@4via6/relay (>=1.0.0 <=1.1.3), @axonpush/wizard (>=0.0.1 <=0.0.4) +12 more potentially affected by CVE-2026-24052 via @anthropic-ai/claude-code (>=0.2.126 <=1.0.108)

@anthropic-ai/claude-code NPM version =0.2.126, =1.0.0, =0.0.1, =0.0.55, =1.0.0, =0.0.1, =0.0.1, =1.8.0, =0.1.51, =1.4.0, =0.0.1, =0.0.1, =0.0.5 Source cves: CVE-2026-24052 Source advisory: OSV:GHSA-VHW5-3G5M-8GGF...

Malicious code in cors-relay-mini-css-extract-plugin-winston (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b5d4138a7e858f7a94edc8c60c8746ad366a44ba1f9fafa3a7461ac2cca612 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123747

Malicious code in phoebe-pyxis-cassini-relay npm...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the dhcp3-relay package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the dhcp-relay package of the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...