Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-3q26-f695-pp76
  • npm/@cyanheads/git-mcp-server
 @cyanheads/git-mcp-server vulnerable to command injection in several tools 13 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-6r2x-8pq8-9489
  • npm/electron
 Electron vulnerable to Heap Buffer Overflow in NativeImage 14 hours ago
  • Fix available
  • Severity - 4.4 (Medium)
GHSA-994j-5c83-r424
  • npm/string-math
 string-math's string-math.js vulnerability can cause Regex Denial of Service (ReDoS) 14 hours ago
  • No fix available
  • Severity - 3.7 (Low)
GHSA-xw5q-g62x-2qjc
  • npm/electron
 electron ASAR Integrity bypass by just modifying the content 14 hours ago
  • Fix available
  • Severity - 7.8 (High)
GHSA-5vhg-9xg4-cv9m
  • npm/tiny-secp256k1
 tiny-secp256k1 allows for verify() bypass when running in bundled environment 15 hours ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-7mc2-6phr-23xc
  • npm/tiny-secp256k1
 tiny-secp256k1 vulnerable to private key extraction when signing a malicious JSON-stringifyable message in bundled environment 15 hours ago
  • Fix available
  • Severity - 8.1 (High)
MAL-2025-5321
  • npm/sdk.babelhelpers
 Malicious code in sdk.babelhelpers (npm) yesterday
  • No fix available
MAL-2025-5319
  • npm/workflows-templates
 Malicious code in workflows-templates (npm) yesterday
  • No fix available
MAL-2025-5318
  • npm/oneplussam
 Malicious code in oneplussam (npm) yesterday
  • No fix available
MAL-2025-5317
  • npm/dynatrace-test-automation
 Malicious code in dynatrace-test-automation (npm) yesterday
  • No fix available
MAL-2025-5328
  • npm/smart-attachments
 Malicious code in smart-attachments (npm) yesterday
  • No fix available
MAL-2025-5323
  • npm/assets-atlas-editor
 Malicious code in assets-atlas-editor (npm) yesterday
  • No fix available
MAL-2025-5326
  • npm/jsmdc
 Malicious code in jsmdc (npm) yesterday
  • No fix available
MAL-2025-5316
  • npm/plugin-api-version
 Malicious code in plugin-api-version (npm) yesterday
  • No fix available
MAL-2025-5315
  • npm/@checkbox-technology-pty-ltd/custom-block-kit
 Malicious code in @checkbox-technology-pty-ltd/custom-block-kit (npm) yesterday
  • No fix available
MAL-2025-5330
  • npm/titan-exchange-shared
 Malicious code in titan-exchange-shared (npm) 2 days ago
  • No fix available
Load more...