Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-55700

A flaw was found in pnpm, a package manager. A remote attacker could exploit a vulnerability in the pnpm stage download command by providing a specially crafted package manifest. This could allow the attacker to write files to arbitrary locations on the system, leading to unauthorized modificatio...

7.1CVSS6AI score0.00267EPSS
Exploits1References5
NVD
NVD
added 2026/06/25 6:16 p.m.6 views

CVE-2026-55700

pnpm is a package manager. From 11.3.0 until 11.5.3, pnpm stage download derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the selected download directory and overwrite another reachable file. The merged fix validates both fields,...

7.1CVSS0.00267EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/25 4:47 p.m.7 views

CVE-2026-55700

pnpm is a package manager. From 11.3.0 until 11.5.3, pnpm stage download derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the selected download directory and overwrite another reachable file. The merged fix validates both fields,...

7.1CVSS5.8AI score0.00267EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/06/25 4:47 p.m.30 views

CVE-2026-55700 pnpm: stage download writes outside destination via manifest version traversal

pnpm is a package manager. From 11.3.0 until 11.5.3, pnpm stage download derived a local filename from registry-controlled package name and version fields. A crafted manifest could escape the selected download directory and overwrite another reachable file. The merged fix validates both fields,...

7.1CVSS0.00267EPSS
Exploits1References2
CVE
CVE
added 2026/06/25 4:47 p.m.15 views

CVE-2026-55700

pnpm stage download (affecting 11.3.0–11.5.3) allowed a crafted manifest to derive a local filename from package name and version, enabling the download to escape the target directory and overwrite a reachable file. The merged fix validates both fields, derives a single safe filename, and verifie...

7.1CVSS5.8AI score0.00267EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.8 views

PT-2026-52525

Name of the Vulnerable Software and Affected Versions pnpm versions 11.3.0 through 11.5.2 Description The pnpm stage download command derives a local filename using package name and version fields controlled by the registry. A crafted manifest can lead to a path traversal, allowing an attacker to...

7.1CVSS5.8AI score0.00267EPSS
Exploits1References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.15 views

Malicious code in @cloudplatform-single-spa/vcenter-virtual-machines (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.16 views

Malicious code in @cloudplatform-single-spa/svp-draas (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.13 views

MAL-2026-4933 Malicious code in @cloudplatform-single-spa/ml-ai-agents-agent (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/04/04 12:1 p.m.3 views

MAL-2026-2486 Malicious code in gangomodule (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8117683c90fb188f9fc013b3b3006dc5e31269d2511dd7c80eea9ac7b6892d09 During installation, obfuscated code validates the environment against typical sandboxing signs and attempts to download the next stages from remote sources. T...

6AI score
Exploits0References1
Snyk
Snyk
added 2026/03/14 10:0 p.m.3 views

Malicious Package

Overview @aifabrix/miso-client is a malicious package. This package was affected by the 'GlassWorm' supply chain attack. It includes a hidden malicious payload embedded with invisible Unicode characters. These characters hide a decoder that retrieves and executes a concealed payload through eval...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/02/20 6:59 a.m.6 views

MAL-2026-951 Malicious code in printrables (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 062cd723b198a3d0af641a78b343642653fb80f4cbf527be765bb4e520cbd3ed Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 8:10 a.m.9 views

Malicious code in spellcheckpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 063d67bbc510966bb83b63d1ba79a8279cf212b9028005800d6f2f99534eec46 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/01 1:47 p.m.4 views

Malicious code in loquru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a98209ec0f506986521ebd7b24de4f266f6bb61aba50f2dc511c391f1037848b It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

7.2AI score
Exploits0References2
The Hacker News
The Hacker News
added 2023/03/11 1:32 p.m.8 views

BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif. According to cybersecurity company eSentire, the malicious ads are used to spoof a wide range of legitimate apps and services such as Adobe, OpenAPI's ChatGP...

6.8AI score
Exploits0
Rows per page
Query Builder