248 matches found
CVE-2026-22034
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
DEBIAN-CVE-2026-22034
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-22034
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
EUVD-2026-1676
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
CVE-2026-22034
Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...
PT-2026-2140
Name of the Vulnerable Software and Affected Versions Snuffleupagus versions prior to 0.13.0 Description Snuffleupagus is a module designed to increase the cost of attacks against websites by eliminating bug classes and offering a virtual patching system. In deployments of Snuffleupagus before...
EUVD-2025-176015
Malicious code in telesto-vulcan-chai-cressida npm...
EUVD-2025-177308
Malicious code in passport-coronalmassejection-vulcan-loop npm...
EUVD-2025-176179
Malicious code in string-epimetheus-neptunology-vulcan npm...
EUVD-2025-176493
Malicious code in scorpius-vulcan-postcss-loader-centauri npm...
EUVD-2025-175680
Malicious code in vuepress-winston-deneb-vulcan npm...
Malicious code in vulcan-delphinus-protoplanetarydisk-gatsby (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b24d971495291e83f1b4c4e45bbbcca2ecbe2a09313935b9aa7b391db4d8be1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175672
Malicious code in vulcan-astrobiology-wavefunction-delphinus npm...
Malicious code in loop-webdriverio-vulcan-proxima (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3f9d3f3f64e3dcfb01546c14df5e1d0e289308f7238bf5fb36f487b9e92423e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177733
Malicious code in multiverse-terser-webpack-plugin-vulcan-redgiant npm...
Malicious code in cosmicsilence-quasar-vulcan-gammarayburst (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 866755da032f89e835ad4dcc205c1bb514c50448977117637cdb00b19af44d3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177170
Malicious code in pino-pretty-kuiperbelt-vulcan-hugo npm...