5 matches found
MAL-2025-71827 Malicious code in ade-klipo26-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43cc1cdeafddf8c2dc5d096394bd3d57d953f0fb868cdef5c28b4130b2170c97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-59333
The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...
CVE-2025-59333 @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...
CVE-2025-59333 @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...
MAL-2024-11498 Malicious code in windowsversionupdate (npm)
--- -= Per source details. Do not edit below this line.=-...