51 matches found
PYSEC-2026-1042 Out of bounds segmentation fault due to unequal op inputs in Tensorflow
Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cpp REGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction; When it receives a differing number of inputs, such as...
Malicious code in @withgoogle/stitch-sdk (npm)
@withgoogle/stitch-sdk is a scope-squatting package on npm that impersonates Google's Stitch AI design tool SDK. The attacker registered the @withgoogle scope to mimic Google's withgoogle.com domain and published versions 0.1.1 and 0.1.2 under the account maximus-mcmillan on June 19, 2026. The...
MAL-2026-6256 Malicious code in @withgoogle/stitch-sdk (npm)
@withgoogle/stitch-sdk is a scope-squatting package on npm that impersonates Google's Stitch AI design tool SDK. The attacker registered the @withgoogle scope to mimic Google's withgoogle.com domain and published versions 0.1.1 and 0.1.2 under the account maximus-mcmillan on June 19, 2026. The...
Malicious code in cross-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe06155444d60d3774a256051b31f6a4814f484f33830cbe61eec7ebe611be6 The package cross-stitch was found to contain malicious code. Source: ghsa-malware 7c23bb77e762be76915e8202d11074aaa122efe0a8a32e403fa00ee8563c9bbe A...
MAL-2026-3502 Malicious code in cross-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe06155444d60d3774a256051b31f6a4814f484f33830cbe61eec7ebe611be6 The package cross-stitch was found to contain malicious code. Source: ghsa-malware 7c23bb77e762be76915e8202d11074aaa122efe0a8a32e403fa00ee8563c9bbe A...
Malicious Package
Overview tsconfig-stitch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in fingerprint-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997a54dfe51f4c241904489b2db6fdc90f9da761dfaeb5f4e98747f508d4a78f The package fingerprint-stitch was found to contain malicious code. Source: ghsa-malware...
Malicious code in tsconfig-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 604460d36ae1ce56e73af1b1e087dca00ef2117ca7c22a6556637effff2750c9 The package tsconfig-stitch was found to contain malicious code. Source: ghsa-malware 16b55e32e715af39ca0c84de2ae4b33de360bdbe4f7448a6eb78385de90fdb9...
Malicious Package
Overview eslint-config-stitch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview fingerprint-stitch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in eslint-config-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3747d49c7b72e1659dde0b66b3e7b95bd198fc6a8f8f37d9a7a1bc2fc76dd54 The package eslint-config-stitch was found to contain malicious code. Source: ghsa-malware...
MAL-2026-689 Malicious code in eslint-config-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3747d49c7b72e1659dde0b66b3e7b95bd198fc6a8f8f37d9a7a1bc2fc76dd54 The package eslint-config-stitch was found to contain malicious code. Source: ghsa-malware...
MAL-2026-695 Malicious code in tsconfig-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 604460d36ae1ce56e73af1b1e087dca00ef2117ca7c22a6556637effff2750c9 The package tsconfig-stitch was found to contain malicious code. Source: ghsa-malware 16b55e32e715af39ca0c84de2ae4b33de360bdbe4f7448a6eb78385de90fdb9...
MAL-2026-691 Malicious code in fingerprint-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997a54dfe51f4c241904489b2db6fdc90f9da761dfaeb5f4e98747f508d4a78f The package fingerprint-stitch was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview stitch-ui-toolbox is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in mongodb-stitch-server-testutils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6d66acdf1a1a865257cb91b34cf535addabd337679e38741e5f0c1f89aa0b9b The package mongodb-stitch-server-testutils was found to contain malicious code...
MAL-2025-191519 Malicious code in mongodb-stitch-server-testutils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6d66acdf1a1a865257cb91b34cf535addabd337679e38741e5f0c1f89aa0b9b The package mongodb-stitch-server-testutils was found to contain malicious code...
EUVD-2025-200050
Malicious code in mongodb-stitch-server-testutils npm...
EUVD-2025-32109
Malicious code in bioql PyPI...
CVE-2025-22862
An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 in FortiOS 7.4.0 through 7.4.7, 7.2.0 through 7.2.11, 7.0.6 and above; and FortiProxy 7.6.0 through 7.6.2, 7.4.0 through 7.4.8, 7.2 all versions, 7.0.5 and above may allow an authenticated attacker to elevate their...