yar

Denial of Service in yar

Turbo: Unexpected local code execution during Yarn Berry detection

@nyariv/sandboxjs vulnerable to sandbox escape via TOCTOU bug on keys in property accesses

Claude Code Vulnerable to Arbitrary Code Execution via Plugin Autoloading with Specific Yarn Versions

@nyariv/sandboxjs has a Sandbox Escape vulnerability

Missing Encryption of Sensitive Data in yarn

Path Traversal in Yarn

Yarn untrusted search path vulnerability

Malicious code in yarn-design-system-choicesjs-stencil (npm)

Malicious code in yarn-design-system-fonts (npm)

@nyariv/sandboxjs has Prototype Pollution vulnerability that may lead to RCE

@nyariv/sandboxjs has host prototype pollution from sandbox via array intermediary (sandbox escape)

yargs-parser Vulnerable to Prototype Pollution

@nyariv/sandboxjs has Sandbox Escape via Prototype Whitelist Bypass and Host Prototype Pollution

Malicious code in yarn-design-system-rc-tooltip (npm)

Malicious code in yarsg (npm)

Malicious code in yarn-test-git-repo (npm)

Malicious code in yarn-design-system-react-select (npm)

Malicious code in xlhepkvdnjmyaruo (npm)

Malicious code in example-yarn-package (npm)

TOCTOU Race Condition in Yarn

Malicious code in vidyard-player-sdk (npm)

Malicious code in yargs-js (npm)

Yarn Improper link resolution before file access (Link Following)

Malicious code in yargs-parxe (npm)

@nyariv/sandboxjs has a Sandbox Escape issue

Malicious code in yarn-design-system-flatpickr (npm)

Malicious code in yarn-design-system-logos (npm)

Malicious code in yarn-design-system-rc-input-number (npm)