Malicious code in supply-hx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 731dffe7bbd70b529730211e15a152420c28b79f76935d387ccff327ef587a5e The package supply-hx was found to contain malicious code. Source: ghsa-malware 0429944ee7a172b223c738e5da756b2a0713f9dc076dd13047a5726ee2528bb0 Any...

Malicious code in wordpecker-fx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d02b17de27c1b9af727c67a5b24127118687a1ba6ce1c11e7aa7eb0f268fc741 The package wordpecker-fx was found to contain malicious code. Source: ghsa-malware 402a742fcb1e315f799df41aa02111a85a415621d90b7e15ebc3d2398f528e92...

MAL-2026-1476 Malicious code in jalalstealer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18913d1d0805eb9183a23aedfba3cbef762c642f82c079dd24711102fd20951e The package jalalstealer was found to contain malicious code. Source: ghsa-malware d760ddb75dc632737c4e778e0ac4db4522bd8584240834cbefe9bffa1948999c A...

Malicious code in jalalstealer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18913d1d0805eb9183a23aedfba3cbef762c642f82c079dd24711102fd20951e The package jalalstealer was found to contain malicious code. Source: ghsa-malware d760ddb75dc632737c4e778e0ac4db4522bd8584240834cbefe9bffa1948999c A...

MAL-2026-1477 Malicious code in supply-hx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 731dffe7bbd70b529730211e15a152420c28b79f76935d387ccff327ef587a5e The package supply-hx was found to contain malicious code. Source: ghsa-malware 0429944ee7a172b223c738e5da756b2a0713f9dc076dd13047a5726ee2528bb0 Any...

Malicious code in aesdecryptor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ac66c3676fdc79338dd38b32cacdd68d6f86e097c163eb1e8e4bd556de82c69 The package aesdecryptor was found to contain malicious code. Source: ghsa-malware 67de86e4e1b93130bb4f76480f236f202b1f257067eaf1ca02d3c565c2fc8edb A...

MAL-2026-1474 Malicious code in alinet (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b467881e1d3ebf0402af06e37a9431db8eead8b2aed583e62a953e32bd5b4e The package alinet was found to contain malicious code. Source: ghsa-malware 4baa8516c4794b690aab6709c29a53d2aa06731b95e9df071cc4b062d421e026 Any...

Malicious Package

Overview aesdecryptor is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Vanna has a SQL injection in the remove_training_data function

A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function removetrainingdata of the file src/vanna/legacy/google/bigqueryvector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

EUVD-2026-12373

A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function removetrainingdata of the file src/vanna/legacy/google/bigqueryvector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

GHSA-6MJ8-JMP2-G8Q7 Vanna has a SQL injection in the remove_training_data function

A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function removetrainingdata of the file src/vanna/legacy/google/bigqueryvector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used...

Malicious code in n8n-nodes-csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1469 Malicious code in n8n-nodes-format-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b8b8fc0a97b9f9e3203a35534d7ff6518dbe0e53753093610315382e5f40b0e The package n8n-nodes-format-utils was found to contain malicious code. Source: ghsa-malware...

Malicious code in n8n-nodes-json-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48c4e3ce64e72a6b818d69264d998a333db6081ac74c9335a9f33ece5434dbbc The package n8n-nodes-json-helper was found to contain malicious code. Source: ghsa-malware...

Malicious code in n8n-nodes-format-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b8b8fc0a97b9f9e3203a35534d7ff6518dbe0e53753093610315382e5f40b0e The package n8n-nodes-format-utils was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1471 Malicious code in n8n-nodes-text-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8561abc8b8800ed722b922924d4f46013117dedc5153d4faa18ecfa7f839106 The package n8n-nodes-text-utils was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1467 Malicious code in n8n-nodes-csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...

Malicious code in n8n-nodes-xml-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72bcfbf156c4f649a0f1bee9fe86ea767c5ff6edb02fca89a95569143d7ebf96 The package n8n-nodes-xml-utils was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1470 Malicious code in n8n-nodes-json-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48c4e3ce64e72a6b818d69264d998a333db6081ac74c9335a9f33ece5434dbbc The package n8n-nodes-json-helper was found to contain malicious code. Source: ghsa-malware...

Malicious code in hariprasath (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b76de996c85f413b2169be46799cbd7dcd1d32a23eb303d0b17ecccae1b10011 The package hariprasath was found to contain malicious code. Source: ghsa-malware df15d2b2f2032416b2715e63515ca04b9bfeb6129516f9fa92d3a633942d07cc An...