81885 matches found
MAL-2026-2970 Malicious code in @usealloy/component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f32d74c27a8086c59f766c74f3fd9165eb49c0aa829661b6ff00e982c84d510 The package @usealloy/component-library was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview @usealloy/typegen is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @usealloy/typegen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8ddfd4e6bd17172e7327ebed027c76dc8d062700a513a745cf15955c52e043c The package @usealloy/typegen was found to contain malicious code. Source: ghsa-malware...
Malicious code in @usealloy/component-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f32d74c27a8086c59f766c74f3fd9165eb49c0aa829661b6ff00e982c84d510 The package @usealloy/component-library was found to contain malicious code. Source: ghsa-malware...
Malicious code in @bitunix/test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b083a0a29a743f00a18c62069ede0cd31fa3656e9fcbafd497ff742c3efcbdd8 The package @bitunix/test was found to contain malicious code. Source: ghsa-malware caf5aa976643b0e7d9daa1d676c83032b7725f54e4d0f7541e163251805fb9df...
MAL-2026-2969 Malicious code in @usealloy/api-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac2459ced40bf7d07428205c0322e09c951fdc50972f337b30508ad2ad867b37 The package @usealloy/api-contract was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2972 Malicious code in aven_types (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0df68dd11fcc6eb930db59e54118c89a481c0d8db3d4db96ca7732ce04cc3bb2 The package aventypes was found to contain malicious code. Source: ghsa-malware d042da73509307cc87e2110ee9cbd8873cd35b4d5de30c65df0f8daf7e93f49a Any...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013689)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013689 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhpstateremoveinstancenocalls for hisihns3pmu uninit process When teari...
PT-2026-34394
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-put issue exists in the remove path of the meson-spicc SPI driver. The meson spicc probe function registers the controller using devm spi register controller, which ensures the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013806 advisory. In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1removedisk If rddev-raiddisk is greater than mddev-raiddisks...
CVE-2026-41128
Craft CMS is a content management system CMS. In versions 5.6.0 through 5.9.14, the actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no...
CVE-2026-41128 Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action
Craft CMS is a content management system CMS. In versions 5.6.0 through 5.9.14, the actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no...
MAL-2026-2966 Malicious code in com.tencent.puerts.agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 893d557ac2c9f78b7a7885bb93d174293ce6e98589b277f2368a5bce07bfeebd The package com.tencent.puerts.agent was found to contain malicious code. Source: ghsa-malware...
Malicious code in com.tencent.puerts.agent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 893d557ac2c9f78b7a7885bb93d174293ce6e98589b277f2368a5bce07bfeebd The package com.tencent.puerts.agent was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2961 Malicious code in apple-internal-security-poc-frank (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10f171ab8af350f288bde3dca0a4c5741b840ed376b0022602322fd7b8b6341f The package apple-internal-security-poc-frank was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2960 Malicious code in apple-auth-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f287635d5bb4ba311de3a315d8b730e159dd7dee46e68896e94f07d1b4d91860 The package apple-auth-internal was found to contain malicious code. Source: ghsa-malware...
Malicious code in apple-auth-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f287635d5bb4ba311de3a315d8b730e159dd7dee46e68896e94f07d1b4d91860 The package apple-auth-internal was found to contain malicious code. Source: ghsa-malware...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007023)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007023 advisory. In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013317)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013317 advisory. In the Linux kernel, the following vulnerability has been resolved: Revert Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work This...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006918)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006918 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sastransportportadd In mpt3sastransportportadd,...