45 matches found
CVE-2026-39708
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a through = 1.3.14...
EUVD-2026-22451
Concurrent execution using shared resource with improper synchronization 'race condition' in Windows User Interface Core allows an authorized attacker to elevate privileges locally...
EUVD-2026-20415
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a through = 1.3.14...
CVE-2026-39708
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uicore UiCore Elements uicore-elements allows Stored XSS.This issue affects UiCore Elements: from n/a through = 1.3.14...
PT-2026-31270
Name of the Vulnerable Software and Affected Versions UiCore Elements versions through 1.3.14 Description A Stored Cross-site Scripting XSS issue exists in UiCore Elements due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into w...
Malicious code in ui-core_mal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c66ea54316ebd799590186156adab4ff03ad3108487b4c5c48192924efcd60a The package ui-coremal was found to contain malicious code...
MAL-2026-1870 Malicious code in ui-core_mal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c66ea54316ebd799590186156adab4ff03ad3108487b4c5c48192924efcd60a The package ui-coremal was found to contain malicious code...
Malicious code in @legacy-ui/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cc68fa0af265da13a26ccfc943668c887b5aa3f4a73ddc7af9ab2d8498d7a0d The package @legacy-ui/core was found to contain malicious code...
MAL-2026-1628 Malicious code in @legacy-ui/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cc68fa0af265da13a26ccfc943668c887b5aa3f4a73ddc7af9ab2d8498d7a0d The package @legacy-ui/core was found to contain malicious code...
EUVD-2025-205825
Malicious code in @ptest2535/ui-coremal npm...
MAL-2025-192982 Malicious code in @ptest2535/ui-core_mal (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7628a65ea5a9b366c3df0045c4c0a1c8b44ec278dc10792f971ed266fe08ce5a The package @ptest2535/ui-coremal was found to contain malicious code. Source: ghsa-malware...
EUVD-2020-0287
Malware in sbrugna...
EUVD-2025-30184
Malicious code in bioql PyPI...
Malicious Package
Overview @cnx-ui/cnx-ui-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @cnx-ui/cnx-ui-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87e84454809b6a23abcd234d62b4b3630bd69cf9c89b02f5e5f8c16204712981 Any computer that has this package installed or running should be considered...
MAL-2025-47232 Malicious code in @cnx-ui/cnx-ui-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87e84454809b6a23abcd234d62b4b3630bd69cf9c89b02f5e5f8c16204712981 Any computer that has this package installed or running should be considered...
MAL-2025-47055 Malicious code in cornerstone_ui_core (npm)
The package cornerstoneuicore was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76275d4480426c8c60d2ef0233c3df0f042494623872c889c0e28d2212b949fe Any computer that has this package installed or running should be considered fully...
PT-2025-34912 · Unknown · Uicore Elements
Name of the Vulnerable Software and Affected Versions: UiCore Elements versions through 1.3.4 Description: The software contains a Stored Cross-Site Scripting XSS issue due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into web...
@akitha/new-plugin (=0.0.1), @akitha/plugin-chart-hello (>=0.0.1 <=0.0.3) +245 more potentially affected by CVE-2025-55672 via @superset-ui/core (>=0.10.6 <=1.5.0)
@superset-ui/core NPM version =0.10.6, =0.0.1, =0.17.61, =0.0.0, =0.15.2, =0.0.1, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =0.15.18, =1.0.5 and more Source cves: CVE-2025-55672 Source advisory: SNYK:JS-SUPERSETUICORE-11953561...
CVE-2020-5241
matestack-ui-core RubyGem before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4...