i

inflect vulnerable to Inefficient Regular Expression Complexity

Insecure Entropy Source - Math.random() in node-uuid

PenPot MCP REPL server binds to 0.0.0.0 with unauthenticated /execute endpoint — RCE

OpenClaw: QQBot reply media URL handling could trigger SSRF and re-upload fetched bytes

Malicious code in iifl_api (npm)

Malicious code in diil-front (npm)

Malicious code in agora-rtc-web (npm)

ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function

short-video-maker has a path traversal vulnerability

Cross-site Scripting (XSS) in Eclipse Theia

json-web-token library is vulnerable to a JWT algorithm confusion attack

React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE

Malicious code in sui-cctp (npm)

Malicious code in treedome (npm)

Malicious code in jssdk-infrastructure (npm)

is-http2 vulnerable to Improper Input Validation

Flowise Unauthenticated Denial of Service (DoS) vulnerability

Malicious code in kraken-dev (npm)

Summarize contains a missing authorization vulnerability

Malicious code in caspets (npm)

Malicious code in ampersend-mymove (npm)

Malicious code in cat-weather-widget (npm)

Malicious code in ffwebsite (npm)

Malicious code in @getstep/sdk (npm)

Malicious code in @tiaanduplessis/react-progressbar (npm)

Malicious code in feature-flip (npm)

n8n: Legacy ExecuteWorkflow Node Bypassed File Path Restrictions

Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler

Axios has a Patch Bypass: Proxy-Authorization Header Injection via Prototype Pollution — Incomplete Null-Prototype Fix

Malicious code in yizhifabao60 (npm)

@libp2p/kad-dht: Unvalidated PUT_VALUE records allow unbounded disk exhaustion on DHT server nodes

n8n: Credential exfiltration via Allowed HTTP Request Domains Bypass

Malicious code in bs58lite (npm)

Summarize contains a missing authorization vulnerability

vm2 sandbox escape via JSPI-backed Promise `.finally()` species bypass

flatnest Prototype Pollution vulnerability

expr-eval vulnerable to Prototype Pollution

Turbo: Unexpected local code execution during Yarn Berry detection

deferred-exec Command Injection vulnerability

Malicious code in int_pinterest_sfra (npm)

Malicious code in gutenberg-ui (npm)

n8n-mcp has unauthenticated session termination and information disclosure in HTTP transport

vm2 is Vulnerable to Sandbox Breakout Through Promise Species

@ai-sdk/provider-utils has an Uncontrolled Resource Consumption issue

Malicious code in zzmaliciouspackage (npm)

OpenClaw: Untrusted workspace channel shadows could execute during built-in channel setup

axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions

Malicious code in sddst-ui (npm)

Malicious code in onboarding-components (npm)

browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler

Directory Traversal in ewgaddis.lab6

Malicious code in @antv/g6-element (npm)

Malicious code in secureshield4 (npm)

counterpart vulnerable to prototype pollution

vm2's Bridge Proxy set trap ignores receiver parameter, enabling host object property injection via prototype chain

Arbitrary file upload in Ghost

Malicious code in @f2p-mml-frontends/mml-styles (npm)

Malicious code in secdriven (npm)

next-intl has prototype pollution with `experimental.messages.precompile` via attacker-controlled translation catalog keys

Prototype Pollution in set-value

nodemssql is malware

HAX open-apis: Credential Theft via Server-Side Request Forgery (SSRF) in open-apis

Malicious code in dds-js-idl (npm)

Malicious code in @citi-icg-171632/citicms-repo-component (npm)

Malicious code in @cloudways-lab/unified-design-system (npm)

NodeVM observability builtins leak host process and HTTP request data

API Admin Auth Weakness in tomato

BoxLite: Permission Bypass Allows Modification of Read-Only Files

Malicious code in @engagehub/core (npm)

Malicious code in @zapier/babel-preset-zapier (npm)

Ghost Vulnerable to Remote Code Execution via Malicious Themes

tsup DOM Clobbering vulnerability

easywebpack-cli Path Traversal vulnerability

Parsing issue in matrix-org/node-irc leading to room takeovers

Neotoma: Unauthenticated Inspector/API access via reverse-proxy loopback auth bypass

Allocation of Resources Without Limits or Throttling in vriteio/vrite

Cross-site Scripting in Ghost

ExifReader is vulnerable to denial of service via crafted ICC `mluc` tag

tiny-csrf has openly visible CSRF tokens

Seroval affected by Denial of Service via Array serialization

Claude Code Vulnerable to Command Injection via Directory Change Bypasses Write Protection

Malicious code in wlwz-2312-7001 (npm)

OpenClaw's andbox browser noVNC observer lacked VNC authentication

OpenClaw affected by denial of service through unguarded archive extraction allowing high expansion/resource abuse (ZIP/TAR)

Malicious code in compare-obj (npm)

Malicious code in email-deliverability-tester (npm)

Parse Server's GraphQL "Did you mean ...?" validation suggestions disclose schema to unauthenticated callers

Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements

Paperclip: Cross-tenant agent API key IDOR in `/agents/:id/keys` routes allows full victim-company compromise

OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths

FUXA's scheduler API missing admin check enables operator-to-admin escalation via scheduled device actions

sqlite vulnerable to code execution due to Object coercion

nadesiko3 allows remote attacker to inject invalid value to decodeURIComponent of nako3edit

Malicious code in benasin_logger (npm)

Malicious code in react-native-datepicker-modal (npm)

Malicious code in react-native-retriable-fetch (npm)

Malicious code in @seezo/sdr-mcp-server (npm)

vm2 has a CVE-2023-37903 patch bypass: nesting:true without explicit require still allows full RCE

parse-server's session object properties can be updated by foreign user if object ID is known

Payload's SQLite adapter Session Fixation vulnerability

pdf-image has an OS Command Injection Vulnerability through its pdfFilePath parameter

Deserialization Code Execution in js-yaml

Malicious code in system-library-gameanalytics-common (npm)

React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets

vm2 has a sandbox escape via unblocked cross-realm Symbol.for keys + missing bridge write-trap symbol checks

Malicious code in azure-arm-iothub-samples-ts (npm)

Malicious code in iv-build-utils (npm)

Malicious code in automation_model (npm)

Malicious code in babel-preset-kinvey-flex-service (npm)

Malicious code in better-auth-nuxt (npm)

@nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading

SQL Injection in sequelize

Joplin Cross-site Scripting vulnerability

Malicious code in icons-mail (npm)

Malicious code in @portswigger/fetlife-assets (npm)

Malicious code in ozone-material (npm)

Remote code execution via MongoDB BSON parser through prototype pollution

Cross-Site Scripting in serve-index

Malicious code in anypoint-component-site (npm)

Malicious code in who_mobile (npm)

Session fixation in fastify-passport

browserstack-runner has an unauthenticated arbitrary file read via path traversal in HTTP server

Malicious code in p224 (npm)

Malicious code in pergel (npm)

Malicious code in wallet-evm (npm)

OS Command Injection in node-opencv

Malicious code in test494 (npm)

SQL Injection in sequelize

Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers

Malicious code in @accordproject/concerto-linter (npm)

liquidjs has a Denial of Service via circular block reference in layout

Malicious code in @accordproject/concerto-linter-default-ruleset (npm)

React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint

Malicious code in anyswap-rewards (npm)

Malicious code in sweet-ruin-immortals-after-dark-16-by-kresley-cole-on-audiobook-full-volumes- (npm)

Novu has SSRF via conditions filter webhook bypasses validateUrlSsrf() protection

Sanitization bypass using HTML Entities in marked

vm2 setup-sandbox.js violates Defense Invariant #11 in stack-trace formatter

Malicious code in pipedrive-embeddable-ringcentral-phone-spa (npm)

OS Command Injection in GenieACS

OS Command Injection in giting

Downloads Resources over HTTP in phantomjs-cheniu

Malicious code in @diotoborg/a-quas (npm)

Malicious code in schibsted-style (npm)

ngrok is Vulnerable to Command Injection

Malicious code in prod_assets_web_modules (npm)

string-math's string-math.js vulnerability can cause Regex Denial of Service (ReDoS)

steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments

Malicious code in @diotoborg/ad-non (npm)

OpenClaw vulnerable to arbitrary file read via $include directive

Malicious code in @oku-ui/alert-dialog (npm)

Malicious code in @oku-ui/presence (npm)

angular vulnerable to regular expression denial of service via the <input type="url"> element

Malicious code in caas-canvas (npm)

Malicious code in kbc-ui.templates (npm)

Malicious code in stablecoin-aptos (npm)

Cross-Site Scripting in swagger-ui

Paperclip: Cross-tenant agent API token minting via missing assertCompanyAccess on /api/agents/:id/keys

Malicious code in @diotoborg/aliquam-fugit-culpa (npm)

Malicious code in @posthog/laudspeaker-plugin (npm)

Directory traversal in convert-svg-core

Malicious code in wlwz-2312-2305 (npm)

ReDOS in IS-SVG

NodeVM network builtin exclusions bypass via internal _http_client and _http_server

Malicious code in quickswap-smart-order-router (npm)

Open redirect in karma

NodeVM builtin denylist bypass via process and inspector/promises allows host code execution

Malicious code in @accordproject/concerto-analysis (npm)

es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`

Malicious code in system-library-gameanalytics-slotanalytics (npm)

React Router has stored XSS via unescaped Location header in prerendered redirect HTML

HAXcms: Private Key Disclosure via Broken HMAC Implementation

Malicious code in tcsp (npm)

Malicious code in @diotoborg/aspernatur-id (npm)

pm2 Regular Expression Denial of Service vulnerability

Invalid Curve Attack in node-jose

Malicious code in tiptap-shadcn-vue (npm)

Flowise: Sensitive Data Leak in public-chatbotConfig

Unrestricted Upload of File with Dangerous Type in Strapi

Malicious code in @diotoborg/assumenda-saepe-mollitia (npm)

Directory Traversal in serverliujiayi1

Directory Traversal in zjjserver

Malicious code in @kiwiiw/ez-lib (npm)

FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString

Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour

Malicious code in argocd-diff-action (npm)

ExifReader is vulnerable to denial of service via unbounded decompression of image metadata

Malicious code in @diotoborg/autem-dolor (npm)

Malicious code in @diotoborg/autem-id (npm)

Duplicate Advisory: OpenClaw: Google Chat Authz Bypass via Group Policy Rebinding with Mutable Space displayName

Malicious code in accounts-base (npm)

Malicious code in wartsila-application-json (npm)

Malicious code in @accordproject/concerto-metamodel (npm)

XSS Attack with Express API

Malicious code in @diotoborg/autem-vero (npm)

@node-oauth/oauth2-server: PKCE code_verifier ABNF not enforced in token exchange allows brute-force redemption of intercepted authorization codes

OpenClaude MCP OAuth Callback: State Check Bypass via error Param Leads to DoS

Regular expression denial of service in semver-regex

vm2 has a Sandbox Escape issue

Malicious code in @beproduct/nestjs-auth (0.1.2 through 0.1.19) — Mini Shai-Hulud worm

Malicious code in @browserbasehq/stagehand-docs (npm)

Malicious code in @oku-ui/tabs (npm)

Miniflare vulnerable to Server-Side Request Forgery (SSRF)

Bootbox.js Cross Site Scripting vulnerability

Malicious code in aocrn (npm)

Malicious code in wlwz-2312-7200 (npm)

jQuery vulnerable to Cross-Site Scripting (XSS)

Malicious code in @voiceflow/nestjs-rate-limit (npm)

CamoFox MCP: Unauthenticated HTTP MCP browser-control surface

n8n Privilege Escalation vulnerability

Strapi has a rate limit bypass on users-permissions plugin via attacker-controlled email keying

smb is malware

Cross-site Scripting in epubjs

Code injection in blamer

Sandbox Breakout / Arbitrary Code Execution in safer-eval

SQL Injection in connect-pg-simple

sanitize-html is vulnerable to XSS through incomprehensive sanitization

@nyariv/sandboxjs vulnerable to sandbox escape via TOCTOU bug on keys in property accesses

AgenticMail API/storage and outbound relay hardening fixes

SillyTavern has a SSRF vulnerability in the CORS proxy middleware

Malicious code in bankin_thechnical (npm)

Malicious code in shell-exec (npm)

@okta/oidc-middlewareOpen Redirect vulnerability

web3-utils Prototype Pollution vulnerability

Denial of service in http-proxy-middleware

Cross-site scripting vulnerability in TinyMCE

Malicious code in hl-naduccio (npm)

Malicious code in bdesse (npm)

Malicious code in @diotoborg/corporis-quia (npm)

claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh

Malicious code in pm-manager (npm)

Prototype Pollution in merge-deep

Malicious code in product-tools (npm)

Malicious code in babel-plugin-standalone (npm)

Strapi: Password Reset Does Not Revoke Existing Refresh Sessions

HAX CMS: Denial of Service using Malicious Import Request

OpenC3 Cross-site Scripting in Login functionality (`GHSL-2024-128`)

Malicious code in srve-favico (npm)

Malicious code in proton-pack (npm)

Malicious code in wlwz-2312-3807 (npm)

Malicious code in wlwz-2312-3908 (npm)

Malicious code in @zitterorg/natus-eos-vel (npm)

NASA Open MCT Cross Site Request Forgery (CSRF) vulnerability

vm2 Sandbox Escape vulnerability

Malicious code in jqxcore (npm)

Malicious code in redirect-5k9q5v (npm)

Missing proper state, nonce and PKCE checks for OAuth authentication

Flowise: Unauthenticated TTS endpoint accepts arbitrary credential IDs — enables API credit abuse via stored credentials

Malicious code in redirect-clrm2u (npm)

9router: Unauthenticated Remote Code Execution via unprotected MCP custom plugin routes

Malicious code in @diotoborg/corporis-repellat-dicta (npm)

Orejime has executable code in HTML attributes

Malicious code in cln-logger (npm)

Malicious code in obvbd (npm)

Malicious code in @amber-team/storybook-utils (npm)

Replicator deserializes untrusted user input

Exposure of Sensitive Information in eventsource

OpenClaw: Multiple Code Paths Missing Base64 Pre-Allocation Size Checks

Improper Certificate Validation in xmlhttprequest-ssl

thlorenz browserify-shim vulnerable to prototype pollution

Malicious code in aoe_playstyle (npm)

Malicious code in @diotoborg/cum-saepe-minima (npm)

Malicious code in @diotoborg/cum-ut-iure (npm)

Malicious code in appqos-client (npm)

Path traversal in Node-RED-Dashboard

Regular Expression Denial of Service in dat.gui

Malicious code in elf-stats-bright-cushion-246 (npm)

Malicious code in ap-election-adapter (npm)

Cross-Site Scripting in http_server

Malicious code in @diotoborg/delectus-recusandae-aut (npm)

Nuxt: Reflected XSS in `navigateTo()` external redirect

Malicious code in yizhifabao61 (npm)

Malicious code in dotgov-list (npm)

Malicious code in @frozen-team-qa/types (npm)

Path Traversal in Ghost

Lack of URL normalization may lead to authorization bypass when URL access rules are used

Broken Authentication in Atlassian Connect Express

OS Command Injection in node-mpv

Malicious code in @diotoborg/dicta-recusandae-veniam (npm)

Malicious code in @diotoborg/dignissimos-aliquam (npm)

Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit

@grackle-ai/server: Unescaped Error String in renderPairingPage() HTML Template

Saltcorn's Reflected XSS and Command Injection vulnerabilities can be chained for 1-click-RCE

Svelte SSR does not validate dynamic element tag names in `<svelte:element>`

Malicious code in express-core-validator (npm)

LDAP Injection in is-user-valid

Malicious code in @omni-corp-infra/sso-bridge-core (npm)

Path Traversal in marscode

Malicious code in @tech-global/internal-gateway-core (npm)

Duplicate Advisory: Improper Verification of Cryptographic Signature

Malicious code in @diotoborg/dolor-earum-quia (npm)

Unhead has a hasDangerousProtocol() bypass via leading-zero padded HTML entities in useHeadSafe()

Malicious code in @diotoborg/dolor-iure (npm)

Malicious code in @asyncapi/react-component (npm)

Malicious code in api-routes-rest (npm)

Malicious code in @diotoborg/dolores-fugiat-autem (npm)

OneUptime has broken access control in GitHub App installation flow that allows unauthorized project binding

Arbitrary File Read in phantom-html-to-pdf

Malicious code in expressos (npm)

Malicious code in uniswap-router-sdk (npm)

Malicious code in mongodb-atlas-cli-toc-generator (npm)

Malicious code in @bcs-adapters/core-adapter (npm)

Malicious code in elf-stats-merry-chimney-765 (npm)

Malicious code in @diotoborg/dolorum-dolorum (npm)

Open redirect in @auth0/nextjs-auth0

Downloads Resources over HTTP in selenium-download

Malicious code in @diotoborg/dolorum-ipsam (npm)

Server crashes on invalid Cloud Function or Cloud Job name

OS Command Injection in install-package

Malicious code in @diotoborg/dolorum-iste-excepturi (npm)

Malicious code in yelp-react-component-photo-upload (npm)

Malicious code in pi-exa-mcp (npm)

Malicious code in pos-next-react-native (npm)

Malicious code in shopify-draggable (npm)

Malicious code in @diotoborg/eaque-illum-qui (npm)

Malicious code in @diotoborg/eaque-iste (npm)

Malicious code in elf-stats-snowdusted-fireplace-396 (npm)

Linkify Allows Prototype Pollution & HTML Attribute Injection (XSS)

XSS/HTML Injection Vulnerability in Umbraco Backoffice Components

Malicious code in elf-stats-snowdusted-saddlebag-790 (npm)

OpenClaw has a gateway exec allowlist allow-always bypass via unregistered /usr/bin/script wrapper

Cross-site Scripting in Joplin

Malicious code in zdachboostv3 (npm)

Malicious code in temhe-dev (npm)

Malicious code in tinfoil-shops (npm)

OpenClaw: Unsanitized CWD path injection into LLM prompts

OpenClaw's Zalo group sender allowlist bypass permits unauthorized GROUP dispatch

Prototype Pollution in ini-parser

Malicious code in elf-stats-sparkly-cocoa-863 (npm)

Malicious code in elf-stats-sprucey-snowman-250 (npm)

Authorization Bypass in Next.js Middleware

Prototype Pollution in set-or-get

pnpm has Windows-specific tarball Path Traversal

plotly.js prototype pollution vulnerability

Malicious code in wlwz-2312-7301 (npm)

Malicious code in @protos-team/frontend-server (npm)

Malicious code in vpi-guides (npm)

Malicious code in @diotoborg/eius-animi-ullam (npm)

Malicious code in wagner-horizon (npm)

Unlimited transforms allowed for signed nodes

express-param vulnerable to Improper Handling of Extra Parameters

arrayfire-js downloads Resources over HTTP

Malicious code in elf-stats-twinkling-marshmallow-913 (npm)

Markdownify MCP Server allows Server-Side Request Forgery (SSRF) via the Markdownify.get() function

Malicious code in elf-stats-wintry-icicle-283 (npm)

Malicious code in @azure-tests/perf-service-bus (npm)

Remote Memory Disclosure in bittorrent-dht

Nteract Remote Code Execution vulnerability

Malicious code in arkane-network (npm)

Malicious code in @antv/f6-element (npm)

Malicious code in pcl-build-docroot (npm)

Malicious code in oc-aa-module-client (npm)

Malicious code in ams-ssk (npm)

Command Injection in gitlabhook

OpenZeppelin Contracts initializer reentrancy may lead to double initialization

Next.js Affected by Cache Key Confusion for Image Optimization API Routes

gry vulnerable to Command Injection

Malicious code in @diotoborg/esse-accusantium-ratione (npm)

Froala WYSIWYG editor allows cross-site scripting (XSS)

Malicious code in @diotoborg/esse-distinctio-repellat (npm)

Malicious code in elf-stats-frostbitten-reindeer-875 (npm)

Malicious code in @asavie/i18n (npm)

Malicious code in @venturo/playwright (npm)

Malicious code in elf-stats-ginger-reindeer-411 (npm)

Malicious code in common-tg-service (npm)

Malicious code in microsoft-agents-auth-service (npm)

OpenClaw: Gateway `agent` calls could override the workspace boundary

Malicious code in elf-stats-gingersnap-ornament-469 (npm)

Malicious code in elf-stats-glittering-fir-252 (npm)

eivindfjeldstad-dot contains prototype pollution vulnerability

Malicious code in @diotoborg/et-voluptatum-mollitia (npm)

skilleton has improper input handling in repository/path processing

Path Traversal in marked-tree

AutoUpdater module fails to validate certain nested components of the bundle

OpenClaw has incomplete Fix for CVE-2026-27486: Unvalidated SIGKILL in `!stop` Chat Command via `shell-utils.ts`

Duplicate Advisory: OpenClaw's Node system.run approval hardening wrapper semantic drift can execute unintended local scripts

printf vulnerable to Regular Expression Denial of Service (ReDoS)

Malicious code in @diotoborg/eveniet-officia (npm)

OS Command injection in ssl-utils

node-forge has ASN.1 Unbounded Recursion

@fastify/oauth2 vulnerable to Cross Site Request Forgery due to reused Oauth2 state

Arbitrary Command Injection in portprocesses

Malicious code in @diotoborg/eveniet-pariatur-esse (npm)

Malicious code in @diotoborg/ex-quo-odio (npm)

Malicious code in paypal-payouts-bridge (npm)

openclaw-claude-bridge: sandbox is not effective - `--allowed-tools ""` does not restrict available tools

Malicious code in xorma-js (npm)

Malicious code in elf-stats-merry-cookiejar-442 (npm)

Malicious code in paychex-common-vendor-lib (npm)

Cross-Site Scripting (XSS) in Verdaccio

Malicious code in elf-stats-sleighing-nutcracker-806 (npm)

Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows

Malicious code in elf-stats-silvered-star-676 (npm)

Malicious code in elf-stats-snowdusted-lantern-234 (npm)

OpenCC has an Out-of-bounds read when processing truncated UTF-8 input

Malicious code in api-typings (npm)

Malicious code in seek-pass (npm)

Malicious code in @polka-ui/config (npm)

OpenClaw: Matrix profile config persistence was reachable from operator.write message tools

Malicious code in lazyhtml-scripts (npm)

Malicious code in @t-in-one/save_application_hid_to_storage (npm)

Malicious code in ms.analytics-web (npm)

Malicious code in mefthos (npm)

Malicious code in paysera-checkout-modal (npm)

Malicious code in elf-stats-snowdusted-cookiejar-250 (npm)

Payload does not invalidate JWTs after log out

Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings

Rebuild-bot workflow may allow unauthorised repository modifications

Prototype pollution vulnerability in 'patchmerge'

Malicious code in elf-stats-candlelit-train-228 (npm)

Malicious code in @car-loans/deal (npm)

Duplicate Advisory: OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress

radashi Allows Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Logging of the firestore key within nodejs-firestore

node-tesseract-ocr is vulnerable to OS Command Injection through unsanitized recognize() function parameter

Malicious code in @diotoborg/inventore-quasi (npm)

jsonpath has Arbitrary Code Injection via Unsafe Evaluation of JSON Path Expressions

Regular Expression Denial of Service in minimatch

Insufficient Session Expiration in NocoDB

Downloads Resources over HTTP in tomita

Malicious code in elf-stats-twinkling-bell-867 (npm)

Malicious code in mui-wrapper-icons (npm)

Path Traversal in resolve-path

Koa Vulnerable to Open Redirect via Trailing Double-Slash (//) in back Redirect Logic

Regular Expression Denial of Service in moment

Malicious code in bfruitmaliciousxmlparser (npm)

Malicious code in @diotoborg/iste-laborum (npm)

Malicious code in uba-plugins (npm)

Malicious code in @cloudplatform-single-spa/agreements (npm)

Malicious code in @cloudplatform-single-spa/aifactory-notebooks (npm)

node-latex-pdf is susceptible to command injection

Malicious code in @diotoborg/labore-atque (npm)

Malicious code in android_teminator_x (npm)

Status Board vulnerable to Cross-Site Scripting before v1.1.82

Malicious code in @cloudplatform-single-spa/airflow (npm)

@puchunjie/doc-tools-mcp has a Path Traversal Issue

Malicious code in arm-attestation (npm)

Malicious code in arm-azurestack (npm)

Malicious code in xnetgpt (npm)

Regular Expression Denial of Service in jadedown

Malicious code in @nosinovacao/nosid-mfe-common (npm)

FUXA Unauthenticated Remote Arbitrary Device Tag Write

Malicious code in @cloudplatform-single-spa/cnapp-ui (npm)

OpenClaw: Voice-call Plivo replay mutates in-process callback origin before replay rejection

OpenClaw bootstrap setup codes could be replayed to escalate pending pairing scopes before approval

Unhandled case in node-lmdb

OpenClaw has a IPv6 multicast SSRF classifier bypass

Malicious code in @diotoborg/libero-ratione-delectus (npm)

Malicious code in cd-system (npm)

Malicious code in @cloudplatform-single-spa/corax (npm)

OpenClaw's config env vars allowed startup env injection into service runtime

Malicious code in amazon-testpackage (npm)

Malicious code in amournapraia (npm)

Malicious code in @cloudplatform-single-spa/cp-api-gw (npm)

Malicious code in @cloudplatform-single-spa/datagrid (npm)

Prototype Pollution in undefsafe

Malicious code in bdwngkairzovfpje (npm)

Directory Traversal in geddy

Malicious code in @diotoborg/molestiae-doloribus (npm)

Malicious code in elf-stats-caroling-wreath-635 (npm)

Malicious code in @diotoborg/molestiae-maxime (npm)

Malicious code in chai-max (npm)

Malicious code in elf-stats-glittering-cookie-844 (npm)

Malicious code in @cloudplatform-single-spa/dataplatform (npm)

Malicious code in kg_portal (npm)

Malicious code in paypay-ecommerce-miniapp (npm)

gifplayer XSS vulnerability

Malicious code in ugc-kit (npm)

OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins

Malicious code in @cloudplatform-single-spa/observability (npm)

Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js

Malicious code in awsmcc (npm)

Backstage vulnerable to potential reading of SCM URLs using built in token

Malicious code in mepjow (npm)

nodemailer.js is malware

Directory Traversal in gaoxuyan

Malicious code in @diotoborg/nobis-facilis (npm)

deepHas vulnerable to Prototype Pollution via constructor.prototype

Malicious code in configs-web-react (npm)

Parse Dashboard is Missing CSRF Protection for its Agent Endpoint

Prototype Pollution in worksmith

validator.js has a URL validation bypass vulnerability in its isURL function

Malicious code in aws-features-signin-proxy-client (npm)

Malicious code in @diotoborg/nobis-mollitia (npm)

Malicious code in @cloudplatform-single-spa/paas-redis (npm)

Malicious code in console-node-ts (npm)

Prototype pollution in nconf-toml

Malicious code in @cloudplatform-single-spa/security-groups (npm)

Malicious code in merlin-products-fetch (npm)

Malicious code in merlin-ui (npm)

Malicious code in metalsapi-adapter (npm)

Hidden fields can be leaked on readable collections in Payload

Malicious code in wlwz-2312-7504 (npm)

Malicious code in aws-ui-component-select (npm)

Malicious code in @cloudplatform-single-spa/static-page (npm)

Malicious code in pixelary (npm)

Tracking Module in botbait

Malicious code in linear-open-issue (npm)

Regular Expression Denial of Service (REDoS) in Marked

Improper Handling of Exceptional Conditions in detect-character-encoding

Malicious code in @cloudplatform-single-spa/svp-images (npm)

Malicious code in tsb-authorization (npm)

Directory traversal in rollup-plugin-server

MySQL2 for Node Arbitrary Code Injection

Malicious code in newclick-components (npm)

Malicious code in @openmage/fetlife-assets (npm)

Malicious code in ofjaaah-dependency-confusion (npm)

Malicious code in @cloudplatform-single-spa/svp-interfaces (npm)

openssl.js is malware

phoenix_html allows Cross-site Scripting in HEEx class attributes

Malicious code in @diotoborg/officiis-nam-dignissimos (npm)

Malicious code in @cloudplatform-single-spa/svp-lbaas (npm)

Malicious code in fatfingers-hello (npm)

Malicious code in fatfingers-helloo (npm)

Malicious code in nextcloud-js-tests (npm)

Missing Origin Validation in parcel-bundler

Malicious code in @diotoborg/optio-voluptatum (npm)

Malicious code in nsemea-core-poc (npm)

Malicious code in @cloudplatform-single-spa/svp-managed-kubernetes (npm)

OpenClaw has a workspace-only sandbox guard mismatch for @-prefixed absolute paths

Malicious code in @diotoborg/perferendis-odit (npm)

webpack-dev-server users' source code may be stolen when they access a malicious web site

Malicious code in @diotoborg/placeat-placeat (npm)

OneUptime Vulnerable to a Privilege Escalation via Local Storage Key Manipulation

Malicious code in cordova-plugin-permissions (npm)

Malicious code in nucleus-integration-banana (npm)

Malicious code in @fb-deposit/form-savings-account (npm)

Server-Side Request Forgery in Directus

Malicious code in @diotoborg/quaerat-dicta (npm)

Malicious code in wegenenverkeer (npm)

Malicious code in string-multiutils (npm)

Cross-site scripting vulnerability in TinyMCE

Malicious code in postcssmipot (npm)

Malicious code in airdrop-interface-markets (npm)

Malicious code in @qw-app/images (npm)

Denial of service in prismjs

Malicious code in @t-in-one/form_product_token (npm)

Malicious code in preset-modules (npm)

Malicious code in nayan-videos-downloaders (npm)

Information disclosure in parse-server

Malicious code in @diotoborg/quo-dolorem-ducimus (npm)

Malicious code in zenith.svg-loader (npm)

Prototype Pollution in lodash

OpenClaw Gateway: RCE and Privilege Escalation from operator.pairing to operator.admin via device.pair.approve

Malicious code in @t-in-one/prefill_transformers_data_token (npm)

Malicious code in prism-reactjs (npm)

Malicious code in @diotoborg/quos-accusantium (npm)

Sensitive Data Exposure in seneca

Packing does not respect root-level ignore files in workspaces

OpenClaw vulnerable to SSRF in src/agents/tools/web-fetch.ts

Malicious code in @diotoborg/quos-eos (npm)

OpenZeppelin Contracts TransparentUpgradeableProxy clashing selector calls may not be delegated

Malicious code in @t-in-one/restore_application_hid_from_storage (npm)

Malicious code in @t-in-one/safe_local_storage_token (npm)

Malicious code in pycodestyle (npm)

Malicious code in aes-valid-ipherv (npm)

Malicious code in plonkscript-docs (npm)

Malicious code in developit (npm)

Downloads Resources over HTTP in npm-test-sqlite3-trunk

Downloads Resources over HTTP in macaca-chromedriver-zxa

Malicious code in web3js-wallet (npm)

Malicious code in nf-cons-log (npm)

Malicious code in hardhat-configs (npm)

Malicious code in style-postprocessor (npm)

Malicious code in uidraftism (npm)

VvvebJs Reflected Cross-Site Scripting (XSS) vulnerability

Flowise: Unauthenticated OAuth 2.0 Access Token Disclosure via Public Chatflow in Flowise

Malicious code in whatnot-events (npm)

Malicious code in chai-promised-async (npm)

Malicious code in chain-promised-cli (npm)

Malicious code in express-session-js (npm)

Malicious code in @_wnpm/wnpm-cli (npm)

Malicious code in privacy-test-pages (npm)

Malicious code in @t-in-one/send_add_application (npm)

Prototype pollution vulnerability in 'predefine'

Malicious code in @cplace-paw-fe/cf-training-extended (npm)

Malicious code in privateinternal-a (npm)

OpenClaw BlueBubbles webhook auth bypass via loopback proxy trust

Malicious code in @appleseed-apple/ac-sass-kit (npm)

Malicious code in simple-auth-basic (npm)

Joplin vulnerable to Cross-site Scripting in notes

Malicious code in modern-events (npm)

Malicious code in bitu-staking (npm)

Malicious code in progressbrwepbackplugin (npm)

Malicious code in @rsi-community/hub-client-app (npm)

Reflected cross-site scripting (XSS) vulnerability

OpenClaw Hook Session Key Override Enables Targeted Cross-Session Routing

Malicious code in purview-scanning (npm)

Malicious code in @tc-core/provider-service (npm)

Malicious code in @timelycare/api (npm)

Malicious code in qdjoxcrmsvaynikk (npm)

Budibase: Authentication Bypass via Unanchored Regex in Public Endpoint Matcher — Unauthenticated Access to Protected Endpoints

Malicious code in @bmg-web/bmg-external-link (npm)

Malicious code in @bmg-web/bmg-grid (npm)

TinaCMS CLI Dev Server Vulnerable to Cross-Origin File Exfiltration via CORS Misconfiguration + Path Traversal in TinaCMS

Malicious code in @bmg-web-features/bmg-user-interaction-tracker (npm)

Malicious code in etsyapp (npm)

Malicious code in argpras (npm)

Malicious code in rdocumentation-workers (npm)

coffe-script is malware

Malicious code in chai-bundle (npm)

expr-eval does not restrict functions passed to the evaluate function

Follow Redirects improperly handles URLs in the url.parse() function

Malicious code in chai-extensions-extras (npm)

Parse Server exposes the data schema via GraphQL API

n8n's Unsafe Buffer Allocation Allows In-Process Memory Disclosure in Task Runner

Malicious code in @nklkas/hyperliquid (npm)

Malicious code in changelog-cli-logger (npm)

Malicious code in changelog-utils-structured-logger (npm)

directus vulnerable to Insertion of Sensitive Information into Log File

url-parse Incorrectly parses URLs that include an '@'

Directory Traversal in dcdcdcdcdc

Malicious code in chai-use-test (npm)

Malicious code in codex-devcontainer-install (npm)

Malicious code in separadordeinfocc (npm)

Malicious code in pyright-root (npm)

Malicious code in customerdigital-service-lib (npm)

Malicious code in rdtkfuhjacoezmwn (npm)

Malicious code in react-address-entry-field (npm)

Malicious code in ethers-contract (npm)

Malicious code in ethers-errors (npm)

Malicious code in react-bank-api (npm)

OpenClaw has a Command Injection via unescaped environment assignments in Windows Scheduled Task script generation

fuseki downloads Resources over HTTP

Malicious code in ethers-hash (npm)

Prototype Pollution in defaults-deep

Denial of Service in ecstatic

Malicious code in ben1 (npm)

Path traversal in rollup-plugin-serve

OpenClaw: Pairing-scoped device tokens could mint `operator.admin` and reach node RCE

Malicious code in @diotoborg/quaerat-eius (npm)

Malicious code in ethers-hdnode (npm)

Malicious code in elf-stats-shimmering-muffin-598 (npm)

Malicious code in evmchain-cli (npm)

Stored XSS via <iframe> in HAX CMS allows access to sensitive client-side data and account takeover

ApostropheCMS: Information Disclosure via choices/counts Query Parameters Bypassing publicApiProjection Field Restrictions

Picomatch has a ReDoS vulnerability via extglob quantifiers

Malicious code in foundry-config (npm)

Malicious code in react-cionx (npm)

Malicious code in react-dnd-examples-hooks (npm)

Malicious code in react-dom-is (npm)

Angular i18n vulnerable to Cross-Site Scripting

Malicious code in one-view-chat-ui-module (npm)

Insecure Defaults Allow MITM Over TLS in engine.io-client

Malicious code in react-dom-router-compatibility (npm)

Claude Code: Sandbox Escape via Symlink Following Allows Arbitrary File Write Outside Workspace

Malicious code in tracker-radar (npm)

Use of Insufficiently Random Values in undici

Verification Bypass in jsonwebtoken

Malicious code in @tinyspeck/calls-desktop-interop (npm)

Malicious code in training-kit (npm)

Malicious code in training-platform-web (npm)

Malicious code in tranchess-core (npm)

@tinacms/graphql has a Path Traversal issue

Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation)

matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserver

@siteboon/claude-code-ui is Vulnerable to Command Injection via Multiple Parameters

Remote code execution in handlebars when compiling templates

Prototype Pollution in dset

Malicious code in reactrdeux (npm)

Astro's server source code is exposed to the public if sourcemaps are enabled

Malicious code in reacttapefentplugin (npm)

Malicious code in tailwind-clamps-line (npm)

Malicious code in tailwind-effect (npm)

Malicious code in tailwind-smooth-slider (npm)

Malicious code in read.node (npm)

Malicious code in realtime-react (npm)

Malicious code in realtime-react-ui (npm)

Strapi Improper Rate Limiting vulnerability

Margox Braft-Editor Cross-site Scripting Vulnerability

Malicious code in web3-config-loader (npm)

Code injection in port-killer

Cross-site scripting in react-bootstrap-table

SQL Injection in sequelize

Malicious code in reamd (npm)

Malicious code in reddit-client-lib (npm)

Malicious code in redirect-safe (npm)

Malicious code in reflect_decorators (npm)

Malicious code in @seller-center/grace (npm)

Malicious code in richdocuments (npm)

Malicious code in richmediacore (npm)

path-to-regexp vulnerable to Regular Expression Denial of Service via multiple wildcards

Fastify's connection header abuse enables stripping of proxy-added headers

express vulnerable to XSS via response.redirect()

@perfood/couch-auth has a host header injection vulnerability

Downloads Resources over HTTP in adamvr-geoip-lite

Strapi Upload Plugin MIME Validation Bypass via Content API

Actual Sync Server has an Authenticated Path Traversal

Flowise: Cypher Injection in GraphCypherQAChain

Malicious code in crypto-locale (npm)

Erxes Path Traversal vulnerability

Malicious code in rn-amazon-payment-service (npm)

Malicious code in roblox-es6-migration-helper (npm)

Improper Key Verification in openpgp

OpenClaw's Chrome extension relay binds publicly due to wildcard treated as loopback

Regular Expression Denial of Service (ReDoS) in lodash

thenify before 3.3.1 made use of unsafe calls to `eval`.

Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS)

Command Injection in pidusage

Malicious code in rocket-league-credits-hakc-2022 (npm)

Malicious code in rsk-devportal (npm)

Malicious code in rxp-js (npm)

Malicious code in ryjqvlxozpdcubta (npm)

Malicious code in rysewnplkutazmfc (npm)

Malicious code in scilla (npm)

OpenClaw: Node camera URL payload host-binding bypass allowed gateway fetch pivots

Command injection in kill-process-on-port

Malicious code in chai-pack (npm)

Directory Traversal in dylmomo

Open Redirect in koa-remove-trailing-slashes

Malicious code in rtxbbtyols (npm)

Malicious code in @diotoborg/sed-tempora-natus (npm)

Malicious code in @diotoborg/sed-veniam-cupiditate (npm)

CRLF Injection in Nodejs ‘undici’ via host

Parse Server has a protected fields bypass via logical query operators

Prototype Pollution in decal

TinaCMS Vulnerable to Path Traversal Leading to Arbitrary File Read, Write and Delete

Malicious code in scilla-server (npm)

Malicious code in scopely-mopub-aacebookaudiencenetwork-adapters (npm)

Potential Authorization Header Exposure in NPM Packages @finastra/nestjs-proxy, @ffdc/nestjs-proxy

Directus version number disclosure

Malicious code in apollocli8ent (npm)

Cloudflare Agents SDK has Insecure Direct Object Reference (IDOR) via Header-Based Email Routing

OpenClaw host-env blocklist missing `GIT_TEMPLATE_DIR` and `AWS_CONFIG_FILE` allows code execution via env override

Duplicate Advisory: OpenClaw's complex interpreter pipelines could skip exec script preflight validation

Malicious code in @azure-tests/perf-keyvault-secrets (npm)

Malicious code in @diotoborg/suscipit-officia (npm)

Malicious code in script-package (npm)

Malicious code in shopify-marketplaces-buyer-app (npm)

Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling

Malicious code in @diotoborg/suscipit-vitae (npm)

Malicious code in web-stories-renderer (npm)

Malicious code in web-stories-wp (npm)

Malicious code in apollolinhttp (npm)

Malicious code in @diotoborg/temporibus-quasi-quasi (npm)

ajv has ReDoS when using `$data` option

Downloads Resources over HTTP in mystem3

Duplicate Advisory: Signal group allowlist authorization bypass via DM pairing-store leakage

tmp allows arbitrary temporary file / directory write via symbolic link `dir` parameter

Malicious code in singhaditi2707 (npm)

OpenClaw: workspace path guard bypass on non-existent out-of-root symlink leaf

Malicious code in sint-plugin-prkomise (npm)

Claude Code Leaks Data via Malicious Environment Configuration Before Trust Confirmation

Remote code execution in vscode-npm-script

Malicious code in @diotoborg/velit-placeat (npm)

Uncontrolled Resource Consumption in markdown-it

OpenClaw: HTTP operator endpoints lack browser-origin validation in trusted-proxy mode

GenieACS has an unauthenticated access vulnerability via the NBI API endpoint

Malicious code in slg-shared-utils (npm)

web3-core-method is vulnerable to prototype pollution

OpenClaw's unsanitized session ID enables path traversal in transcript file operations

Malicious code in slg-vue-components (npm)

Malicious code in @sugoma/amogus (npm)

Directory Traversal in hftp

n8n Information Disclosure vulnerability

Malicious code in app.1inch.io (npm)

Malicious code in wlwz-2312-7707 (npm)

Malicious code in small-ms (npm)

Misuse of `Reference` and other transferable APIs may lead to access to nodejs isolate

Regular Expression Denial of Service in forwarded

Malicious code in smartsuite-ui (npm)

Improper Input Validation in xdLocalStorage

Denial of service vulnerability exists in libxmljs

Cross-site Scripting (XSS) in @scullyio/scully

Ghost vulnerable to information disclosure of private API fields

Malicious code in smfjcvkwqbigrpkt (npm)

Malicious code in smithy-client (npm)

Malicious code in smithy-typescript (npm)

Directory Traversal in elding

Malicious code in muthu (npm)

Raneto v0.17.0 employs weak password complexity requirements

muhammara and hummus vulnerable to Unchecked Return Value to NULL Pointer Dereference

Finance.js vulnerable to DoS via the seekZero() parameter

NPM IP package incorrectly identifies some private IP addresses as public

Code injection in plupload

Malicious code in sn-par-select (npm)

fast-xml-parser vulnerable to ReDOS at currency parsing

Information disclosure in SSB-DB

Malicious code in sn-seismic-addons (npm)

Malicious code in sorareshshsjs (npm)

Malicious code in @tampmd/bth-react-components (npm)

Cezerin Unauthorized Acces

Regular Expression Denial of Service in ssri

n8n: Webhook Forgery on Github Webhook Trigger

Astro: Unauthenticated Path Override via `x-astro-path` / `x_astro_path`

Always-Incorrect Control Flow Implementation in Facebook Hermes

Insufficient Entropy in cryptiles

Malicious code in bebekair (npm)

Preact has JSON VNode Injection issue

Malicious code in 0g-storage-contracts (npm)

Use of Potentially Dangerous Function in mixme

OS Command Injection in lifion-verify-deps

Malicious code in sourcekit-lsp (npm)

Shadowsock is malware

Malicious code in sovryn-node-integration-tests (npm)

Malicious code in soydata (npm)

Malicious code in sp-bootstrap (npm)

Directus: Sensitive fields exposed in revision history

fast-xml-parser has RangeError DoS Numeric Entities Bug

tkinter is malware

Malicious code in tappp-tv-ui-lib (npm)

Express XSS Sanitizer: allowedTags/allowedAttributes bypass leads to permissive sanitization (XSS risk)

Malicious code in sparhandy-speedtest (npm)

Malicious code in sportsdataio-adapter (npm)

Parse Server has a bypass of class-level permissions in LiveQuery

Tmp files readable by other users in sync-exec

Path Traversal in public

axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)

Malicious code in gemini-adapter (npm)

Malicious code in seller-listing-service (npm)

Unintentional leakage of private information via cross-origin websocket session hijacking

Duplicate Advisory: OpenClaw: Gateway hello snapshots exposed host config and state paths to non-admin clients

Malicious code in @xvideos/client-api (npm)

Malicious code in solaraexecutor (npm)

Malicious code in node-integration-test (npm)

Malicious code in spotify-debouncer (npm)

Malicious code in spotify-event-definitions (npm)

Spoofing attack due to unvalidated KDC in node-krb5

webpack buildHttp HttpUriPlugin allowedUris bypass via HTTP redirects → SSRF + cache persistence

Pug allows JavaScript code execution if an application accepts untrusted input

Malicious code in facebook-pixel-for-wordpress (npm)

Validation bypass in frourio

Malicious code in usaa-a11y-test (npm)

Malicious code in wlwz-2312-7901 (npm)

@fastify/middie vulnerable to middleware authentication bypass in child plugin scopes

Open Redirect in st

Malicious code in @tekion/alpha (npm)

Malicious code in spotify-playback (npm)

Malicious code in pages14.0.0_i18n (npm)

Malicious code in @tekion/fxt (npm)

Malicious code in app_intelligence (npm)

Malicious code in ssnap-web (npm)

Malicious code in yuji-baileys (npm)

json-schema-editor-visual vulnerable to prototype pollution

Malicious code in @onerjs/smart-filters-blocks (npm)

Malicious code in @polka-ui/loads (npm)

Malicious code in @car-loans/online-sign-aff (npm)

Cross Site Scripting (XSS) in @finastra/ssr-pages

steal vulnerable to Prototype Pollution via requestedVersion variable

canvg Prototype Pollution vulnerability

Malicious code in @emcd-vue/b2b-pay-form (npm)

Malicious code in ml-translate-vis (npm)

Malicious code in sso-ebay (npm)

Malicious code in ssomicroservicefrontend (npm)

DOMPurify contains a Cross-site Scripting vulnerability

OS Command Injection in serial-number

Malicious code in state.aggregator (npm)

Solid Lacks Escaping of HTML in JSX Fragments allows for Cross-Site Scripting (XSS)

Malicious code in sourceflow-tracker (npm)

Malicious code in vg-interaction-model (npm)

Buffer overflow in canvas

Malicious code in @aia-digital/request-module (npm)

Malicious code in statusim-mobile (npm)

Malicious code in steamdb-browser-extension (npm)

React Router has Path Traversal in File Session Storage

XSS due to lack of CSRF validation for replying/publishing

Directory Traversal in nhouston

Prototype Pollution in object-path

Malicious code in inclusive-ai-dao-website (npm)

FlowiseAI Pre-Auth Arbitrary Code Execution

@ndhoule/defaults prototype pollution

Malicious code in chai-midpatch (npm)

Malicious code in stnylelint-config-tandrad (npm)

Malicious code in storage-blob-changefeed (npm)

Malicious code in storageblob (npm)

eBay API MCP Server Affected by Environment Variable Injection

Exfiltration of hashed SMB credentials on Windows via file:// redirect

React Router has XSS Vulnerability

Malicious code in hedgedoc-api (npm)

Malicious code in stories-carousel (npm)

@udecode/plate-link does not sanitize URLs to prevent use of the `javascript:` scheme

Malicious code in streamer-market-dashboard (npm)

undici before v5.8.0 vulnerable to CRLF injection in request headers

Complete Bypass of CVE-2026-24884 Patch via Git-Delivered Symlink Poisoning in compressing

Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution

Directus allows redacted data extraction on the API through "alias"

karma-mojo enables OS Command Injection

Regular Expression Denial of Service in djvalidator

fabric-js is malware

Malicious code in hilla-components-dependencies (npm)

Signal K Server Vulnerable to Denial of Service via Unrestricted Access Request Flooding

Malicious code in stressfault (npm)

Malicious code in stripe-demo-connect-standard-saas-platform (npm)

pnpm v10+ Bypass "Dependency lifecycle scripts execution disabled by default"

Command injection in simple-git

Malicious code in @azure-tests/perf-monitor-query (npm)

Malicious code in 29ge1l (npm)

Claude Code can execute commands prior to the startup trust dialog

OpenClaw vulnerable to path traversal (Zip Slip) in archive extraction during explicit installation commands

Server-Side Request Forgery in parse-url

Cross-Site Scripting in swagger-ui

Malicious code in stylelint-config-monorepo-palantir (npm)

Malicious code in stylis-ifl4 (npm)

Malicious code in mock-solc-0.6 (npm)

Malicious code in seller-webchat-service (npm)

Strapi mishandles hidden attributes within admin API responses

Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage

Malicious code in stylleint (npm)

Malicious code in subek (npm)

Malicious code in subscriptionid-apiversion (npm)

mcp-package-docs vulnerable to command injection in several tools

OpenClaw QQ Bot Extension missing SSRF Protection on All Media Fetch Paths

OpenClaw has an inbound allowlist policy bypass in voice-call extension (empty caller ID + suffix matching)

OpenC3 stores passwords in clear text (`GHSL-2024-129`)

Backstage Scaffolder plugin vulnerable to Server-Side Request Forgery

Malicious code in here_base (npm)

Malicious code in suer (npm)

Malicious code in e-learning-garena (npm)

Malicious code in suggests (npm)

Malicious code in suhallowexqual (npm)

Fiora chat group avatar is vulnerable to XSS via SVG files

Shescape potential environment variable exposure on Windows with CMD

@isaacs/brace-expansion has Uncontrolled Resource Consumption

Nest has a Fastify URL Encoding Middleware Bypass (TOCTOU)

@aofl/cli-lib Prototype Pollution vulnerability

Malicious code in new-code-script-gt-a-samp-h-a-c-k-down-lo-ad-lkk02y (npm)

OpenClaw is Missing Webhook Authentication in Telnyx Provider Allows Unauthenticated Requests

OneUptime: Synthetic Monitor RCE via exposed Playwright browser object

Paperclip: Approval decision attribution spoofing via client-controlled `decidedByUserId` in paperclip server

@strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling

Prototype pollution in supermixer

Malicious code in suorce-map (npm)

Malicious code in ac-async-helpers (npm)

Malicious code in epxressoo (npm)

Malicious code in @texashealth/fetlife-assets (npm)

Directus API vulnerable to denial of service

n8n has SQL Injection in Data Table Node via orderByColumn Expression

happy-dom's `--disallow-code-generation-from-strings` is not sufficient for isolating untrusted JavaScript

Malicious code in 01template1 (npm)

Malicious code in yamoney-guidelines (npm)

Malicious code in apple-internal-pki-trust (npm)

shvl vulnerable to prototype pollution

@stablelib/cbor: Stack exhaustion Denial of Service via deeply nested CBOR arrays, maps, or tags

Malicious code in azure-storage-common-cpp (npm)

Malicious code in supcom-web (npm)

Malicious code in super-streams (npm)

ws affected by a DoS when handling a request with many HTTP headers

node-opensl is malware

frames-compiler downloads Resources over HTTP

@tootallnate/once vulnerable to Incorrect Control Flow Scoping

OpenClaw's voice-call Twilio webhook replay could bypass manager dedupe because normalized event IDs were randomized per parse

NextAuthjs Email misdelivery Vulnerability

ts-deepmerge before 2.0.2 vulnerable to Prototype Pollution

Malicious code in gop_status_frontend (npm)

Prototype Pollution in deep.assign

OpenClaw has incomplete IPv4 special-use SSRF blocking in web fetch guard

LiquidJS has Exponential Memory Amplification through its replace_first Filter $& Pattern

Directory Traversal in fast-http-cli

Fonoster is vulnerable to directory traversal

Malicious code in bfs-hello-world (npm)

Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions

Sandbox escape via infinite recursion and error objects

Malicious code in bfvcjmwgayetoizd (npm)

Malicious code in o-typography (npm)

Malicious code in gunbazaar (npm)

Malicious code in log5j-v2 (npm)

Malicious code in energy-portal (npm)

Malicious code in superapp-sdk (npm)

Imperative CLI vulnerable to Command Injection

XSS in the `altField` option of the Datepicker widget in jquery-ui

Malicious code in appboy (npm)

Directory traversal in rollup-plugin-server

OpenClaw: Host exec environment overrides miss proxy, TLS, Docker, and Git TLS controls

Heap-based Buffer Overflow in sqlite-vec

Malicious code in opti-distube (npm)

Malicious code in superset-websocket (npm)

Malicious code in supplysec-alert (npm)