MAL-2026-4725 Malicious code in weavedb-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e557cd0501bb17925a19c5d3525fdf18f286b21750a44c0164eb7e165f55d9 package.json declares "preinstall": "./dist/runtime.node", causing npm to execute a 976 KB packed binary on every install. The file uses the .node...

Prometheus exporter process crash via malformed HTTP request

Summary A single malformed HTTP request crashes any Node.js process running the OpenTelemetry JS Prometheus exporter. The metrics endpoint default 0.0.0.0:9464 has no error handling around URL parsing, so a request with an invalid URI causes an uncaught TypeError that terminates the process. You...

0perator (>=0.1.0 <=0.3.0), 0pflow (>=0.1.0 <=0.1.0-dev.f5622ac) +1703 more potentially affected by CVE-2026-44902 via @opentelemetry/sdk-node (>=0.10.2 <=0.216.0)

@opentelemetry/sdk-node NPM version =0.10.2, =0.1.0, =0.1.0, =0.1.1, =0.0.1, =0.8.0, =0.1.1, =0.1.1, =0.1.1, =0.1.8, =0.1.5, =0.0.0-dev-nicolas-fix-publishing-aurora-mcp-1750279939, =0.0.65, =0.3.4, =0.1.0, =0.4.0, =5.0.1-staging.f17326334 and more Source cves: CVE-2026-44902 Source advisory:...

Malicious code in synthetics-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f901ab2d37659ee8585c20804e368b185c14c0e5fc49e51a3148fb439b728bad The package synthetics-sdk-node was found to contain malicious code...

MAL-2026-2802 Malicious code in synthetics-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f901ab2d37659ee8585c20804e368b185c14c0e5fc49e51a3148fb439b728bad The package synthetics-sdk-node was found to contain malicious code...

MAL-2026-2075 Malicious code in @emilgroup/document-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ce75300fb34ac856a75eba90e2d05ccf97af99f2b5f9b3b907635991b3dcf95 The package @emilgroup/document-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2079 Malicious code in @emilgroup/task-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10e089e1ab5774c571e6a0f5c650a044301456e9558509c051d38dce51eac73 The package @emilgroup/task-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2059 Malicious code in @emilgroup/setting-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd7001495cf0c7d9cbe60f2b406b90b4fc34d7a8fc8477c45780cefddf26e28b The package @emilgroup/setting-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2061 Malicious code in @emilgroup/tenant-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d887c661a1552423bf923bf1028ef4aabb762dc2fa329db39e8b4552ce32803 The package @emilgroup/tenant-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2055 Malicious code in @emilgroup/partner-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 021998bae85c5300a2c6e776ee80893de174f4216d701951b4742fd3eff21d85 The package @emilgroup/partner-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2037 Malicious code in @emilgroup/auth-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccb489120e1ad55e75b6bacdf15a54015c9de9959ea853cd391dc4dd66948001 The package @emilgroup/auth-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/account-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0f59f1f2e562d8ef982bd182aa7338ac92a6d5b4b86234568efb7ed5cb09bd7 The package @emilgroup/account-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2051 Malicious code in @emilgroup/insurance-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc13f3218d4cac889a3d7c9d646430c04959f242c5c6cb593d3a31f84baa7a4 The package @emilgroup/insurance-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/claim-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875cfffc40fe2f586c2016b175709687e5644132193d058580c55b789f64482 The package @emilgroup/claim-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2042 Malicious code in @emilgroup/claim-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875cfffc40fe2f586c2016b175709687e5644132193d058580c55b789f64482 The package @emilgroup/claim-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2052 Malicious code in @emilgroup/notification-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 064481cc260cfd8e135bc037198dd7baf6c95d4e7f41997cfad506e2627f0f8a The package @emilgroup/notification-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2039 Malicious code in @emilgroup/billing-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d6e9b450a96ca7b1280b8799dd80c62762d7025a50ea25eabf80c69eb0bb9e The package @emilgroup/billing-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/billing-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08d6e9b450a96ca7b1280b8799dd80c62762d7025a50ea25eabf80c69eb0bb9e The package @emilgroup/billing-sdk-node was found to contain malicious code. Source: ghsa-malware...

MAL-2026-2057 Malicious code in @emilgroup/payment-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83fcb6922c65850eff14baf7a463c2b14b358ffebdc5a15c312ec7328a142407 The package @emilgroup/payment-sdk-node was found to contain malicious code. Source: ghsa-malware...

Malicious code in @emilgroup/customer-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ffdd49f845d5d16e6b17778217c493abdb71d809aa288b93b59e69582119c91 The package @emilgroup/customer-sdk-node was found to contain malicious code. Source: ghsa-malware...