251 matches found
CVE-2026-20296
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.7, 10.3.2512.16, 10.2.2510.18, and 10.1.2507.24, an attacker could trick a user that holds a role with the listdeploymentserver capability into running arbitrary...
CVE-2026-20296 SPL Command Safeguards Bypass through Cross-Site Request Forgery (CSRF) in Deployment Server in Splunk Enterprise
In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.7, 10.3.2512.16, 10.2.2510.18, and 10.1.2507.24, an attacker could trick a user that holds a role with the listdeploymentserver capability into running arbitrary...
Malicious code in @solana-labs/spl-toke (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 490ce5d7e43d8a79aa85bbd24e7140ed074eee472f375092ab9b4cd650ce41f8 Package name @solana-labs/spl-toke is a one-character omission of the legitimate @solana-labs/spl-token package, abusing the official Solana Labs...
Malicious Package
Overview spl-token-py is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @solana-labs/spl-toke is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in spl-token-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...
MAL-2026-5339 Malicious code in spl-token-py (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...
EUVD-2015-6767
Malware in sbrugna...
EUVD-2014-4592
Malware in sbrugna...
EUVD-2025-8427
Malicious code in bioql PyPI...
EUVD-2023-45152
Malicious code in bioql PyPI...
EUVD-2023-43602
Malicious code in bioql PyPI...
EUVD-2024-51916
Malicious code in bioql PyPI...
EUVD-2022-46561
Malicious code in bioql PyPI...
EUVD-2022-46559
Malicious code in bioql PyPI...
Malicious code in solana-spl-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in spl-transpiler (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6593 Malicious code in spl-transpiler (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in spl-token-v2 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...
MAL-2025-6127 Malicious code in spl-token-v2 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...