GHSA-298W-VVM4-WW55 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

GHSA-298W-VVM4-WW55 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, wazuh-dashboard-fips, opensearch-dashboards-fips, wazuh-dashboard...

Malicious Package

Overview opensearch-config-utility is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

Malicious Package

Overview opensearch-security-scanner is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between tho...

Malicious Package

Overview opensearch-setup-tool is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

Typosquatted npm packages used to steal cloud and CI/CD secrets

In this article 1. Attack chain overview 1. The lure: typosquats and spoofed metadata 2. Execution: npm lifecycle hook abuse 3. Gen-1 stager: HTTP C2 beacon and payload drop 4. Gen-2 stager: abusing the legitimate Bun runtime as a loader 5. Credential theft 6. Impact and blast radius 2. Mitigatio...

ROS-20260529-73-0023

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

ROS-20260529-73-0001

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

ROS-20260529-73-0021

The vulnerability in opensearch relates to the use of a name with an incorrect link. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

ROS-20260529-73-0002

The vulnerability in opensearch relates to the use of a name with an incorrect link. Exploiting this vulnerability could allow a perpetrator to cause a service failure...

ROS-20260529-73-0022

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

ROS-20260529-73-0024

The vulnerability in opensearch is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

GHSA-QP7P-654G-CW7P vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse...

CVE-2026-44458 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse...

GHSA-76P7-773F-R4Q5 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

CVE-2026-44459 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse...

GHSA-HM8Q-7F3Q-5F36 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse...

GHSA-X7HR-W5R2-H6WG vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

CVE-2026-44457 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, langfuse...

CVE-2024-11831 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...