70 matches found
CVE-2026-46421
The SAP Cloud Application Programming Model is a tool for building enterprise-grade cloud applications, and cap-js/cds-dbs is the monorepo for SQL database services for that tool. On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected]....
Malicious code in speed1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55f523969dc528b9e84ec2f5a875e316c09d97d41b25e28e66e0c3a218c453ce [email protected] is not a functional Node package. package.json declares main: sw.js, but sw.js is a browser ServiceWorker importScripts'./8cfc2/hgshm.js...
Malicious code in ishowfeet12 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b60cb6a8169d535b5e52d5fa3cb7a1a16bf4f2d15f87d894a4111da9b74fedae The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...
MAL-2026-4336 Malicious code in webservices.rest-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9c78a4d0c87def69bbc5337e41a730e7ca6ae898426759915f053dc584581c package.json declares both preinstall and postinstall hooks that execute index.js, which exfiltrates installer data to a base64-encoded Cloudflare...
sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)
In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS payload is base64-encoded JSON, NOT encrypted. Any party who could observe a minted token CI build logs, container env dumps...
MAL-2026-3525 Malicious code in @uipath/agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3511 Malicious code in @mistralai/mistralai-azure (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58e099ab615b8869cb741b5604f6becdf1e9d1d7c5ac326f9c4065f5f590f6 The package @mistralai/mistralai-azure was found to contain malicious code. Source: ghsa-malware...
Malicious code in @w3m-app/switch_network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7b0fe342478f8fa59c7d24a50e0105c12841f0ef1b7e96443843c2f3eba85a5 The package @w3m-app/switchnetwork was found to contain malicious code. Source: ghsa-malware...
Malicious code in @automagik/genie (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6e7702eae0e8ff480f6f47624128cb3bf2ad5934d6c6a9a5481f3ac424db40 The package @automagik/genie was found to contain malicious code. Source: ghsa-malware 00207299cc0b9ee634f5850f194f399c6164fd4621989a43f8e5f9353d3707...
CVE-2026-33266
Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings. The remember-me cookie encryption key is set to default value in openmeetings.properties and not being auto-rotated. In case OM admin hasn't changed the default encryption key, an attacker who has stolen a cookie from a...
Malicious code in @emilgroup/tenant-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d887c661a1552423bf923bf1028ef4aabb762dc2fa329db39e8b4552ce32803 The package @emilgroup/tenant-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in timeout-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1df00c4c63fa8e52f67bf4d40b5dadae1ddcb640d127546671ce2bf53b5eafa7 The package timeout-ts was found to contain malicious code. Source: ghsa-malware 16cf2a5883796e1a03bb6cc6da0182692fa5962abe42950ba3d95709ca928a71 Any...
MAL-2026-149 Malicious code in bnia-work (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f78b12fa102dbd32d8d3a27c016f7b790124a3a73bdf1970768799e120183c30 The package bnia-work was found to contain malicious code. Source: ghsa-malware 2583fa3177342feb8975727c7ad5873d1a1e7bea2ce3ce445343aaa9a0b3459b Any...
MAL-2025-192596 Malicious code in starling-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02cb3e1a7a02e3f4215b9e7e7d4f0034bd086085c49a157f37ecf151a9009610 The package starling-api was found to contain malicious code. Source: ghsa-malware a935f963069dc7da39338aa1f718ac33babb8d366d6e23c489a4515b776d6577 A...
MAL-2025-191171 Malicious code in @accordproject/concerto-analysis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd4dfaf2dbfd72597ed98e94903934d34e97ddd5dc4f7aeb7f5450767cb3a34c The package @accordproject/concerto-analysis was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191089 Malicious code in express-starter-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7f0e424be1b6e1710d9f2670a4a9b6fbc48636560f8af2025d15de19f01e03 The package express-starter-template was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190781 Malicious code in scgsffcreator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca94ec4e3681855a45287e7aebaa6293b5416e803022d7fb318e447cd18f49bc The package scgsffcreator was found to contain malicious code. Source: ghsa-malware 57471dc81b8368989c69a7f00f7b480aa7036def63b216094e6aca18730e0a16...
Malicious code in oxrvxxxxxaslllcaj (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cbb43c3aa5e1fe9b33fc7a3c3a439ef7edd69817df8984551602b834f7b64584 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mstate-react (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997c10662d47fa55ca8cd4db612274bf4d589c7d82d079b48fae3261bb5c65a7 Any computer that has this package installed or running should be considered fully compromised. All...
Malicious code in @art-ws/package-base (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83ba9ddbeaff9ca9f10da444f6eebc52dd7ffa99def6e187eab42dac24a4d7de Any computer that has this package installed or running should be considered fully compromised. All...