251672 matches found
MAL-2026-3815 Malicious code in @zentrafinance/types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1aa8866d3eaa828e8b575d8351ed3430237e14f71bb1af0acc90c468a7e8b8cb The package @zentrafinance/types was found to contain malicious code. Source: ghsa-malware...
Malicious code in @zentrafinance/sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95b69f41a2a81d2acb41f5d3282c7db06d5c90f40918246184ddec6e878c5ecb The package @zentrafinance/sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3819 Malicious code in apexpro-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95c8a3b29ed31b909fa4a13a8b310c4cee8f115748f7b708aeab52ab2b66fdbb The package apexpro-node was found to contain malicious code. Source: ghsa-malware e4cc91e23bb614febd12cef6d21d4456fb9cfa198c2aa76215d1b38dd820d9b4 A...
Malicious code in apexpro-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95c8a3b29ed31b909fa4a13a8b310c4cee8f115748f7b708aeab52ab2b66fdbb The package apexpro-node was found to contain malicious code. Source: ghsa-malware e4cc91e23bb614febd12cef6d21d4456fb9cfa198c2aa76215d1b38dd820d9b4 A...
MAL-2026-3816 Malicious code in apex-connector (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33a26a7f829a26ef83ab119b6d61de6109d553f0b34432bf1efb37d5f56f4064 The package apex-connector was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in apexomni-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e9d6ad71ac3eb0c091e0d70625e7daec5ed0352e8b8a4ed2273f2563aafad9 The package apexomni-node was found to contain malicious code. Source: ghsa-malware 7412ab94dec4136827a9aaa0f414452c3bbf8f23b2ea6820b29a1b4e8cc156f5...
MAL-2026-3818 Malicious code in apexomni-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24e9d6ad71ac3eb0c091e0d70625e7daec5ed0352e8b8a4ed2273f2563aafad9 The package apexomni-node was found to contain malicious code. Source: ghsa-malware 7412ab94dec4136827a9aaa0f414452c3bbf8f23b2ea6820b29a1b4e8cc156f5...
CVE-2026-24118
A flaw was found in vm2, an open-source sandbox for Node.js. This sandbox breakout vulnerability allows attackers to write malicious code that can escape the vm2 sandbox. Successful exploitation enables the execution of arbitrary commands on the host system, leading to critical system compromise...
budibase (>=0.0.3 <=0.0.31) potentially affected by CVE-2026-45715 via @budibase/server (>=0.0.1 <=0.0.9)
@budibase/server NPM version =0.0.1, =0.0.3, =0.0.31 Source cves: CVE-2026-45715 Source advisory: OSV:GHSA-FGQV-JH4G-PVG2...
NPM: Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation
NPM: Better Auth: Rate limiter keys IPv6 addresses individually and is bypassable via prefix rotation vulnerability discovered by ? in WordPress Npm better-auth versions 1.4.17...
GHSA-27W2-87XV-37C6 nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT
Impact A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches...
nimiq-keys: Unchecked Ed25519 signature length in TaggedPublicKey::verify causes remote node panic via DHT
Impact A malicious network peer can crash any Nimiq full node by publishing a crafted Kademlia DHT record containing a TaggedSigned with a signature field whose byte length is not exactly 64. When the victim node's DHT verifier calls TaggedSigned::verify, execution reaches...
MAL-2026-3802 Malicious code in @datatrain/passenger-v3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ff70d96169a200be30c83b3e37506f7abf2f377ed1d6dec8005269d98b58104 The package @datatrain/passenger-v3 was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in dowload_ebok_como_leer_el_futbol_by_ruud_gullit_8qd97 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60192fdff4e24c7d8a8a8feebf26b8aa9408dacbc59475649335e0efc03969f6 The package dowloadebokcomoleerelfutbolbyruudgullit8qd97 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3796 Malicious code in dowload_ebok_los_enemigos_del_comercio_by_antonio_escohotado_6t2l4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ecb449c7c0f418834fbc3e22c6d061ef50d4d6bdbb1e40d19fb85023be2be5f The package dowloadeboklosenemigosdelcomerciobyantonioescohotado6t2l4 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3797 Malicious code in dowload_ebok_stalking_jack_the_ripper_by_kerri_maniscalco_james_patterson_b529t (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1486e8a5f17dfc7a56252ff489f714a2ab7a0befd20da59b43d93d31f8587149 The package dowloadebokstalkingjacktheripperbykerrimaniscalcojamespattersonb529t was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3795 Malicious code in dowload_ebok_como_leer_el_futbol_by_ruud_gullit_8qd97 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60192fdff4e24c7d8a8a8feebf26b8aa9408dacbc59475649335e0efc03969f6 The package dowloadebokcomoleerelfutbolbyruudgullit8qd97 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3799 Malicious code in dowload_ebok_the_testament_of_solomon_by_king_solomon_frederick_cornwallis_conybeare_5201c (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b33d6c492e4871ad2384480820ba9bbefb5a987a0675139c6358cc58e645fd95 The package dowloadebokthetestamentofsolomonbykingsolomonfrederickcornwallisconybeare5201c was found to contain malicious code. Source: ghsa-malware...
Malicious code in jenkins-for-jira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8cad9f892c0d9dc4daa1424ece0fdaaeb28938252726be668e5880537046533 The package jenkins-for-jira was found to contain malicious code. Source: ghsa-malware 1f7a28558fe9fa734ff5ef86a48965f24b37790a53a4ec35ca344e548d3818...
MAL-2026-3786 Malicious code in browser-interaction-time-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1f501a0eb27e6959abc3bfd105408bdbd74a0f0e1f97bb22ee881dbd5d9dac6 The package browser-interaction-time-utils was found to contain malicious code. Source: ghsa-malware...