Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-3029
  • npm/@piplabs/story-contracts
 Malicious code in @piplabs/story-contracts (npm) 11 hours ago
  • No fix available
MAL-2025-3028
  • npm/blobstream-contracts
 Malicious code in blobstream-contracts (npm) 13 hours ago
  • No fix available
GHSA-4q56-crqp-v477
  • npm/@react-router/express
  • npm/@remix-run/express
 Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers 15 hours ago
  • Fix available
  • Severity - 7.5 (High)
MAL-2025-3030
  • npm/tap-hook
 Malicious code in tap-hook (npm) 22 hours ago
  • No fix available
GHSA-q8jq-4rm5-4hm5
  • npm/@alizeait/unflatto
 @alizeait/unflatto Prototype Pollution 23 hours ago
  • Fix available
  • Severity - 8.9 (High)
MAL-2025-3027
  • npm/keypair-utils
 Malicious code in keypair-utils (npm) yesterday
  • No fix available
GHSA-qq4x-c6h6-rfxh
  • npm/aws-cdk-lib
 aws-cdk-lib has Insertion of Sensitive Information into Log File vulnerability when using Cognito UserPoolClient Construct yesterday
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-gr7w-hmch-25g7
  • npm/gifplayer
 gifplayer XSS vulnerability yesterday
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-4r4m-qw57-chr8
  • npm/vite
 Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query yesterday
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-hx7h-9vf7-5xhg
  • npm/uptime-kuma
 Uptime Kuma's Regular Expression in pushdeeer and whapi file Leads to ReDoS Vulnerability Due to Catastrophic Backtracking yesterday
  • Fix available
  • Severity - 6.7 (Medium)
MAL-2025-3022
  • npm/pocketnet
 Malicious code in pocketnet (npm) 2 days ago
  • No fix available
MAL-2025-3023
  • npm/saur-design-sys-web
 Malicious code in saur-design-sys-web (npm) 2 days ago
  • No fix available
MAL-2025-3024
  • npm/saur-states-management
 Malicious code in saur-states-management (npm) 2 days ago
  • No fix available
MAL-2025-3025
  • npm/saur-viseau-state-management
 Malicious code in saur-viseau-state-management (npm) 2 days ago
  • No fix available
MAL-2025-3026
  • npm/yass_eal_abcdef_ssdsf_dsfsf
 Malicious code in yass_eal_abcdef_ssdsf_dsfsf (npm) 2 days ago
  • No fix available
MAL-2025-2808
  • npm/@sas-dvr/ltjs-vav
 Malicious code in @sas-dvr/ltjs-vav (npm) 2 days ago
  • No fix available
Load more...