3 matches found
MAL-2026-3763 Malicious code in exxpress-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfa81f7c144d5feeea9c49254fbeec68f8271460d4a51efd5757a62b251c05f2 The package declares scripts.postinstall pointing at postinstall.js, which runs automatically on npm install. The script performs three...
Embedded Malicious Code
Overview @emilgroup/discount-sdk-node is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released o...
PT-2026-22086
Name of the Vulnerable Software and Affected Versions Drupal CAPTCHA versions 0.0.0 through 1.16.9 Drupal CAPTCHA versions 2.0.0 through 2.0.9 Description A functionality bypass exists in Drupal CAPTCHA due to insufficient invalidation of security tokens. An attacker may bypass the CAPTCHA on...