Malicious code in apple-auth-internal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f287635d5bb4ba311de3a315d8b730e159dd7dee46e68896e94f07d1b4d91860 The package apple-auth-internal was found to contain malicious code. Source: ghsa-malware...

Follow Redirects 信息泄露漏洞

Follow Redirects is an open-source Node.js module that automatically follows HTTP redirects. Versions of Follow Redirects prior to 1.16.0 had a vulnerability related to information leakage. This vulnerability occurred when HTTP requests followed cross-domain redirects, and only authorization, pro...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011339)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011339 advisory. In the Linux kernel, the following vulnerability has been resolved: HSI: omapssi: Fix refcount leak in ssiprobe When returning or breaking early from a...

PT-2026-34236

Name of the Vulnerable Software and Affected Versions Flowise versions prior to 3.1.0 Description A flaw exists in the run method of the CSV Agents class due to improper sandboxing when evaluating Python scripts generated by a Large Language Model LLM. An unauthenticated attacker can use prompt...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011237)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011237 advisory. In the Linux kernel, the following vulnerability has been resolved: rcu: Protect rcuprinttaskexpstall -exptasks access For kernels built with CONFIGPREEMPTRCU=y, the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011010)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011010 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: media: tegra-video: fix devicenode use after free At probe time this code path is...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011153)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011153 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip: Fix refcount leak in platformirqchipprobe ofirqfindparent returns a node pointer with...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013381 advisory. In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix null pointer dereferencing in ofunittestfindnodebyname when kmalloc fail to...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-010840)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010840 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracingerrlogopen Fix an issue in function...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011349)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011349 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006971)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006971 advisory. In the Linux kernel, the following vulnerability has been resolved: irqchip: Fix refcount leak in platformirqchipprobe ofirqfindparent returns a node pointer with...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006931)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006931 advisory. In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353smcprobe The break of foreachavailablechildofnod...

Embedded Malicious Code

Overview pgserve is an Embedded PostgreSQL server with true concurrent connections - zero config, auto-provision databases Affected versions of this package are vulnerable to Embedded Malicious Code that injects a credential-harvesting script that runs via postinstall on every npm install. It...

Malicious code in @serasa/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d7dc70207045632b443597fdca880203a20b38f5999520fe5c437ca65a496 The package @serasa/core was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2956 Malicious code in @serasa/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d7dc70207045632b443597fdca880203a20b38f5999520fe5c437ca65a496 The package @serasa/core was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2952 Malicious code in @settle-sea/supporting-documents (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1a578c532adf03529b20a3a434751c75d17e6c7ea31e4ca1881447db490cc78 The package @settle-sea/supporting-documents was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @settle-sea/supporting-documents (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1a578c532adf03529b20a3a434751c75d17e6c7ea31e4ca1881447db490cc78 The package @settle-sea/supporting-documents was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in bmg-web-features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95e385a0f1c1bcc075d39332c519b28aebc80cd8474cbc78baff5ce19661b85f The package bmg-web-features was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-2953 Malicious code in bmg-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26777925b4f8e199b125a969ad8c6f4e0ff672b87613b22ce2b67fe461ba218e The package bmg-web was found to contain malicious code. Source: ossf-package-analysis 27618387221affefb03509d50b0545c22b6d18574bc71aa6f218350ca5f152...

Malicious code in megabank-worklist (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f0a379223d486978f097d6f97b1d3a1fd307bb725be56c7baa2bc8ff72d297 The package megabank-worklist was found to contain malicious code. Source: ossf-package-analysis...