Root has patched CVE-2020-7720 in the @rootio/node-forge package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-27903 CVE-2026-27903 in @rootio/minimatch - Patched by Root
Root has patched CVE-2026-27903 in the @rootio/minimatch package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-42039 CVE-2026-42039 in @rootio/axios - Patched by Root
Root has patched CVE-2026-42039 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-42043 CVE-2026-42043 in @rootio/axios - Patched by Root
Root has patched CVE-2026-42043 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-42037 CVE-2026-42037 in @rootio/axios - Patched by Root
Root has patched CVE-2026-42037 in the @rootio/axios package for Root:npm. Multiple fixed versions available...