@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +121 more potentially affected by unknown CVE via @tanstack/start-storage-context (>=1.121.0-alpha.28 <=1.166.4)

@tanstack/start-storage-context NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3492...

@use-pico/client (>=4.0.45 <=4.1.52), @use-pico/common (>=4.0.20 <=4.1.52) +1 more potentially affected by unknown CVE via @tanstack/zod-adapter (>=1.112.13 <=1.129.2)

@tanstack/zod-adapter NPM version =1.112.13, =4.0.45, =4.0.20, =4.0.16, =4.1.52 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3501...

@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +92 more potentially affected by unknown CVE via @tanstack/react-start-server (>=1.121.0-alpha.28 <=1.166.52)

@tanstack/react-start-server NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3471...

@alivault/pico (>=0.1.0 <=0.1.2), @argus-vrt/web (=0.1.0) +29 more potentially affected by CVE-2026-45321 via @tanstack/router-ssr-query-core (>=1.121.0-alpha.28 <=1.168.0)

@tanstack/router-ssr-query-core NPM version =1.121.0-alpha.28, =0.1.0, =0.0.4, =1.0.0, =0.1.0, =1.121.0-alpha.28, =1.133.19, =1.140.0, =0.2.4, =0.0.1, =0.1.0-alpha.1, =0.1.0-alpha.2 and more Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKROUTERSSRQUERYCORE-16640223...

EUVD-2026-28149

A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The...

Benchmarking Post-Quantum Cryptography on Resource-Constrained IoT Devices: ML-KEM and ML-DSA on ARM Cortex-M0+

The migration to post-quantum cryptography is urgent for Internet of Things devices with 10-20 year lifespans, yet no systematic benchmarks exist for the finalised NIST standards on the most constrained 32-bit processor class. This paper presents the first isolated algorithm-level benchmarks of...

CVE-2005-1626

Multiple buffer overflows in handlers.c for Pico Server pServ before 3.3 may allow attackers to execute arbitrary code...

CVE-2025-49348

Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through = 1.0.5...

EUVD-2025-202043

Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through = 1.0.5...

CVE-2025-49348

Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through = 1.0.5...

PT-2025-49984

Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype: from n/a through = 1.0.5...

WordPress plugin Hype pico 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Malicious code in pico-uid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea7b37b73a502fca8e0834485805f85161a0b6324f046227c52eaf62f81cbe61 The package pico-uid was found to contain malicious code. Source: ghsa-malware 7dfd9eb3d97c6b6064779eb385892814fd6b36cc5292943e4cd81e254668ee79 Any...

EUVD-2025-199057

Malicious code in pico-uid npm...

axios-basic-logger (=1.0.0), react-micromodal.js (=1.0.0) potentially affected by unknown CVE via pico-uid (=1.0.2)

pico-uid NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on pico-uid and may be impacted: - axios-basic-logger =1.0.0 - react-micromodal.js =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190986...

MAL-2025-190986 Malicious code in pico-uid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea7b37b73a502fca8e0834485805f85161a0b6324f046227c52eaf62f81cbe61 The package pico-uid was found to contain malicious code. Source: ghsa-malware 7dfd9eb3d97c6b6064779eb385892814fd6b36cc5292943e4cd81e254668ee79 Any...

axios-basic-logger (=1.0.0), react-micromodal.js (=1.0.0) potentially affected by unknown CVE via pico-uid (=1.0.2)

pico-uid NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on pico-uid and may be impacted: - axios-basic-logger =1.0.0 - react-micromodal.js =1.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-PICOUID-14103684...

EUVD-2005-1369

Malware in sbrugna...

EUVD-2005-1629

Malware in sbrugna...

EUVD-2005-1370

Malware in sbrugna...