81886 matches found
MAL-2026-2673 Malicious code in chief-documentation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4685fab18e6de4de4fba0c842db2c4ee4114ca7259b8339900078fec02724a39 The package chief-documentation was found to contain malicious code. Source: ghsa-malware...
Malicious code in mongoose-stamps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 073338095bf5f8b7f7ec04e0994d8df1084c899bc6e737b3e7d4aebe26ddc01a The package mongoose-stamps was found to contain malicious code. Source: ghsa-malware b18e13ac80d023110bb0dc5cad4ad32a8f1e4d563156bb626e671b88578ca26...
MAL-2026-2675 Malicious code in mongoose-stamps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 073338095bf5f8b7f7ec04e0994d8df1084c899bc6e737b3e7d4aebe26ddc01a The package mongoose-stamps was found to contain malicious code. Source: ghsa-malware b18e13ac80d023110bb0dc5cad4ad32a8f1e4d563156bb626e671b88578ca26...
MAL-2026-2672 Malicious code in ahmed_salem_ph (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45bfa2da9e04507b1c6e4fbde5f9ce1d57ce0f499596b2fafc61afb4d544fc4a The package ahmedsalemph was found to contain malicious code. Source: ghsa-malware 911051e187786828f6d65957478aad7f1c354940c6ee7f425dc8a779e4c9e039 A...
Malicious code in ahmed_salem_ph (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45bfa2da9e04507b1c6e4fbde5f9ce1d57ce0f499596b2fafc61afb4d544fc4a The package ahmedsalemph was found to contain malicious code. Source: ghsa-malware 911051e187786828f6d65957478aad7f1c354940c6ee7f425dc8a779e4c9e039 A...
WordPress plugin Product Pricing Table by WooBeWoo 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-33055
Name of the Vulnerable Software and Affected Versions Product Pricing Table by WooBeWoo versions prior to 1.1.1 Description The Product Pricing Table by WooBeWoo plugin for WordPress is susceptible to Cross-Site Request Forgery. This issue occurs because of missing or incorrect nonce validation i...
Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action
Summary The actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no equivalent authorization check for removals, so submitting an empty groups...
Malicious code in tailwindcss-style-typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625db5a21e8ed06ca7ce3b8d75adeff20b4179dbebe797b13486039aa74d6ea The package tailwindcss-style-typography was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2658 Malicious code in tailwindcss-style-typography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625db5a21e8ed06ca7ce3b8d75adeff20b4179dbebe797b13486039aa74d6ea The package tailwindcss-style-typography was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2657 Malicious code in tailwind-typ (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5e12d01d92bc7efe09d08aba44a4013705ac8993fbb742208b2a4904b7a31c The package tailwind-typ was found to contain malicious code. Source: ghsa-malware 43d9d60c72b77068d9d1e462d69ab2276baf8b651026670535ad3d567aaef837 A...
Malicious code in tailwind-typ (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b5e12d01d92bc7efe09d08aba44a4013705ac8993fbb742208b2a4904b7a31c The package tailwind-typ was found to contain malicious code. Source: ghsa-malware 43d9d60c72b77068d9d1e462d69ab2276baf8b651026670535ad3d567aaef837 A...
Malicious code in chai-as-refined (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7bd5b01fccd5ef5cc96d9a4eecf5801c6b34a062718a2131d2b2abb7a93191 The package chai-as-refined was found to contain malicious code. Source: ghsa-malware 5a69e4e0dbfe130a3d5da8413eb7ad9a490dc1874ee69ef385156479b365da4...
MAL-2026-2641 Malicious code in chai-as-refined (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7bd5b01fccd5ef5cc96d9a4eecf5801c6b34a062718a2131d2b2abb7a93191 The package chai-as-refined was found to contain malicious code. Source: ghsa-malware 5a69e4e0dbfe130a3d5da8413eb7ad9a490dc1874ee69ef385156479b365da4...
Malicious code in ui-utils-udhay-alerts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed8bd73e0d75fbda0ce08b97273d9ed56f21e9bc0967b05541013a944c85f3c0 The package ui-utils-udhay-alerts was found to contain malicious code. Source: ghsa-malware...
Malicious code in node-unpnotifyserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad3da4c961628a8745400bba3a3521ae4fda195c030215758fe40841c1c8946e The package node-unpnotifyserv was found to contain malicious code. Source: ghsa-malware...
Malicious code in okfe-serverless-conf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74a72b0853bd9a530292e0f2f74d820ea396dd35650bb3537cf4b2d8705e0dc The package okfe-serverless-conf was found to contain malicious code. Source: ghsa-malware...
Malicious code in chatbotloader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78643cb5d37687c0eac0935734bac95f23c01b64ded6bb2f2f090542324042ac The package chatbotloader was found to contain malicious code. Source: ghsa-malware 88ccdb3c34d69b2e53f62caa6b7e61f32e7868fa5893d6fd6d09662189d10b34...
Malicious code in okx-nav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ab3eb270d52d290185b24d8da75ec720b1c6d2403eb5bfeee0127d98edff14f The package okx-nav was found to contain malicious code. Source: ghsa-malware 3961b5dc52e388cd7ea999f85a4541bfc0e083e63afad50184fea746d70d275d Any...
MAL-2026-2642 Malicious code in chatbotloader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78643cb5d37687c0eac0935734bac95f23c01b64ded6bb2f2f090542324042ac The package chatbotloader was found to contain malicious code. Source: ghsa-malware 88ccdb3c34d69b2e53f62caa6b7e61f32e7868fa5893d6fd6d09662189d10b34...