3 matches found
@squawk/mcp (>=0.2.0 <=0.9.0) potentially affected by unknown CVE via @squawk/airways (>=0.2.3 <=0.4.1)
@squawk/airways NPM version =0.2.3, =0.2.0, =0.9.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3440...
MAL-2026-3440 Malicious code in @squawk/airways (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a54989a6191f1d94771608b8f3552bda56715631b5a25aa301da35cd1ccd869b The package @squawk/airways was found to contain malicious code. Source: ghsa-malware d2d4644fde6979be241ba839c52ea3532ef3b0b25355b239ade4e1dafd9e272...
Malicious code in @squawk/airways (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a54989a6191f1d94771608b8f3552bda56715631b5a25aa301da35cd1ccd869b The package @squawk/airways was found to contain malicious code. Source: ghsa-malware d2d4644fde6979be241ba839c52ea3532ef3b0b25355b239ade4e1dafd9e272...