Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-5xpp-75jx-m839
  • npm/systeminformation
systeminformation: OS command injection in networkInterfaces() via interfaces(5) source-directive path on Linux 15 minutes ago
  • Fix available
  • Severity - 8.7 (High)
GHSA-wxqq-gcq8-c443
  • npm/dd-trace
dd-trace-js: Improper parsing of W3C baggage headers may lead to DoS 26 minutes ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-mp7j-qc5w-4988
  • npm/websocket-driver
websocket-driver: Resource limit bypass via message compression 1 hour ago
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-xv26-6w52-cph6
  • npm/websocket-driver
websocket-driver: Message corruption via abuse of protocol length headers 1 hour ago
  • Fix available
  • Severity - 9.2 (Critical)
GHSA-62gx-5q78-wrvx
  • npm/obsidian-local-rest-api
obsidian-local-rest-api: Authenticated path traversal via URL-encoded %2F in /vault/{path} — arbitrary host file read/write/delete 1 hour ago
  • No fix available
  • Severity - 8.8 (High)
MAL-2026-10687
  • npm/selparsecss-selector
Malicious code in selparsecss-selector (npm) 5 hours ago
  • No fix available
MAL-2026-10686
  • npm/@ddh-libraries/analytics
Malicious code in @ddh-libraries/analytics (npm) 6 hours ago
  • No fix available
MAL-2026-10684
  • npm/react-hook-scripts
Malicious code in react-hook-scripts (npm) 7 hours ago
  • No fix available
MAL-2026-10682
  • npm/code-formatter-setup
Malicious code in code-formatter-setup (npm) 7 hours ago
  • No fix available
MAL-2026-10683
  • npm/formatters.ts
Malicious code in formatters.ts (npm) 7 hours ago
  • No fix available
MAL-2026-10679
  • npm/rakibox
Malicious code in rakibox (npm) 11 hours ago
  • No fix available
MAL-2026-10678
  • npm/ls-env-config
Malicious code in ls-env-config (npm) 11 hours ago
  • No fix available
MAL-2026-10677
  • npm/deployowl
Malicious code in deployowl (npm) 11 hours ago
  • No fix available
MAL-2026-10680
  • npm/syncgrove
Malicious code in syncgrove (npm) 12 hours ago
  • No fix available
MAL-2026-10676
  • npm/commonjs-assert
Malicious code in commonjs-assert (npm) 12 hours ago
  • No fix available
MAL-2026-10675
  • npm/ac-raf-emitter
Malicious code in ac-raf-emitter (npm) 12 hours ago
  • No fix available