Malicious code in auth0-aspnetcore-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1a65e2c9bb72bed2f85cc5ce144070401adc82275fbdceee1345e245bd8b69dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-4309 Malicious code in eh-bridge-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d52c7dc75351a429deafd01c049c7bed3f4696e220b0a318110ae9eb553b6a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview eh-bridge-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in eh-bridge-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d52c7dc75351a429deafd01c049c7bed3f4696e220b0a318110ae9eb553b6a57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-9374 yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted upload

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a manipulation results in unrestricted upload. The attack is possible to be carried out remotely. The...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: unbound: python3-unbound-1.25.1-1.hum1 aarch64, x8664 unbound-1.25.1-1.hum1 aarch64, x8664 unbound-anchor-1.25.1-1.hum1 aarch64, x8664 unbound-devel-1.25.1-1.hum1 aarch64, x8664...

MAL-2026-4276 Malicious code in build-scripts-utils (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

MAL-2026-4298 Malicious code in @gbrlxvii/ts-form-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a6e392f9939f227d4cee6ca815413961f271e9d22f33f7f0384a34c54d74223 On require'@gbrlxvii/ts-form-utils', index.js silently loads lib/perf.js inside a try/catch. perf.js immediately collects host fingerprint os.hostnam...

Malicious Package

Overview etherjs-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Unity Linux 20.1060e / 20.1070e Security Update: maven-shared-utils (UTSA-2026-016689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016689 advisory. In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection...

MAL-2026-4336 Malicious code in webservices.rest-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9c78a4d0c87def69bbc5337e41a730e7ca6ae898426759915f053dc584581c package.json declares both preinstall and postinstall hooks that execute index.js, which exfiltrates installer data to a base64-encoded Cloudflare...

CVE-2026-45409 vulnerabilities

Vulnerabilities for packages: mlflow, datadog-agent, kubeflow-jupyter-web-app, kubeflow-pipelines-visualization-server, kubeflow-pipelines, dask-kubernetes, jupyter-base-notebook, confluent-docker-utils, jwt-tool, kubeflow-volumes-web-app, semgrep, reflex, superset, ggshield, httpie, kserve,...

CVE-2026-45409 vulnerabilities

Vulnerabilities for packages: dbt-snowflake, azureml-inference-server-http-fips, httpie, openstack-tempest-2026.1, py3-opentelemetry-exporter-otlp, kubeflow-volumes-web-app, vast-csi, localstack, mlflow, jupyter-base-notebook, synapse, authentik-fips, semgrep, kubeflow-jupyter-web-app,...

GHSA-65PC-FJ4G-8RJX vulnerabilities

Vulnerabilities for packages: dbt-snowflake, azureml-inference-server-http-fips, httpie, openstack-tempest-2026.1, py3-opentelemetry-exporter-otlp, kubeflow-volumes-web-app, vast-csi, localstack, mlflow, jupyter-base-notebook, synapse, authentik-fips, semgrep, kubeflow-jupyter-web-app,...

OPENSUSE-SU-2026:10834-1 caca-utils-0.99.beta20+git.1776622070.7c8e333-1.1 on GA media

These are all security issues fixed in the caca-utils-0.99.beta20+git.1776622070.7c8e333-1.1 package on the GA media of openSUSE Tumbleweed...

Malicious code in stripe-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6add7fd3034c5b0d00e39e2cbfeb7c664085ef412612b53ebe9fd81767449be package.json declares a postinstall hook that auto-fires on npm install and performs reconnaissance + exfiltration against the installer. The inline...

MAL-2026-4184 Malicious code in stripe-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6add7fd3034c5b0d00e39e2cbfeb7c664085ef412612b53ebe9fd81767449be package.json declares a postinstall hook that auto-fires on npm install and performs reconnaissance + exfiltration against the installer. The inline...

ROOT-APP-MAVEN-CVE-2022-29599 CVE-2022-29599 in io.root.org.apache.maven.shared:maven-shared-utils - Patched by Root

Root has patched CVE-2022-29599 in the io.root.org.apache.maven.shared:maven-shared-utils package for Root:Maven. Multiple fixed versions available...

Malicious code in nw-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3ff057a42800ad78024ac1c48e0d6fbf9c828eb828a41e6737c32b6174ce8c Package is published publicly on npm at version 100.20.33 — a version-number shape used in dependency-confusion attacks to outrank private internal...

MAL-2026-4196 Malicious code in pinno-loggers (npm)

pinno-loggers is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads a...