Malicious code in maxixy-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b8df03da54eaa00b887a27395e7b7c42b02a982b1e9df9d82a5b0c243d0ba95 maxixy-cli is a wholesale rebrand of QwenLM/qwen-code itself a fork of google-gemini/gemini-cli with the Qwen OAuth device-flow base URL hardcoded to...

CVE-2026-33990

Docker Model Runner DMR is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's...