auto_exploiter

Auto-Exploiter Framework ⚠️ LEGAL DISCLAIMER — Authorised...

Malicious Package

Overview oci-console-plugin-registry is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in @zalastax/nolb-_phoenix-plugin-registry_x (npm)

The package @zalastax/nolb-phoenix-plugin-registryx was found to contain malicious code...

MAL-2025-10319 Malicious code in @zalastax/nolb-_phoenix-plugin-registry_w (npm)

The package @zalastax/nolb-phoenix-plugin-registryw was found to contain malicious code...

Exposes reference to non-Sync data to an arbitrary thread

Affected versions do not enforce a Sync bound on the type of caller-provided value held in the plugin registry. References to these values are made accessible to arbitrary threads other than the one that constructed them. A caller could use this flaw to submit thread-unsafe data into inventory,...

@phoenix-plugin-registry/hirse.ungit (=0.8.3), hirse.ungit (>=0.4.1 <=0.8.3) potentially affected by CVE-2022-25766 via ungit (>=1.1.22 <=1.5.2)

ungit NPM version =1.1.22, =0.4.1, =0.8.3 Source cves: CVE-2022-25766 Source advisory: SNYK:JS-UNGIT-2414099...