44 matches found
CVE-2026-54100
CVE-2026-54100 affects the Windows Machine Config Operator (WMCO) used with Red Hat OpenShift Container Platform. The flaw is that WMCO establishes SSH connections to Windows worker nodes without verifying the remote host key, enabling an adjacent-network attacker who can intercept or redirect WM...
CVE-2026-33696
n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.27, an authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the XML and the GSuiteAdmin nodes. By supplying a crafted parameters as part...
n8n: SQL Injection in MySQL, PostgreSQL, and Microsoft SQL nodes
Impact An authenticated user with permission to create or modify workflows and access to a database credential could unknowingly create a workflow that was vulnerable to SQL injection, even while expecting inputs to be handled safely through escaped parameters. By supplying specially crafted tabl...
Malicious code in lyra-nebula-node-config-terser-webpack-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71da1d08ee103264b969b081db8fc81219689df4fcc9605329c81bbdd888fe5d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177573
Malicious code in node-config-phoenix-regulus-html-webpack-plugin npm...
EUVD-2025-177007
Malicious code in prompts-capella-node-config-biomimicry npm...
EUVD-2025-122652
Malicious code in repository-loglevel-node-config-react-bootstrap npm...
EUVD-2025-124446
Malicious code in nightwatch-node-config-node-config-scorpius npm...
EUVD-2025-124420
Malicious code in node-config-antares-wasat-mongodb npm...
EUVD-2025-124406
Malicious code in node-config-miranda-cosmiconfig-eslint-plugin npm...
EUVD-2025-113247
Malicious code in geckodriver-hexo-node-config-element-ui npm...
EUVD-2025-114347
Malicious code in dotenv-safe-nconf-gemini-vortex npm...
EUVD-2025-115828
Malicious code in cache-ophiuchus-node-config-browserify npm...
EUVD-2025-116792
Malicious code in algol-stream-node-config-enif npm...
Malicious code in html-webpack-plugin-slides-bunyan-node-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a6907b6287280cdd51be770f95a0016abb5804f689916408a57db5104aff9b2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nightwatch-node-config-node-config-scorpius (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c474c424b69fafd765d12e27755c0381c66b0f348f254abc2bd4a1dc5aa1273c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-114540
Malicious code in dependencies-hugo-phenomic-node-config npm...
EUVD-2025-112649
Malicious code in hyperion-aldebaran-node-config-cross-env npm...
EUVD-2025-113517
Malicious code in fork-publish-node-config-mini-css-extract-plugin npm...
Malicious code in node-config-elektra-europa-algol (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bbad3bcef8552d9ffedbf59cdda4c8d140d5c90b5855ac9c0ab6b25ad2da7c30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...