Malicious code in chai-mocks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65359853241724a1b519599469dadfcd2b32674455db9fe5284cb7553a5ddf4 The package masquerades as a pino-style logger middleware but is a remote code loader. When the exported middleware is invoked, index.js spawns a...

MAL-2026-5306 Malicious code in chai-mocks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65359853241724a1b519599469dadfcd2b32674455db9fe5284cb7553a5ddf4 The package masquerades as a pino-style logger middleware but is a remote code loader. When the exported middleware is invoked, index.js spawns a...

PT-2026-47326

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description A flaw exists in the io wq remove pending function where it fails to verify if a predecessor entry is hashed when updating the wq-hash tail array. When a hashed bucket-0 work item is...

CVE-2026-6597

A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function removeapikeys/hasapiterms of the file src/backend/base/langflow/api/utils/core.py of the component Flow Using API. This manipulation causes unprotected storage of credentials. The attack can be initiated...

CVE-2026-8427

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file removeFavoriteFolder$id. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N...

CVE-2026-41662

Admidio is an open-source user management solution. Prior to version 5.0.9, Role::stopMembership does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated Membership::stopMembership contains this safety check, but the current code path bypasses...

CVE-2026-41128

Craft CMS is a content management system CMS. In versions 5.6.0 through 5.9.14, the actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no...

CVE-2026-5741

A weakness has been identified in suvarchal docker-mcp-server up to 0.1.0. The impacted element is the function stopcontainer/removecontainer/pullimage of the file src/index.ts of the component HTTP Interface. This manipulation causes os command injection. The attack is possible to be carried out...

CVE-2026-1852

The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel and remove functions. This makes it possible for unauthenticated attackers to...

CVE-2026-4977

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress is vulnerable to Improper Access Control in all versions up to, and including, 1.2.58 This is due to insufficient field-level permission validation in the uploadfileremove AJAX handler whe...

CVE-2026-39857

ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of the REST API, where these query builders execute MongoDB distinct operations that bypass the publicApiProjection...

CVE-2026-8422

The Remove meta boxes per user role plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.01. This is due to missing or incorrect nonce validation on the 'remove-meta-boxes-per-user-role' page. This makes it possible for unauthenticated attackers...

CVE-2026-42749

Authentication Bypass Using an Alternate Path or Channel vulnerability in Themeisle Disable Comments for Any Post Types Remove comments comments-plus allows Password Recovery Exploitation.This issue affects Disable Comments for Any Post Types Remove comments: from n/a through = 1.3.0...

Malicious code in reactvora (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cfcb3bd27816a88e8b3dd4f1fac5c0378232af112bf70a452056a637ce7d131 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in glyphr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc5a7daf8ce7e35afeab46185779066154602b910011e68f5241df91f164756e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5269 Malicious code in glyphr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc5a7daf8ce7e35afeab46185779066154602b910011e68f5241df91f164756e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ulid-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6ef4088107b64693d6c1dfa04be004ad1e19b3d34737d7b79b96b21701a5e7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-50265

CVE-2026-50265 describes a local privilege escalation in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties via the libinput-device-group helper, which can lead to root code execution (e.g., through REMOVE_CMD properties executed when a device is removed). ...

MAL-2026-5187 Malicious code in supabase (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aa2bdcc065a6d4c2b1512f8b68fed22618050c0435c12890c74a2f1405c62093 Withdrawn Advisory This advisory has been withdrawn because the malware detection was a false positive. This link is maintained to preserve external...

MAL-2026-5186 Malicious code in autotel-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eecd710c08cdc339632aae89ee93e200267cea1c34d6b429ca9202265480842f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...