Vulnerability DB

VULNERABILITY	AFFECTS	TYPE	PUBLISHED
C Malicious Package	falcon-login*	npm	24 Sept 2025
C Malicious Package	sha256-validation-xyz*	npm	24 Sept 2025
C Malicious Package	ome-api*	npm	24 Sept 2025
C Malicious Package	@corp-ais/mychannel-shared-libs*	npm	24 Sept 2025
C Malicious Package	bscrypt-validation*	npm	24 Sept 2025
C Malicious Package	axcors*	npm	24 Sept 2025
C Malicious Package	isood*	npm	24 Sept 2025
C Malicious Package	sha256-validation-nextjs*	npm	24 Sept 2025
C Malicious Package	iconfont-icons*	npm	24 Sept 2025
C Malicious Package	vite-plugin-parse-json*	npm	23 Sept 2025
H Uncontrolled Search Path Element	@salesforce/cli<2.106.6	npm	23 Sept 2025
M Incorrect User Management	jeecgboot-vue3*	npm	23 Sept 2025
M Cross-site Scripting (XSS)	@meshconnect/web-link-sdk<3.3.2	npm	23 Sept 2025
M Server-side Request Forgery (SSRF)	is-localhost-ip*	npm	23 Sept 2025
M Command Injection	git-commiters<0.1.2	npm	23 Sept 2025
M Cross-site Scripting (XSS)	mailgen<2.0.30	npm	23 Sept 2025
M Arbitrary Argument Injection	@conventional-changelog/git-client<2.0.0	npm	23 Sept 2025
C Malicious Package	cui-travel-component*	npm	23 Sept 2025
C Malicious Package	@cat-ai/assistant-component*	npm	23 Sept 2025
C Malicious Package	http-err-notification*	npm	23 Sept 2025
C Malicious Package	fezbox*	npm	23 Sept 2025
C Malicious Package	opti-tools*	npm	23 Sept 2025
H Arbitrary File Upload	n8n-workflow>=1.24.0 <1.104.0	npm	22 Sept 2025
H Arbitrary File Upload	n8n-nodes-base>=1.24.0 <1.105.0	npm	22 Sept 2025
H Arbitrary File Upload	@n8n/n8n-nodes-langchain>=1.36.4 <1.106.0	npm	22 Sept 2025
C Embedded Malicious Code	devextreme-rpk=21.2.8	npm	22 Sept 2025
C Malicious Package	tailwind-glass-icon*	npm	22 Sept 2025
C Malicious Package	tailwind-book-icon*	npm	22 Sept 2025
C Malicious Package	tailwind-computer-icon*	npm	22 Sept 2025
C Malicious Package	tsleep*	npm	22 Sept 2025

APPLICATION

OPERATING SYSTEM