CVE-2026-45248 Hedera Guardian Authentication Bypass Information Disclosure

Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information. Attackers can access the endpoint without providing authentication credentials to obtain...

MAL-2025-37389 Malicious code in twu-registered-users-data-service (npm)

The package twu-registered-users-data-service was found to contain malicious code...