Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
MAL-2026-2333
  • npm/@pansycareful/github-helper
 Malicious code in @pansycareful/github-helper (npm) 24 Mar
  • No fix available
GHSA-qr2g-p6q7-w82m
  • Go/github.com/coinbase/x402/go
  • PyPI/x402
  • npm/@x402/svm
 x402 SDK Security Advisory 07 Mar
  • Fix available
GHSA-g8r9-g2v8-jv6f
  • npm/@github/copilot
 GitHub Copilot CLI Dangerous Shell Expansion Patterns Enable Arbitrary Code Execution 06 Mar
  • Fix available
  • Severity - 7.5 (High)
MAL-2026-46
  • npm/github-badge-bot
 Malicious code in github-badge-bot (npm) 21 Dec 2025
  • No fix available
MAL-2025-192619
  • npm/adk-github
 Malicious code in adk-github (npm) 19 Dec 2025
  • No fix available
GHSA-6gvq-jcmp-8959
  • Go/github.com/altcha-org/altcha-lib-go
  • Hex/altcha
  • Maven/org.altcha:altcha
  • Packagist/altcha-org/altcha
  • PyPI/altcha
  • ... 2 more
 ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay 16 Dec 2025
  • Fix available
  • Severity - 6.5 (Medium)
MAL-2025-190880
  • npm/@posthog/github-release-tracking-plugin
 Malicious code in @posthog/github-release-tracking-plugin (npm) 24 Nov 2025
  • No fix available
MAL-2025-190845
  • npm/github-action-for-generator
 Malicious code in github-action-for-generator (npm) 24 Nov 2025
  • No fix available
MAL-2025-48997
  • npm/eslint-github-bot
 Malicious code in eslint-github-bot (npm) 29 Oct 2025
  • No fix available
MAL-2025-48550
  • npm/doppler-secrets-fetch-github-action
 Malicious code in doppler-secrets-fetch-github-action (npm) 22 Oct 2025
  • No fix available
MAL-2025-41386
  • npm/github-socket-worker
 Malicious code in github-socket-worker (npm) 23 Aug 2025
  • No fix available
MAL-2025-21482
  • npm/github-react-components
 Malicious code in github-react-components (npm) 14 Aug 2025
  • No fix available
MAL-2025-32058
  • npm/release-to-github
 Malicious code in release-to-github (npm) 14 Aug 2025
  • No fix available
MAL-2025-6745
  • npm/nr1-github
 Malicious code in nr1-github (npm) 03 Aug 2025
  • No fix available
GHSA-6jx8-rcjx-vmwf
  • npm/@sunwood-ai-labs/github-kanban-mcp-server
 GitHub Kanban MCP Server vulnerable to Command Injection 15 Jul 2025
  • No fix available
  • Severity - 8.9 (High)
MAL-2025-5923
  • npm/iron-github-io
 Malicious code in iron-github-io (npm) 15 Jul 2025
  • No fix available
Load more...