Lucene search
K

485 matches found

Snyk
Snyk
added 2026/05/11 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.7 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.13 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.8 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.8 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.8 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.16 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.10 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.20 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.12 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS5.8AI score0.02342EPSS
Exploits3References2
Snyk
Snyk
added 2026/05/11 9:0 p.m.10 views

Embedded Malicious Code

Overview guardrails-ai is an Adding guardrails to large language models. Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tamper...

9.8CVSS5.8AI score0.00276EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/11 8:26 p.m.10 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2026/05/08 10:16 p.m.17 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS0.00355EPSS
Exploits0References4
Rows per page
Query Builder