Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-50016

A flaw was found in pnpm, a package manager. This vulnerability allows a malicious registry package to include specially crafted dependency aliases that contain path traversal segments. During the installation process, pnpm incorrectly processes these aliases, which can lead to the replacement of...

8.8CVSS6.2AI score0.00326EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2026/04/29 9:19 p.m.10 views

@regis-samurai/n8n (>=0.216.1 <=0.219.1), n8n-nodes-accelo (>=0.1.0 <=0.1.9) +11 more potentially affected by CVE-2026-42236 via n8n (>=0.138.0 <=0.93.0)

n8n NPM version =0.138.0, =0.216.1, =0.1.0, =0.18.0, =0.1.0, =0.1.0, =0.2.14, =0.1.0, =0.1.0, =0.0.2, =0.0.2, =1.1.3 Source cves: CVE-2026-42236 Source advisory: OSV:GHSA-49M9-PGWW-9VQ6...

8.7CVSS5.8AI score0.00487EPSS
Exploits0
OSV
OSV
added 2025/11/12 7:18 p.m.2 views

MAL-2025-177632 Malicious code in polymer-afaj-ratfdaf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4ed485e9c2c410258413bb5edc623ace3ce92ecd543a408c0e21178ef486ef8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.3 views

Malicious code in lookingan-namala3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15eea16f6ad91a63b2534420071c2c113cabc16b11b31a138f5eb0d1714d5eff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 8:46 p.m.0 views

MAL-2025-127429 Malicious code in intact_impala_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 86d42dcde7210aecdaa2cc59df9c5cef75f7ef02c317cb45bfdb386e83b93c17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 7:16 a.m.3 views

Malicious code in dian-gado-gado9-remi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fa89b1ea63766c588f96964ff3bb5d8015ed1cb00e2c9bbb0d6b36dbf7267d9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 3:48 a.m.2 views

MAL-2025-80959 Malicious code in responsible_bovid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f93337923ddcba647ed0965762c5b66f0c5ab1e4ba3b71f9e70eee986b04eb26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder