MAL-2026-4298 Malicious code in @gbrlxvii/ts-form-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a6e392f9939f227d4cee6ca815413961f271e9d22f33f7f0384a34c54d74223 On require'@gbrlxvii/ts-form-utils', index.js silently loads lib/perf.js inside a try/catch. perf.js immediately collects host fingerprint os.hostnam...

Malicious Package

Overview etherjs-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Unity Linux 20.1060e / 20.1070e Security Update: maven-shared-utils (UTSA-2026-016689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016689 advisory. In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection...

MAL-2026-4336 Malicious code in webservices.rest-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c9c78a4d0c87def69bbc5337e41a730e7ca6ae898426759915f053dc584581c package.json declares both preinstall and postinstall hooks that execute index.js, which exfiltrates installer data to a base64-encoded Cloudflare...

auth0-templates-scripts (=80.0.4) potentially affected by unknown CVE via auth0-templates-scripts-utils (=1.0.5)

auth0-templates-scripts-utils NPM version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on auth0-templates-scripts-utils and may be impacted: - auth0-templates-scripts =80.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4490...

CVE-2026-45409 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines, open-webui, jupyter-base-notebook, kubeflow-pipelines-visualization-server, reflex, mlflow, kserve, confluent-docker-utils, superset, semgrep, jwt-tool, datadog-agent, httpie, kubeflow-volumes-web-app, kubeflow-jupyter-web-app, dask-kubernetes,...

CVE-2026-45409 vulnerabilities

Vulnerabilities for packages: localstack, kubeflow-pipelines, authentik-fips, vast-csi, semgrep, jupyter-base-notebook, superset, azureml-inference-server-http-fips, dask-kubernetes-fips, py3-opentelemetry-exporter-otlp, datadog-agent, litellm, mlflow, locust, pgadmin4-fips, airflow-core,...

GHSA-65PC-FJ4G-8RJX vulnerabilities

Vulnerabilities for packages: localstack, kubeflow-pipelines, authentik-fips, vast-csi, semgrep, jupyter-base-notebook, superset, azureml-inference-server-http-fips, dask-kubernetes-fips, py3-opentelemetry-exporter-otlp, datadog-agent, litellm, mlflow, locust, pgadmin4-fips, airflow-core,...

OPENSUSE-SU-2026:10834-1 caca-utils-0.99.beta20+git.1776622070.7c8e333-1.1 on GA media

These are all security issues fixed in the caca-utils-0.99.beta20+git.1776622070.7c8e333-1.1 package on the GA media of openSUSE Tumbleweed...

Malicious code in stripe-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6add7fd3034c5b0d00e39e2cbfeb7c664085ef412612b53ebe9fd81767449be package.json declares a postinstall hook that auto-fires on npm install and performs reconnaissance + exfiltration against the installer. The inline...

MAL-2026-4184 Malicious code in stripe-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6add7fd3034c5b0d00e39e2cbfeb7c664085ef412612b53ebe9fd81767449be package.json declares a postinstall hook that auto-fires on npm install and performs reconnaissance + exfiltration against the installer. The inline...

ROOT-APP-MAVEN-CVE-2022-29599 CVE-2022-29599 in io.root.org.apache.maven.shared:maven-shared-utils - Patched by Root

Root has patched CVE-2022-29599 in the io.root.org.apache.maven.shared:maven-shared-utils package for Root:Maven. Multiple fixed versions available...

Malicious code in nw-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e3ff057a42800ad78024ac1c48e0d6fbf9c828eb828a41e6737c32b6174ce8c Package is published publicly on npm at version 100.20.33 — a version-number shape used in dependency-confusion attacks to outrank private internal...

MAL-2026-4196 Malicious code in pinno-loggers (npm)

pinno-loggers is a malicious npm package that depends on terminal-logger-utils and triggers the malicious behavior in that package when installed or imported. The terminal-logger-utils payload executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper downloads a...

MAL-2026-4198 Malicious code in terminal-logger-utils (npm)

terminal-logger-utils is a malicious npm package that when installed executes a postinstall hook that opens utils.cjs, an obfuscated malware dropper. The dropper checks the current system, downloads a platform-specific second-stage binary from Hugging Face, and executes it. The second-stage paylo...

Astra Linux - уязвимость в maven-shared-utils

In Apache Maven’s maven-shared-utils before version 3.3.3, the Commandline class could generate double-quoted strings without proper escaping, allowing for shell injection attacks...

Astra Linux - уязвимость в rustc

crossbeam-utils provides atomic operations, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. Prior to version 0.8.7, crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u...

Astra Linux - уязвимость в python-oslo.utils

A flaw was discovered in python-oslo-utils. Due to improper parsing, passwords that contain double quotes " cause incorrect masking in debug logs, resulting in any part of the password after the double quote being displayed as plain text...

Malicious code in figma-d2c-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b65db74a06749bbb141552f97e91b15d5bdd91b57a0136dfc8bfb4034b659c8f The package ships dist/report.js, a one-line module that issues an HTTPS POST to https://www.baidu.com carrying values read from process.env. The...

MAL-2026-4534 Malicious code in color-style-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47cf4aaa2cd7a20b222a1a4150a7b9e1f79d9b0a09c8fe4a5689e55bad9bc087 On npm install, all three lifecycle hooks preinstall, install, postinstall execute postinstall.js, which harvests installer secrets and exfiltrates...