Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2025-49392
  • npm/focusync-custom-controls
 Malicious code in focusync-custom-controls (npm) 10 hours ago
  • No fix available
MAL-2025-49390
  • npm/payments-notifications
 Malicious code in payments-notifications (npm) 22 hours ago
  • No fix available
MAL-2025-49391
  • npm/payouts-report
 Malicious code in payouts-report (npm) 22 hours ago
  • No fix available
MAL-2025-49389
  • npm/globby-legacy
 Malicious code in globby-legacy (npm) 23 hours ago
  • No fix available
GHSA-cm35-v4vp-5xvx
  • npm/open-webui
  • PyPI/open-webui
 Open WebUI Affected by an External Model Server (Direct Connections) Code Injection via SSE Events yesterday
  • Fix available
  • Severity - 7.3 (High)
GHSA-w7xj-8fx7-wfch
  • npm/open-webui
  • PyPI/open-webui
 Open WebUI vulnerable to Stored DOM XSS via prompts when 'Insert Prompt as Rich Text' is enabled resulting in ATO/RCE yesterday
  • Fix available
  • Severity - 8.7 (High)
MAL-2025-49381
  • npm/huangming-demo
 Malicious code in huangming-demo (npm) yesterday
  • No fix available
MAL-2025-49382
  • npm/rce-poc-test-honor-dev
 Malicious code in rce-poc-test-honor-dev (npm) yesterday
  • No fix available
MAL-2025-49383
  • npm/rce-poc-test-honor-mcp
 Malicious code in rce-poc-test-honor-mcp (npm) yesterday
  • No fix available
MAL-2025-49387
  • npm/xss-payload-7n-ctf
 Malicious code in xss-payload-7n-ctf (npm) yesterday
  • No fix available
MAL-2025-49388
  • npm/xss-payload-all
 Malicious code in xss-payload-all (npm) yesterday
  • No fix available
MAL-2025-49384
  • npm/tailwindcss-aerowind
 Malicious code in tailwindcss-aerowind (npm) yesterday
  • No fix available
MAL-2025-49385
  • npm/tailwindcss-gustify
 Malicious code in tailwindcss-gustify (npm) yesterday
  • No fix available
MAL-2025-49386
  • npm/tailwindcss-twflare
 Malicious code in tailwindcss-twflare (npm) yesterday
  • No fix available
MAL-2025-49379
  • npm/@chatclub/claude-code
 Malicious code in @chatclub/claude-code (npm) yesterday
  • No fix available
MAL-2025-49380
  • npm/chai-await-test
 Malicious code in chai-await-test (npm) yesterday
  • No fix available
Load more...