252643 matches found
CVE-2026-34725
DbGate (multi-platform: web and Electron desktop) contains a stored XSS in the icon rendering path impacting versions 7.0.0–7.1.5. Attacker-controlled SVG icons stored as applicationIcon are rendered without sanitization, enabling script execution in another user’s browser (web UI) and, in Electr...
Malicious code in expeewas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcb3aafc860058ba4e9a64c6fa7dba85b7df72d68971ef7c673245e4ac02820f The package expeewas was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2439 Malicious code in expeewas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcb3aafc860058ba4e9a64c6fa7dba85b7df72d68971ef7c673245e4ac02820f The package expeewas was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in pro-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 508e68df7788049a51c684d3038db25fb043a5dda88579108c5eb49eacbfff95 The package pro-express was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2445 Malicious code in pro-express (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 508e68df7788049a51c684d3038db25fb043a5dda88579108c5eb49eacbfff95 The package pro-express was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2441 Malicious code in expirs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86105842d926ee95e61ae8adf0d4506cbc55c9510189208ee33d511806f2c5ef The package expirs was found to contain malicious code. Source: ossf-package-analysis d82cf6807fa6c011a17d3f4e8bf8af1e3e935a3d79ab1420356fd87d3f2567d...
MAL-2026-2437 Malicious code in exaprse (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6cac7f3a62099b4980a3948c78a3a231085dece3eac1d5ca3aa0bc3b0d102e5 The package exaprse was found to contain malicious code. Source: ossf-package-analysis e6b772ab3336f1923332b7f4042b5daa8ea5fdef08b605e35f6410c40f6a25...
Malicious code in exszpe3szs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67f15551a64777edf23687b4e056220380ac9501b76e432e33f9d93f5aecf2d3 The package exszpe3szs was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2435 Malicious code in 4xperss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6de1a8af1dbe21de2e06785a6a5e41a438f356fe440c8b121b808975ef95f5fe The package 4xperss was found to contain malicious code. Source: ossf-package-analysis d8cb27dbe58e29571ce6b777903222af9497b79676e8301021d03f159c5d77...
Malicious code in 4exepreds (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713fcab117c3d896c25c79498daded14d2b7d69baecb99c233703f421caaca26 The package 4exepreds was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2434 Malicious code in 4exepreds (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 713fcab117c3d896c25c79498daded14d2b7d69baecb99c233703f421caaca26 The package 4exepreds was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in eixp4ressz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ba71706cf48badd366c9b3be4d6645698df1943a258c9f768f2b63c1b9ce7f The package eixp4ressz was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2436 Malicious code in eixp4ressz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ba71706cf48badd366c9b3be4d6645698df1943a258c9f768f2b63c1b9ce7f The package eixp4ressz was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in experedzss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f70a37180c88f0ddd0cc94346d4bb7703667321771ecc6de6c9c74f03a77f464 The package experedzss was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2440 Malicious code in experedzss (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f70a37180c88f0ddd0cc94346d4bb7703667321771ecc6de6c9c74f03a77f464 The package experedzss was found to contain malicious code. Source: ossf-package-analysis...
perl-YAML-Syck: YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high-severity heap buffer overflow in the YAML emitter
Multiple security issues have been discovered in the perl YAML::Syck module. A heap overflow occurs when class names exceed the initial 512-byte allocation, a base64 decoder could read past the buffer end on trailing newlines. strtok mutated n-typeid in place, corrupting shared node data, and a...
MAL-2026-2424 Malicious code in bytefrontier-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a29cf25347b160fe6625e86e0df46723174e739cebc771b5d08eab295a68aae The package bytefrontier-sdk was found to contain malicious code. Source: ghsa-malware 6f9b7385e8f58c8b6fad1067fb18e542229655e25153a257aaad92c7a9cc96...
Malicious code in partner-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf0b992863c06f797a9dddef6a493b0391094c9a2ae31fec47e961dd1afdf562 The package partner-tracker was found to contain malicious code. Source: ghsa-malware cfd28d767cd7e0db43c5c52d0b219663552acd6a5f60a34795736624c5cb612...
MAL-2026-2427 Malicious code in partner-tracker-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abcff950068cf454cf07ead8614f95dd6291f4204f72ada102c7b4c3d72c0cd1 The package partner-tracker-api was found to contain malicious code. Source: ghsa-malware...
Malicious code in vv-ftend-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3096bbbc1b06c1a0df854ff812112a3d902b8a5c8926880c146f8b36e8497897 The package vv-ftend-core was found to contain malicious code. Source: ghsa-malware 31aa4449ee3c83b67dd8e118498746b83b9b02e0d8fe6c095f6d08f6c7a9b62e...