251989 matches found
EUVD-2026-22089
A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details Panel. The manipulation results in cross site scripting. The attack may be performed from remote. The vendor was contacted early about this...
Exploit for Code Injection in Flowiseai Flowise
CVE-2025-59528 – Flowise CustomMCP Node RCE PoC !Visitors...
CVE-2026-40073
SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, under certain circumstances, requests could bypass the BODYSIZELIMIT on SvelteKit applications running with adapter-node. This bypass does not affect body size limits at other layers...
CVE-2025-3756
The vulnerability CVE-2025-3756 affects the IEC 61850 command handling in System 800xA products, specifically the PM 877, CI850, and CI868 modules, and impacts S+ Operations connectivity. A specially crafted IEC 61850 packet can force the affected interfaces into fault mode or render the S+ Opera...
Malicious Package
Overview upstart-offer-container is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Malicious Package
Overview paysafe-google-pay is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview paysafe-card-payments is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @spreadjs/js-calc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7909a65c6a2c928f12a2333a6e1c53c7dea90685fe7b2be35f120654a6f86d7 The package @spreadjs/js-calc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2592 Malicious code in @relxui/react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b91a4fd21ef12fb1580ab9240c8b51f39c0ba26d19b683ebcac2d86ed7936e78 The package @relxui/react was found to contain malicious code. Source: ghsa-malware 1a95206a60abfe74a108e76e52361543b36e7d78ff34a1273b5cf4c1bb183d1f...
Malicious Package
Overview @sap-px/pxapi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @relxui/react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b91a4fd21ef12fb1580ab9240c8b51f39c0ba26d19b683ebcac2d86ed7936e78 The package @relxui/react was found to contain malicious code. Source: ghsa-malware 1a95206a60abfe74a108e76e52361543b36e7d78ff34a1273b5cf4c1bb183d1f...
Malicious Package
Overview @spreadjs/js-calc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @relxui/react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview gp-auth-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
MAL-2026-2584 Malicious code in @hpcc/js-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66d87d26a2f328414129f2abca4fe30a3f49afcefc1734ff29504b30e8e5e538 The package @hpcc/js-api was found to contain malicious code. Source: ghsa-malware baed13149b187a8ebee8b70891d8c38114a2f8c25e0048e5f2524ae8cb61217e A...
Malicious Package
Overview @ascend-ops/web-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in @bokehjs/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c6f4339e19ee914380a69c5c69b600db7df1412b41db50a539eb87db984f68c The package @bokehjs/core was found to contain malicious code. Source: ghsa-malware 6e18981ac8adec7cb489a1be8841f5f6862c8f1298c570346d5210c99dd275fe...
MAL-2026-2575 Malicious code in @ascend-ops/web-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ec262f68b9b9bd081ce675c1eb28e56c6c630c03cf1ecb680e5b56035f0aaa The package @ascend-ops/web-client was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2574 Malicious code in @amplify-js/datastore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a31c933f191cd94be3e10adb951ed57652fe41955589d37ce8c200c96256f36e The package @amplify-js/datastore was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2578 Malicious code in @bokehjs/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c6f4339e19ee914380a69c5c69b600db7df1412b41db50a539eb87db984f68c The package @bokehjs/core was found to contain malicious code. Source: ghsa-malware 6e18981ac8adec7cb489a1be8841f5f6862c8f1298c570346d5210c99dd275fe...