4876 matches found
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 React2Shell — Security Analysis Overview...
PT-2026-30388
Breaking CyberSecurity News For 2026.04.04 | Pithy Cyborg | Threats. Breaches. Intel. ➔ Google patched CVE-2026-5281, a use-after-free bug in Dawn WebGPU, marking the fourth Chrome zero-day exploited in the wild this year. Affected versions were updated to 146.0.7680.177/178 for Windows, macOS, a...
3box-orbitdb-plugins (>=2.0.0 <=2.1.2), 3id-connect (>=0.1.0 <=1.0.0-beta.15) +2246 more potentially affected by unknown CVE via @stablelib/ed25519 (>=0.7.2 <=1.0.3)
@stablelib/ed25519 NPM version =0.7.2, =2.0.0, =0.1.0, =1.0.0-alpha.6, =0.1.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.0.1, =1.0.21, =1.0.42, =0.0.1, =0.1.0, =1.0.0, =1.10.4 and more Source cves: unknown CVE Source advisory: OSV:GHSA-X3FF-W252-2G7J...
Payload 跨站请求伪造漏洞
Payload is a headless CMS and application framework built using TypeScript, Node.js, React, and MongoDB. Versions of Payload prior to 3.79.1 contained a cross-site request forgeing vulnerability. This vulnerability arises from the cross-site request forgeing protection in the authentication...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell CVE-2025-55182 POC High Fidelity Detection & Expl...
Exploit for Deserialization of Untrusted Data in Facebook React
No d...
@clerk/agent-toolkit (>=0.3.1-canary.v20260303211310 <=0.3.16-snapshot.v20260416221307), @clerk/astro (>=3.0.1-canary.v20260303211310 <=3.0.19-canary.v20260422163039) +9 more potentially affected by CVE-2026-34076 via @clerk/backend (>=3.0.0 <=3.2.3-snapshot.v20260327200941)
@clerk/backend NPM version =3.0.0, =0.3.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310, =0.0.3-canary.v20260303211310, =7.0.1-canary.v20260303211310, =2.0.1-canary.v20260303211310, =3.0.1-canary.v20260303211310,...
Malicious Package
Overview react-card-security-code is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview react-expiry-date is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
07-calito-router (>=0.0.2 <=0.0.4), 07-dey-router (>=0.0.1 <=0.0.2) +985 more potentially affected by CVE-2026-4923 via path-to-regexp (>=8.0.0 <=8.3.0)
path-to-regexp NPM version =8.0.0, =0.0.2, =0.0.1, =0.0.0, =0.0.1, =0.0.1, =0.0.0, =0.0.1, =0.0.2, =0.0.1-alpha.2, =0.0.1-alpha.1, =4.0.61, =4.0.61, =0.0.1, =0.3.1, =0.3.4 and more Source cves: CVE-2026-4923 Source advisory: SNYK:JS-PATHTOREGEXP-15789765...
MAL-2026-2214 Malicious code in react-autolink-text (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 402f7d8c6db956de1c20cce1c23b9d2585a9210f6aae7859acb956fb66728010 The package react-autolink-text was found to contain malicious code. Source: google-open-source-security...
MAL-2026-2215 Malicious code in react-leaflet-marker-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b37a04b363c4392e401d85320c748dab98c13ff46c74624f21aaa70091b8ae6 The package react-leaflet-marker-layer was found to contain malicious code. Source: google-open-source-security...
Malicious code in react-autolink-text (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 402f7d8c6db956de1c20cce1c23b9d2585a9210f6aae7859acb956fb66728010 The package react-autolink-text was found to contain malicious code. Source: google-open-source-security...
Malicious code in react-leaflet-marker-layer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b37a04b363c4392e401d85320c748dab98c13ff46c74624f21aaa70091b8ae6 The package react-leaflet-marker-layer was found to contain malicious code. Source: google-open-source-security...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 RSC lab intentionally vulnerable Local Doc...
MAL-2026-2159 Malicious code in @eric-orderbuddyinfo/react-noval (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae5f280b7537acc7eb9e1d8c12acdd2142bb02e391be55b2157ed90eb2044d06 The package @eric-orderbuddyinfo/react-noval was found to contain malicious code. Source: ghsa-malware...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in React (CVE-2018-6341)
Summary A vulnerability in React that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2018-6341 DESCRIPTION: React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack...
Malicious code in react-native-forter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff4ae821a2636c10a3e19afaaf78823613bcedf143d91c79cbdec29f20b00654 The package react-native-forter was found to contain malicious code...
MAL-2026-2386 Malicious code in react-native-forter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff4ae821a2636c10a3e19afaaf78823613bcedf143d91c79cbdec29f20b00654 The package react-native-forter was found to contain malicious code...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell-PoC-C...