muaddib-scanner 1.0.18 → 1.0.19

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/.muaddib-cache/iocs.json +1 -757
  2. package/README.fr.md +325 -310
  3. package/README.md +350 -330
  4. package/package.json +1 -1
package/.muaddib-cache/iocs.json CHANGED
@@ -428,636 +428,6 @@
428
428
  "source": "typosquat",
429
429
  "description": "Typosquat de requests"
430
430
  },
431
- {
432
- "id": "GHSA-GHSA-rwc2-f344-q6w6",
433
- "name": "serverless",
434
- "version": ">= 4.29.0, < 4.29.3",
435
- "severity": "high",
436
- "confidence": "high",
437
- "source": "github-advisory",
438
- "description": "serverless MCP Server vulnerable to Command Injection in list-projects tool",
439
- "references": [
440
- "https://github.com/advisories/GHSA-rwc2-f344-q6w6"
441
- ],
442
- "mitre": "T1195.002",
443
- "cve": "CVE-2025-69256"
444
- },
445
- {
446
- "id": "GHSA-GHSA-6rw7-vpxm-498p",
447
- "name": "qs",
448
- "version": "< 6.14.1",
449
- "severity": "high",
450
- "confidence": "high",
451
- "source": "github-advisory",
452
- "description": "qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion",
453
- "references": [
454
- "https://github.com/advisories/GHSA-6rw7-vpxm-498p"
455
- ],
456
- "mitre": "T1195.002",
457
- "cve": "CVE-2025-15284"
458
- },
459
- {
460
- "id": "GHSA-GHSA-xphh-5v4r-r3rx",
461
- "name": "psitransfer",
462
- "version": "< 2.3.1",
463
- "severity": "high",
464
- "confidence": "high",
465
- "source": "github-advisory",
466
- "description": "PsiTransfer has Zip Slip Path Traversal via TAR Archive Download",
467
- "references": [
468
- "https://github.com/advisories/GHSA-xphh-5v4r-r3rx"
469
- ],
470
- "mitre": "T1195.002",
471
- "cve": null
472
- },
473
- {
474
- "id": "GHSA-GHSA-6vj3-p34w-xxjp",
475
- "name": "apidoc-core",
476
- "version": ">= 0.2.0, <= 0.15.0",
477
- "severity": "critical",
478
- "confidence": "high",
479
- "source": "github-advisory",
480
- "description": "apidoc-core has a prototype pollution vulnerability",
481
- "references": [
482
- "https://github.com/advisories/GHSA-6vj3-p34w-xxjp"
483
- ],
484
- "mitre": "T1195.002",
485
- "cve": "CVE-2025-13158"
486
- },
487
- {
488
- "id": "GHSA-GHSA-j4p8-h8mh-rh8q",
489
- "name": "n8n",
490
- "version": ">= 1.2.1, < 2.0.0",
491
- "severity": "high",
492
- "confidence": "high",
493
- "source": "github-advisory",
494
- "description": "Self-hosted n8n has Legacy Code node that enables arbitrary file read/write",
495
- "references": [
496
- "https://github.com/advisories/GHSA-j4p8-h8mh-rh8q"
497
- ],
498
- "mitre": "T1195.002",
499
- "cve": "CVE-2025-68697"
500
- },
501
- {
502
- "id": "GHSA-GHSA-jv72-59wq-8rxm",
503
- "name": "libxmljs",
504
- "version": "<= 1.0.11",
505
- "severity": "high",
506
- "confidence": "high",
507
- "source": "github-advisory",
508
- "description": "libxmljs has segmentation fault, potentially leading to a denial-of-service (DoS)",
509
- "references": [
510
- "https://github.com/advisories/GHSA-jv72-59wq-8rxm"
511
- ],
512
- "mitre": "T1195.002",
513
- "cve": "CVE-2025-25341"
514
- },
515
- {
516
- "id": "GHSA-GHSA-r399-636x-v7f6",
517
- "name": "@langchain/core",
518
- "version": ">= 1.0.0, < 1.1.8",
519
- "severity": "high",
520
- "confidence": "high",
521
- "source": "github-advisory",
522
- "description": "LangChain serialization injection vulnerability enables secret extraction",
523
- "references": [
524
- "https://github.com/advisories/GHSA-r399-636x-v7f6"
525
- ],
526
- "mitre": "T1195.002",
527
- "cve": "CVE-2025-68665"
528
- },
529
- {
530
- "id": "GHSA-GHSA-r399-636x-v7f6",
531
- "name": "langchain",
532
- "version": ">= 1.0.0, < 1.2.3",
533
- "severity": "high",
534
- "confidence": "high",
535
- "source": "github-advisory",
536
- "description": "LangChain serialization injection vulnerability enables secret extraction",
537
- "references": [
538
- "https://github.com/advisories/GHSA-r399-636x-v7f6"
539
- ],
540
- "mitre": "T1195.002",
541
- "cve": "CVE-2025-68665"
542
- },
543
- {
544
- "id": "GHSA-GHSA-rchf-xwx2-hm93",
545
- "name": "@fedify/fedify",
546
- "version": "< 1.6.13",
547
- "severity": "high",
548
- "confidence": "high",
549
- "source": "github-advisory",
550
- "description": "Fedify has ReDoS Vulnerability in HTML Parsing Regex",
551
- "references": [
552
- "https://github.com/advisories/GHSA-rchf-xwx2-hm93"
553
- ],
554
- "mitre": "T1195.002",
555
- "cve": "CVE-2025-68475"
556
- },
557
- {
558
- "id": "GHSA-GHSA-8452-54wp-rmv6",
559
- "name": "storybook",
560
- "version": ">= 7.0.0, < 7.6.21",
561
- "severity": "high",
562
- "confidence": "high",
563
- "source": "github-advisory",
564
- "description": "Storybook manager bundle may expose environment variables during build",
565
- "references": [
566
- "https://github.com/advisories/GHSA-8452-54wp-rmv6"
567
- ],
568
- "mitre": "T1195.002",
569
- "cve": "CVE-2025-68429"
570
- },
571
- {
572
- "id": "GHSA-GHSA-529f-9qwm-9628",
573
- "name": "tinacms",
574
- "version": "< 3.1.1",
575
- "severity": "high",
576
- "confidence": "high",
577
- "source": "github-advisory",
578
- "description": "tinacms is vulnerable to arbitrary code execution",
579
- "references": [
580
- "https://github.com/advisories/GHSA-529f-9qwm-9628"
581
- ],
582
- "mitre": "T1195.002",
583
- "cve": "CVE-2025-68278"
584
- },
585
- {
586
- "id": "GHSA-GHSA-529f-9qwm-9628",
587
- "name": "@tinacms/cli",
588
- "version": "< 2.0.4",
589
- "severity": "high",
590
- "confidence": "high",
591
- "source": "github-advisory",
592
- "description": "tinacms is vulnerable to arbitrary code execution",
593
- "references": [
594
- "https://github.com/advisories/GHSA-529f-9qwm-9628"
595
- ],
596
- "mitre": "T1195.002",
597
- "cve": "CVE-2025-68278"
598
- },
599
- {
600
- "id": "GHSA-GHSA-529f-9qwm-9628",
601
- "name": "@tinacms/graphql",
602
- "version": "< 2.0.3",
603
- "severity": "high",
604
- "confidence": "high",
605
- "source": "github-advisory",
606
- "description": "tinacms is vulnerable to arbitrary code execution",
607
- "references": [
608
- "https://github.com/advisories/GHSA-529f-9qwm-9628"
609
- ],
610
- "mitre": "T1195.002",
611
- "cve": "CVE-2025-68278"
612
- },
613
- {
614
- "id": "GHSA-GHSA-wphj-fx3q-84ch",
615
- "name": "systeminformation",
616
- "version": "< 5.27.14",
617
- "severity": "high",
618
- "confidence": "high",
619
- "source": "github-advisory",
620
- "description": "systeminformation has a Command Injection vulnerability in fsSize() function on Windows",
621
- "references": [
622
- "https://github.com/advisories/GHSA-wphj-fx3q-84ch"
623
- ],
624
- "mitre": "T1195.002",
625
- "cve": "CVE-2025-68154"
626
- },
627
- {
628
- "id": "GHSA-GHSA-3f5f-xgrj-97pf",
629
- "name": "parse-server",
630
- "version": ">= 9.0.0, < 9.1.1.alpha.1",
631
- "severity": "high",
632
- "confidence": "high",
633
- "source": "github-advisory",
634
- "description": "Parse Server is vulnerable to Server-Side Request Forgery (SSRF) via Instagram OAuth Adapter",
635
- "references": [
636
- "https://github.com/advisories/GHSA-3f5f-xgrj-97pf"
637
- ],
638
- "mitre": "T1195.002",
639
- "cve": "CVE-2025-68150"
640
- },
641
- {
642
- "id": "GHSA-GHSA-g239-q96q-x4qm",
643
- "name": "@vitejs/plugin-rsc",
644
- "version": "< 0.5.8",
645
- "severity": "high",
646
- "confidence": "high",
647
- "source": "github-advisory",
648
- "description": "@vitejs/plugin-rsc has an Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint",
649
- "references": [
650
- "https://github.com/advisories/GHSA-g239-q96q-x4qm"
651
- ],
652
- "mitre": "T1195.002",
653
- "cve": "CVE-2025-68155"
654
- },
655
- {
656
- "id": "GHSA-GHSA-x732-6j76-qmhm",
657
- "name": "better-auth",
658
- "version": "< 1.4.5",
659
- "severity": "high",
660
- "confidence": "high",
661
- "source": "github-advisory",
662
- "description": "Better Auth's rou3 Dependency has Double-Slash Path Normalization which can Bypass disabledPaths Config and Rate Limits",
663
- "references": [
664
- "https://github.com/advisories/GHSA-x732-6j76-qmhm"
665
- ],
666
- "mitre": "T1195.002",
667
- "cve": null
668
- },
669
- {
670
- "id": "GHSA-GHSA-43p4-m455-4f4j",
671
- "name": "@trpc/server",
672
- "version": ">= 10.27.0, < 10.45.3",
673
- "severity": "high",
674
- "confidence": "high",
675
- "source": "github-advisory",
676
- "description": "tRPC has possible prototype pollution in `experimental_nextAppDirCaller`",
677
- "references": [
678
- "https://github.com/advisories/GHSA-43p4-m455-4f4j"
679
- ],
680
- "mitre": "T1195.002",
681
- "cve": "CVE-2025-68130"
682
- },
683
- {
684
- "id": "GHSA-GHSA-vr6p-vq2p-6j74",
685
- "name": "likec4",
686
- "version": "<= 1.46.1",
687
- "severity": "critical",
688
- "confidence": "high",
689
- "source": "github-advisory",
690
- "description": "Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions",
691
- "references": [
692
- "https://github.com/advisories/GHSA-vr6p-vq2p-6j74"
693
- ],
694
- "mitre": "T1195.002",
695
- "cve": null
696
- },
697
- {
698
- "id": "GHSA-GHSA-496g-mmpw-j9x3",
699
- "name": "misskey-js",
700
- "version": ">= 13.0.0-beta.16, < 2025.12.0",
701
- "severity": "high",
702
- "confidence": "high",
703
- "source": "github-advisory",
704
- "description": "misskey.js's export data contains private post data",
705
- "references": [
706
- "https://github.com/advisories/GHSA-496g-mmpw-j9x3"
707
- ],
708
- "mitre": "T1195.002",
709
- "cve": "CVE-2025-66402"
710
- },
711
- {
712
- "id": "GHSA-GHSA-3jp5-5f8r-q2wg",
713
- "name": "vuetify",
714
- "version": ">= 2.2.0-beta.2, < 3.0.0-alpha.10",
715
- "severity": "high",
716
- "confidence": "high",
717
- "source": "github-advisory",
718
- "description": "Vuetify has a Prototype Pollution vulnerability",
719
- "references": [
720
- "https://github.com/advisories/GHSA-3jp5-5f8r-q2wg"
721
- ],
722
- "mitre": "T1195.002",
723
- "cve": "CVE-2025-8083"
724
- },
725
- {
726
- "id": "GHSA-GHSA-55jh-84jv-8mx8",
727
- "name": "lightning-flow-scanner",
728
- "version": "< 6.10.6",
729
- "severity": "high",
730
- "confidence": "high",
731
- "source": "github-advisory",
732
- "description": "Lightning Flow Scanner Vulnerable to Code Injection via Unsafe Use of `new Function()` in APIVersion Rule",
733
- "references": [
734
- "https://github.com/advisories/GHSA-55jh-84jv-8mx8"
735
- ],
736
- "mitre": "T1195.002",
737
- "cve": "CVE-2025-67750"
738
- },
739
- {
740
- "id": "GHSA-GHSA-5j59-xgg2-r9c4",
741
- "name": "next",
742
- "version": ">= 13.3.1-canary.0, < 14.2.35",
743
- "severity": "high",
744
- "confidence": "high",
745
- "source": "github-advisory",
746
- "description": "Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up",
747
- "references": [
748
- "https://github.com/advisories/GHSA-5j59-xgg2-r9c4"
749
- ],
750
- "mitre": "T1195.002",
751
- "cve": null
752
- },
753
- {
754
- "id": "GHSA-GHSA-7gmr-mq3h-m5h9",
755
- "name": "react-server-dom-parcel",
756
- "version": ">= 19.0.2, < 19.0.3",
757
- "severity": "high",
758
- "confidence": "high",
759
- "source": "github-advisory",
760
- "description": "Denial of Service Vulnerability in React Server Components",
761
- "references": [
762
- "https://github.com/advisories/GHSA-7gmr-mq3h-m5h9"
763
- ],
764
- "mitre": "T1195.002",
765
- "cve": "CVE-2025-67779"
766
- },
767
- {
768
- "id": "GHSA-GHSA-7gmr-mq3h-m5h9",
769
- "name": "react-server-dom-turbopack",
770
- "version": ">= 19.0.2, < 19.0.3",
771
- "severity": "high",
772
- "confidence": "high",
773
- "source": "github-advisory",
774
- "description": "Denial of Service Vulnerability in React Server Components",
775
- "references": [
776
- "https://github.com/advisories/GHSA-7gmr-mq3h-m5h9"
777
- ],
778
- "mitre": "T1195.002",
779
- "cve": "CVE-2025-67779"
780
- },
781
- {
782
- "id": "GHSA-GHSA-7gmr-mq3h-m5h9",
783
- "name": "react-server-dom-webpack",
784
- "version": ">= 19.0.2, < 19.0.3",
785
- "severity": "high",
786
- "confidence": "high",
787
- "source": "github-advisory",
788
- "description": "Denial of Service Vulnerability in React Server Components",
789
- "references": [
790
- "https://github.com/advisories/GHSA-7gmr-mq3h-m5h9"
791
- ],
792
- "mitre": "T1195.002",
793
- "cve": "CVE-2025-67779"
794
- },
795
- {
796
- "id": "GHSA-GHSA-qgc4-8p88-4w7m",
797
- "name": "servify-express",
798
- "version": "<= 1.1",
799
- "severity": "high",
800
- "confidence": "high",
801
- "source": "github-advisory",
802
- "description": "Servify-express rate limit issue",
803
- "references": [
804
- "https://github.com/advisories/GHSA-qgc4-8p88-4w7m"
805
- ],
806
- "mitre": "T1195.002",
807
- "cve": "CVE-2025-67731"
808
- },
809
- {
810
- "id": "GHSA-GHSA-m654-769v-qjv7",
811
- "name": "formio",
812
- "version": "< 3.5.7",
813
- "severity": "high",
814
- "confidence": "high",
815
- "source": "github-advisory",
816
- "description": "Formio improperly authorized permission elevation through specially crafted request path",
817
- "references": [
818
- "https://github.com/advisories/GHSA-m654-769v-qjv7"
819
- ],
820
- "mitre": "T1195.002",
821
- "cve": "CVE-2025-67718"
822
- },
823
- {
824
- "id": "GHSA-GHSA-8vch-m3f4-q8jf",
825
- "name": "elysia",
826
- "version": "< 1.4.18",
827
- "severity": "high",
828
- "confidence": "high",
829
- "source": "github-advisory",
830
- "description": "Elysia affected by arbitrary code injection through cookie config",
831
- "references": [
832
- "https://github.com/advisories/GHSA-8vch-m3f4-q8jf"
833
- ],
834
- "mitre": "T1195.002",
835
- "cve": "CVE-2025-66457"
836
- },
837
- {
838
- "id": "GHSA-GHSA-8wvc-869r-xfqf",
839
- "name": "open-webui",
840
- "version": "<= 0.6.36",
841
- "severity": "high",
842
- "confidence": "high",
843
- "source": "github-advisory",
844
- "description": "Open WebUI Vulnerable to Stored DOM XSS via Note 'Download PDF'",
845
- "references": [
846
- "https://github.com/advisories/GHSA-8wvc-869r-xfqf"
847
- ],
848
- "mitre": "T1195.002",
849
- "cve": "CVE-2025-65959"
850
- },
851
- {
852
- "id": "GHSA-GHSA-869p-cjfg-cm3x",
853
- "name": "jws",
854
- "version": "< 3.2.3",
855
- "severity": "high",
856
- "confidence": "high",
857
- "source": "github-advisory",
858
- "description": "auth0/node-jws Improperly Verifies HMAC Signature",
859
- "references": [
860
- "https://github.com/advisories/GHSA-869p-cjfg-cm3x"
861
- ],
862
- "mitre": "T1195.002",
863
- "cve": "CVE-2025-65945"
864
- },
865
- {
866
- "id": "GHSA-GHSA-xq4m-mc3c-vvg3",
867
- "name": "@anthropic-ai/claude-code",
868
- "version": "< 1.0.93",
869
- "severity": "high",
870
- "confidence": "high",
871
- "source": "github-advisory",
872
- "description": "Claude Code Command Validation Bypass Allows Arbitrary Code Execution",
873
- "references": [
874
- "https://github.com/advisories/GHSA-xq4m-mc3c-vvg3"
875
- ],
876
- "mitre": "T1195.002",
877
- "cve": "CVE-2025-66032"
878
- },
879
- {
880
- "id": "GHSA-GHSA-w48q-cv73-mx4w",
881
- "name": "@modelcontextprotocol/sdk",
882
- "version": "< 1.24.0",
883
- "severity": "high",
884
- "confidence": "high",
885
- "source": "github-advisory",
886
- "description": "Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default",
887
- "references": [
888
- "https://github.com/advisories/GHSA-w48q-cv73-mx4w"
889
- ],
890
- "mitre": "T1195.002",
891
- "cve": "CVE-2025-66414"
892
- },
893
- {
894
- "id": "GHSA-GHSA-v4hv-rgfq-gp49",
895
- "name": "@angular/compiler",
896
- "version": ">= 21.0.0-next.0, < 21.0.2",
897
- "severity": "high",
898
- "confidence": "high",
899
- "source": "github-advisory",
900
- "description": "Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes",
901
- "references": [
902
- "https://github.com/advisories/GHSA-v4hv-rgfq-gp49"
903
- ],
904
- "mitre": "T1195.002",
905
- "cve": "CVE-2025-66412"
906
- },
907
- {
908
- "id": "GHSA-GHSA-27m7-ffhq-jqrm",
909
- "name": "mcp-watch",
910
- "version": "<= 0.1.2",
911
- "severity": "critical",
912
- "confidence": "high",
913
- "source": "github-advisory",
914
- "description": "MCP Watch has a Critical Command Injection in cloneRepo allows Remote Code Execution (RCE) via malicious URL",
915
- "references": [
916
- "https://github.com/advisories/GHSA-27m7-ffhq-jqrm"
917
- ],
918
- "mitre": "T1195.002",
919
- "cve": "CVE-2025-66401"
920
- },
921
- {
922
- "id": "GHSA-GHSA-vghf-hv5q-vc2g",
923
- "name": "validator",
924
- "version": "< 13.15.22",
925
- "severity": "high",
926
- "confidence": "high",
927
- "source": "github-advisory",
928
- "description": "Validator is Vulnerable to Incomplete Filtering of One or More Instances of Special Elements",
929
- "references": [
930
- "https://github.com/advisories/GHSA-vghf-hv5q-vc2g"
931
- ],
932
- "mitre": "T1195.002",
933
- "cve": "CVE-2025-12758"
934
- },
935
- {
936
- "id": "GHSA-GHSA-58c5-g7wp-6w37",
937
- "name": "@angular/common",
938
- "version": ">= 21.0.0-next.0, < 21.0.1",
939
- "severity": "high",
940
- "confidence": "high",
941
- "source": "github-advisory",
942
- "description": "Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client",
943
- "references": [
944
- "https://github.com/advisories/GHSA-58c5-g7wp-6w37"
945
- ],
946
- "mitre": "T1195.002",
947
- "cve": "CVE-2025-66035"
948
- },
949
- {
950
- "id": "GHSA-GHSA-554w-wpv2-vw27",
951
- "name": "node-forge",
952
- "version": "< 1.3.2",
953
- "severity": "high",
954
- "confidence": "high",
955
- "source": "github-advisory",
956
- "description": "node-forge has ASN.1 Unbounded Recursion",
957
- "references": [
958
- "https://github.com/advisories/GHSA-554w-wpv2-vw27"
959
- ],
960
- "mitre": "T1195.002",
961
- "cve": "CVE-2025-66031"
962
- },
963
- {
964
- "id": "GHSA-GHSA-vqpr-j7v3-hqw9",
965
- "name": "valibot",
966
- "version": ">= 0.31.0, < 1.2.0",
967
- "severity": "high",
968
- "confidence": "high",
969
- "source": "github-advisory",
970
- "description": "Valibot has a ReDoS vulnerability in `EMOJI_REGEX`",
971
- "references": [
972
- "https://github.com/advisories/GHSA-vqpr-j7v3-hqw9"
973
- ],
974
- "mitre": "T1195.002",
975
- "cve": "CVE-2025-66020"
976
- },
977
- {
978
- "id": "GHSA-GHSA-m449-vh5f-574g",
979
- "name": "@oneuptime/common",
980
- "version": "< 9.1.0",
981
- "severity": "high",
982
- "confidence": "high",
983
- "source": "github-advisory",
984
- "description": "OneUptime Unauthorized User Creation via API",
985
- "references": [
986
- "https://github.com/advisories/GHSA-m449-vh5f-574g"
987
- ],
988
- "mitre": "T1195.002",
989
- "cve": "CVE-2025-65966"
990
- },
991
- {
992
- "id": "GHSA-GHSA-4vcf-q4xf-f48m",
993
- "name": "@better-auth/passkey",
994
- "version": "< 1.4.0",
995
- "severity": "high",
996
- "confidence": "high",
997
- "source": "github-advisory",
998
- "description": "Better Auth Passkey Plugin allows passkey deletion through IDOR",
999
- "references": [
1000
- "https://github.com/advisories/GHSA-4vcf-q4xf-f48m"
1001
- ],
1002
- "mitre": "T1195.002",
1003
- "cve": null
1004
- },
1005
- {
1006
- "id": "GHSA-GHSA-p8pf-44ff-93gf",
1007
- "name": "@workos-inc/authkit-nextjs",
1008
- "version": "<= 2.11.0",
1009
- "severity": "high",
1010
- "confidence": "high",
1011
- "source": "github-advisory",
1012
- "description": "authkit-nextjs may let session cookies be cached in CDNs",
1013
- "references": [
1014
- "https://github.com/advisories/GHSA-p8pf-44ff-93gf"
1015
- ],
1016
- "mitre": "T1195.002",
1017
- "cve": "CVE-2025-64762"
1018
- },
1019
- {
1020
- "id": "GHSA-GHSA-547r-qmjm-8hvw",
1021
- "name": "md-to-pdf",
1022
- "version": "< 5.2.5",
1023
- "severity": "critical",
1024
- "confidence": "high",
1025
- "source": "github-advisory",
1026
- "description": "md-to-pdf vulnerable to arbitrary JavaScript code execution when parsing front matter",
1027
- "references": [
1028
- "https://github.com/advisories/GHSA-547r-qmjm-8hvw"
1029
- ],
1030
- "mitre": "T1195.002",
1031
- "cve": "CVE-2025-65108"
1032
- },
1033
- {
1034
- "id": "GHSA-GHSA-73g8-5h73-26h4",
1035
- "name": "@hpke/core",
1036
- "version": "<= 1.7.4",
1037
- "severity": "critical",
1038
- "confidence": "high",
1039
- "source": "github-advisory",
1040
- "description": "@hpke/core reuses AEAD nonces",
1041
- "references": [
1042
- "https://github.com/advisories/GHSA-73g8-5h73-26h4"
1043
- ],
1044
- "mitre": "T1195.002",
1045
- "cve": "CVE-2025-64767"
1046
- },
1047
- {
1048
- "id": "GHSA-GHSA-wrwg-2hg8-v723",
1049
- "name": "astro",
1050
- "version": "<= 5.15.6",
1051
- "severity": "high",
1052
- "confidence": "high",
1053
- "source": "github-advisory",
1054
- "description": "Astro vulnerable to reflected XSS via the server islands feature",
1055
- "references": [
1056
- "https://github.com/advisories/GHSA-wrwg-2hg8-v723"
1057
- ],
1058
- "mitre": "T1195.002",
1059
- "cve": "CVE-2025-64764"
1060
- },
1061
431
  {
1062
432
  "id": "SOCKET-@pnpm.exe/pnpm",
1063
433
  "name": "@pnpm.exe/pnpm",
@@ -2415,34 +1785,6 @@
2415
1785
  "references": [],
2416
1786
  "mitre": "T1195.002"
2417
1787
  },
2418
- {
2419
- "id": "GHSA-gvq6-hvvp-h34h",
2420
- "name": "@adonisjs/bodyparser",
2421
- "version": "< 10.1.2",
2422
- "severity": "critical",
2423
- "confidence": "high",
2424
- "source": "github-advisory",
2425
- "description": "AdonisJS Path Traversal in Multipart File Handling",
2426
- "references": [
2427
- "https://github.com/advisories/GHSA-gvq6-hvvp-h34h"
2428
- ],
2429
- "mitre": "T1195.002",
2430
- "cve": "CVE-2026-21440"
2431
- },
2432
- {
2433
- "id": "GHSA-fq56-hvg6-wvm5",
2434
- "name": "signalk-server",
2435
- "version": "< 2.19.0",
2436
- "severity": "critical",
2437
- "confidence": "high",
2438
- "source": "github-advisory",
2439
- "description": "Signal K Server vulnerable to JWT Token Theft via WebSocket Enumeration and Unauthenticated Polling",
2440
- "references": [
2441
- "https://github.com/advisories/GHSA-fq56-hvg6-wvm5"
2442
- ],
2443
- "mitre": "T1195.002",
2444
- "cve": "CVE-2025-68620"
2445
- },
2446
1788
  {
2447
1789
  "id": "SHAI-HULUD-02-echo",
2448
1790
  "name": "02-echo",
@@ -12660,104 +12002,6 @@
12660
12002
  "https://github.com/gensecaihq/Shai-Hulud-2.0-Detector"
12661
12003
  ],
12662
12004
  "mitre": "T1195.002"
12663
- },
12664
- {
12665
- "id": "GHSA-36hm-qxxp-pg3m",
12666
- "name": "preact",
12667
- "version": ">= 10.26.5, < 10.26.10",
12668
- "severity": "high",
12669
- "confidence": "high",
12670
- "source": "github-advisory",
12671
- "description": "Preact has JSON VNode Injection issue",
12672
- "references": [
12673
- "https://github.com/advisories/GHSA-36hm-qxxp-pg3m"
12674
- ],
12675
- "mitre": "T1195.002",
12676
- "cve": "CVE-2026-22028"
12677
- },
12678
- {
12679
- "id": "GHSA-379q-355j-w6rj",
12680
- "name": "pnpm",
12681
- "version": ">= 10.0.0, < 10.26.0",
12682
- "severity": "high",
12683
- "confidence": "high",
12684
- "source": "github-advisory",
12685
- "description": "pnpm v10+ Bypass \"Dependency lifecycle scripts execution disabled by default\"",
12686
- "references": [
12687
- "https://github.com/advisories/GHSA-379q-355j-w6rj"
12688
- ],
12689
- "mitre": "T1195.002",
12690
- "cve": "CVE-2025-69264"
12691
- },
12692
- {
12693
- "id": "GHSA-6fg3-hvw7-2fwq",
12694
- "name": "@playwright/mcp",
12695
- "version": "< 0.0.40",
12696
- "severity": "high",
12697
- "confidence": "high",
12698
- "source": "github-advisory",
12699
- "description": "Microsoft Playwright MCP Server vulnerable to DNS Rebinding Attack; Allows Attackers Access to All Server Tools",
12700
- "references": [
12701
- "https://github.com/advisories/GHSA-6fg3-hvw7-2fwq"
12702
- ],
12703
- "mitre": "T1195.002",
12704
- "cve": "CVE-2025-9611"
12705
- },
12706
- {
12707
- "id": "GHSA-m9rg-mr6g-75gm",
12708
- "name": "vega-functions",
12709
- "version": "<= 6.1.0",
12710
- "severity": "high",
12711
- "confidence": "high",
12712
- "source": "github-advisory",
12713
- "description": "`vega-functions` vulnerable to Cross-site Scripting via `setdata` function",
12714
- "references": [
12715
- "https://github.com/advisories/GHSA-m9rg-mr6g-75gm"
12716
- ],
12717
- "mitre": "T1195.002",
12718
- "cve": "CVE-2025-66648"
12719
- },
12720
- {
12721
- "id": "GHSA-829q-m3qg-ph8r",
12722
- "name": "vega-selections",
12723
- "version": "< 5.6.3",
12724
- "severity": "high",
12725
- "confidence": "high",
12726
- "source": "github-advisory",
12727
- "description": "Vega XSS via expression abusing vlSelectionTuples function array map calls in environments with satisfactory function gadgets in the global scope",
12728
- "references": [
12729
- "https://github.com/advisories/GHSA-829q-m3qg-ph8r"
12730
- ],
12731
- "mitre": "T1195.002",
12732
- "cve": "CVE-2025-65110"
12733
- },
12734
- {
12735
- "id": "GHSA-m2q5-xhqg-92r2",
12736
- "name": "@evershop/evershop",
12737
- "version": "<= 2.1.0",
12738
- "severity": "high",
12739
- "confidence": "high",
12740
- "source": "github-advisory",
12741
- "description": "evershop allows unauthenticated attackers to exhaust application server's resources via \"GET /images\" API",
12742
- "references": [
12743
- "https://github.com/advisories/GHSA-m2q5-xhqg-92r2"
12744
- ],
12745
- "mitre": "T1195.002",
12746
- "cve": "CVE-2025-67419"
12747
- },
12748
- {
12749
- "id": "GHSA-f8cm-6447-x5h2",
12750
- "name": "jspdf",
12751
- "version": "<= 3.0.4",
12752
- "severity": "critical",
12753
- "confidence": "high",
12754
- "source": "github-advisory",
12755
- "description": "jsPDF has Local File Inclusion/Path Traversal vulnerability",
12756
- "references": [
12757
- "https://github.com/advisories/GHSA-f8cm-6447-x5h2"
12758
- ],
12759
- "mitre": "T1195.002",
12760
- "cve": "CVE-2025-68428"
12761
12005
  }
12762
12006
  ],
12763
12007
  "hashes": [
@@ -12802,5 +12046,5 @@
12802
12046
  "discord-webhook.js",
12803
12047
  "inject.js"
12804
12048
  ],
12805
- "updated": "2026-01-08T13:54:17.498Z"
12049
+ "updated": "2026-01-08T15:51:22.567Z"
12806
12050
  }