88 matches found
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: goreleaser, kubernetes-csi-driver-hostpath, newrelic-infrastructure-agent, configmap-reload, conjur-cli, litefs, mods, docker-cli-buildx, azure-service-operator, argo-workflows, aws-flb-cloudwatch, croc, ipfs-cluster, kapp, rancher, cosign, authservice, task,...
CVE-2026-2265
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
EUVD-2026-17958
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
GHSA-2GMP-34J9-FQJM Replicator deserializes untrusted user input
An unauthenticated Remote Code Execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
Replicator deserializes untrusted user input
An unauthenticated Remote Code Execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
@belym.a.2105/testcafe (>=0.13.0-nightly.96bf9c47 <=1.15.0-alpha.4), @benbender/jest-config (>=0.1.0 <=0.6.0) +131 more potentially affected by CVE-2026-2265 via replicator (=1.0.5)
replicator NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on replicator and may be impacted: - @belym.a.2105/testcafe =0.13.0-nightly.96bf9c47, =0.1.0, =1.8.5, =0.1.0-alpha.1, =1.1.4-alpha.30, =0.0.49, =3.7.4-depup.0, =0.0.0, =1.0.1,...
Deserialization of Untrusted Data
Overview replicator is an Advanced JavaScript objects serialization. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the error messages decoding. An attacker can execute arbitrary code by supplying specially crafted input that is deserialized without prope...
@belym.a.2105/testcafe (>=0.13.0-nightly.96bf9c47 <=1.15.0-alpha.4), @benbender/jest-config (>=0.1.0 <=0.6.0) +131 more potentially affected by CVE-2026-2265 via replicator (=1.0.5)
replicator NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on replicator and may be impacted: - @belym.a.2105/testcafe =0.13.0-nightly.96bf9c47, =0.1.0, =1.8.5, =0.1.0-alpha.1, =1.1.4-alpha.30, =0.0.49, =3.7.4-depup.0, =0.0.0, =1.0.1,...
CVE-2026-2265
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
CVE-2026-2265
CVE-2026-2265 concerns the Replicator npm package version 1.0.5, where deserializing untrusted input can lead to unauthenticated remote code execution. The connected documents confirm an insecure deserialization flaw as the root cause, allowing an attacker to execute arbitrary code after providin...
CVE-2026-2265 Replicator 1.0.5 is vulnerable to Remote Code Execution through Insecure Deserialization
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
CVE-2026-2265 Replicator 1.0.5 is vulnerable to Remote Code Execution through Insecure Deserialization
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
CLEANSTART-2026-DG06447 Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.12.2-r0, 2.12.2-r1
Multiple security vulnerabilities affect the kubernetes-replicator-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
PT-2026-29565
An unauthenticated remote code execution RCE vulnerability exists in applications that use the Replicator node package manager npm version 1.0.5 to deserialize untrusted user input and execute the resulting object...
replicator 安全漏洞
Replicator is a high-level JavaScript object serialization library developed by Ivan Nikulin. Version 1.0.5 of Replicator contains a security vulnerability that stems from deserializing untrusted user inputs, potentially allowing unauthorized remote code execution...
Malicious Package
Overview alpha-replicator is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-1188 Malicious code in alpha-replicator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 813b40640376929ec6b2c1eac05da3cf3248e3ad74ea5f28ec2c6770a81b039d The package alpha-replicator was found to contain malicious code. Source: ghsa-malware 2a31df37c5505c0c72366c3a25757305201aa2db41da2a774157074244006a...
Malicious code in alpha-replicator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 813b40640376929ec6b2c1eac05da3cf3248e3ad74ea5f28ec2c6770a81b039d The package alpha-replicator was found to contain malicious code. Source: ghsa-malware 2a31df37c5505c0c72366c3a25757305201aa2db41da2a774157074244006a...
CVE-2021-33420
A deserialization issue discovered in inikulin replicator before 1.0.4 allows remote attackers to run arbitrary code via the fromSerializable function in TypedArray object...
CVE-2019-7201
An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak...