FLAT-6D06O (MAL-2026-5227)
Use of software with malware In autotel-playwright
5.2
Medium
Ecosystem: Npm
Package: autotel-playwright
FLAT-N7YUK (MAL-2026-5248)
Use of software with malware In eslint-plugin-executable-stories-playwright
5.2
Medium
Ecosystem: Npm
Package: eslint-plugin-executable-stories-playwright
FLAT-YVGLY (MAL-2026-5256)
Use of software with malware In executable-stories-playwright
5.2
Medium
Ecosystem: Npm
Package: executable-stories-playwright
FLAT-IEL9O (MAL-2026-5103)
Use of software with malware In @osamdefeirrighs/testhackfrrferrr
5.2
Medium
Ecosystem: Npm
Package: @osamdefeirrighs/testhackfrrferrr
FLAT-A1GF8 (MAL-2026-5142)
Use of software with malware In @redhat-cloud-services/insights-client
5.2
Medium
Ecosystem: Npm
Package: @redhat-cloud-services/insights-client
FLAT-QPZMM (CVE-2026-48501)
Authentication mechanism absence or evasion In golang-github-cli-go-gh
8.2
High
Ecosystem: Debian
Package: golang-github-cli-go-gh
FLAT-TWCOP (MAL-2026-4644)
Use of software with malware In power-platform-playwright-toolkit
5.2
Medium
Ecosystem: Npm
Package: power-platform-playwright-toolkit
FLAT-SW8G9 (MAL-2026-4508)
Use of software with malware In cdk-insights
5.2
Medium
Ecosystem: Npm
Package: cdk-insights
FLAT-1ABCO (CVE-2026-46378)
Improper resource allocation In github.com/tomwright/dasel/v3
6.3
Medium
Ecosystem: Go
Package: github.com/tomwright/dasel/v3
FLAT-1C2CP (CVE-2026-46377)
Lack of data validation In github.com/tomwright/dasel/v3
6.3
Medium
Ecosystem: Go
Package: github.com/tomwright/dasel/v3
FLAT-0A0TC (MAL-2026-4029)
Use of software with malware In @antv/insight-component
5.2
Medium
Ecosystem: Npm
Package: @antv/insight-component
FLAT-0C8I7 (MAL-2026-4066)
Use of software with malware In @antv/lite-insight
5.2
Medium
Ecosystem: Npm
Package: @antv/lite-insight
FLAT-EB2VK (MAL-2026-3952)
Use of software with malware In @antv/g-plugin-rough-svg-renderer
5.2
Medium
Ecosystem: Npm
Package: @antv/g-plugin-rough-svg-renderer
FLAT-TJ48U (MAL-2026-3951)
Use of software with malware In @antv/g-plugin-rough-canvas-renderer
5.2
Medium
Ecosystem: Npm
Package: @antv/g-plugin-rough-canvas-renderer
FLAT-V00G8 (MAL-2026-3650)
Use of software with malware In microsoft-applicationinsights-common
5.2
Medium
Ecosystem: Npm
Package: microsoft-applicationinsights-common
FLAT-CYCZJ (CVE-2026-31221)
Insecure deserialization In pytorch-lightning
5.9
Medium
Ecosystem: PyPI
Package: pytorch-lightning
FLAT-DNL23 (MAL-2026-3550)
Use of software with malware In @uipath/insights-tool
5.2
Medium
Ecosystem: Npm
Package: @uipath/insights-tool
FLAT-TCJER (MAL-2026-3549)
Use of software with malware In @uipath/insights-sdk
5.2
Medium
Ecosystem: Npm
Package: @uipath/insights-sdk
FLAT-HQU3J (MAL-2026-3443)
Use of software with malware In @squawk/flight-math
5.2
Medium
Ecosystem: Npm
Package: @squawk/flight-math
FLAT-XFXZE (MAL-2026-3444)
Use of software with malware In @squawk/flightplan
5.2
Medium
Ecosystem: Npm
Package: @squawk/flightplan
FLAT-KEMPE (CVE-2026-44484)
Use of software with malware In pytorch-lightning
8.1
High
Ecosystem: PyPI
Package: pytorch-lightning
FLAT-8BH8E (CVE-2026-44439)
Server-side request forgery (SSRF) In playwrightcapture
6.6
Medium
Ecosystem: PyPI
Package: playwrightcapture
FLAT-F60DU (CVE-2026-42552)
Technical information leak In flightphp/core
7.7
High
Ecosystem: Packagist
Package: flightphp/core
FLAT-BR9OL (CVE-2026-42551)
Lack of data validation In flightphp/core
5.7
Medium
Ecosystem: Packagist
Package: flightphp/core
FLAT-S7Q6Z (CVE-2026-42550)
SQL injection - Code In flightphp/core
8.4
High
Ecosystem: Packagist
Package: flightphp/core
FLAT-R0XJU (CVE-2026-42549)
Lack of data validation - Path Traversal In flightphp/core
0.4
Low
Ecosystem: Packagist
Package: flightphp/core
FLAT-3R9DC (CVE-2026-42548)
Reflected cross-site scripting (XSS) In flightphp/core
6.2
Medium
Ecosystem: Packagist
Package: flightphp/core
FLAT-3LW9R (MAL-2026-3355)
Use of software with malware In playwright-atoned
5.2
Medium
Ecosystem: PyPI
Package: playwright-atoned
FLAT-5D1LN (MAL-2026-3354)
Use of software with malware In playwright-acustomed
5.2
Medium
Ecosystem: PyPI
Package: playwright-acustomed
FLAT-V7URT (CVE-2026-6967)
Insufficient data authenticity validation In tough
3.9
Low
Ecosystem: Cargo
Package: tough
FLAT-7VB43 (CVE-2026-6966)
Insufficient data authenticity validation In tough
3.8
Low
Ecosystem: Cargo
Package: tough
FLAT-PA92I (CVE-2026-42864)
Server-side request forgery (SSRF) In firefighter-incident
6.8
Medium
Ecosystem: PyPI
Package: firefighter-incident
FLAT-VESZH (GHSA-8pqq-224h-x875)
Sensitive information in source code In ogham-mcp
2.7
Low
Ecosystem: PyPI
Package: ogham-mcp
FLAT-MWNXI (MAL-2026-3201)
Use of software with malware In lightning
5.2
Medium
Ecosystem: PyPI
Package: lightning
FLAT-VXYOU (MAL-2026-3197)
Use of software with malware In sdoihgio9sudghsiudbg
5.2
Medium
Ecosystem: PyPI
Package: sdoihgio9sudghsiudbg
FLAT-NOL2O (MAL-2026-3021)
Use of software with malware In lightspark-js
5.2
Medium
Ecosystem: Npm
Package: lightspark-js
FLAT-9AS0T (MAL-2026-2959)
Use of software with malware In internal_insights_enabled
5.2
Medium
Ecosystem: Npm
Package: internal_insights_enabled
FLAT-LB6R9 (MAL-2026-2854)
Use of software with malware In stringhelp
5.2
Medium
Ecosystem: PyPI
Package: stringhelp
FLAT-JUITA (MAL-2026-2817)
Use of software with malware In lightweight-charts-4.1
5.2
Medium
Ecosystem: Npm
Package: lightweight-charts-4.1
FLAT-GLSD6 (MAL-2026-2765)
Use of software with malware In ghscan-pkgcheck-test-001
5.2
Medium
Ecosystem: Npm
Package: ghscan-pkgcheck-test-001
FLAT-UE1UX (MAL-2026-2735)
Use of software with malware In buildkite-test-collector-playwright-example
5.2
Medium
Ecosystem: Npm
Package: buildkite-test-collector-playwright-example
FLAT-J1ULX (CVE-2026-39413)
Lack of data validation In lightrag-hku
8.9
High
Ecosystem: PyPI
Package: lightrag-hku
FLAT-TEOQC (CVE-2025-48708)
Non-encrypted confidential information In ghostscript
1.3
Low
Ecosystem: Alpm
Package: ghostscript
FLAT-YNJ1V (CVE-2017-8291)
Lack of data validation - Type confusion In ghostscript
5.9
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-F8Y6V (CVE-2018-17961)
Improper authorization control for web services In ghostscript
7.3
High
Ecosystem: Alpm
Package: ghostscript
FLAT-QUGOG (CVE-2018-18073)
Excessive privileges In ghostscript
5.6
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-G0SKV (CVE-2018-18284)
Improper authorization control for web services In ghostscript
8.1
High
Ecosystem: Alpm
Package: ghostscript
FLAT-9B57X (CVE-2019-6116)
Lack of data validation In ghostscript
5.9
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-MZEW3 (CVE-2019-3835)
Improper authorization control for web services In ghostscript
4.0
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-SLPQ1 (CVE-2019-3838)
Lack of data validation - Path Traversal In ghostscript
4.3
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-Q446T (CVE-2019-14811)
Improper authorization control for web services In ghostscript
7.3
High
Ecosystem: Alpm
Package: ghostscript
FLAT-3PI9C (CVE-2019-14812)
Improper authorization control for web services In ghostscript
5.9
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-1YJHI (CVE-2019-14813)
Improper authorization control for web services In ghostscript
8.1
High
Ecosystem: Alpm
Package: ghostscript
FLAT-SVTTO (CVE-2019-14817)
Improper authorization control for web services In ghostscript
5.7
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-JOM8A (CVE-2019-14869)
Excessive privileges In ghostscript
6.3
Medium
Ecosystem: Alpm
Package: ghostscript
FLAT-92RMZ (CVE-2021-3781)
OS Command Injection In ghostscript
7.7
High
Ecosystem: Alpm
Package: ghostscript
FLAT-23ZGR (CVE-2026-30762)
Improper authorization control for web services In lightrag-hku
8.1
High
Ecosystem: PyPI
Package: lightrag-hku
FLAT-GDHXG (GHSA-3hfp-gqgh-xc5g)
Use of software with malware In @lightdash/cli
6.1
Medium
Ecosystem: Npm
Package: @lightdash/cli
FLAT-EXLUB (MAL-2026-2263)
Use of software with malware In monolith-twirp-reposinsights-reposinsights
5.2
Medium
Ecosystem: RubyGems
Package: monolith-twirp-reposinsights-reposinsights
FLAT-RNIW1 (CVE-2026-33728)
Insecure deserialization In com.datadoghq:dd-java-agent
8.1
High
Ecosystem: Maven
Package: com.datadoghq:dd-java-agent
FLAT-UN7B1 (MAL-2026-2233)
Use of software with malware In lightmock
5.2
Medium
Ecosystem: PyPI
Package: lightmock
FLAT-3K5U2 (MAL-2026-2374)
Use of software with malware In my-not-little-durgham
5.2
Medium
Ecosystem: Npm
Package: my-not-little-durgham
FLAT-8EH65 (MAL-2026-2373)
Use of software with malware In my-little-durgham
5.2
Medium
Ecosystem: Npm
Package: my-little-durgham
FLAT-UHJ7V (MAL-2026-2366)
Use of software with malware In ghost-module
5.2
Medium
Ecosystem: Npm
Package: ghost-module
FLAT-TNEBL (CVE-2026-4739)
Out-of-bounds read In insighttoolkit4
7.7
High
Ecosystem: Debian
Package: insighttoolkit4
FLAT-3P14R (CVE-2026-27131)
Debugging enabled in production In putyourlightson/craft-sprig
3.8
Low
Ecosystem: Packagist
Package: putyourlightson/craft-sprig
FLAT-KVZ2C (CVE-2026-33320)
Improper resource allocation In github.com/tomwright/dasel/v2
3.6
Low
Ecosystem: Go
Package: github.com/tomwright/dasel/v2
FLAT-7SNTK (MAL-2026-2098)
Use of software with malware In sd-basket-highlight
5.2
Medium
Ecosystem: Npm
Package: sd-basket-highlight
FLAT-66RCO (MAL-2026-2080)
Use of software with malware In cit-playwright-tests
5.2
Medium
Ecosystem: Npm
Package: cit-playwright-tests
FLAT-QJ1PK (MAL-2026-2005)
Use of software with malware In efghr-honeybee-sdk
5.2
Medium
Ecosystem: PyPI
Package: efghr-honeybee-sdk
FLAT-0BW63 (MAL-2026-2004)
Use of software with malware In flyio-token-client-efgh
5.2
Medium
Ecosystem: PyPI
Package: flyio-token-client-efgh
FLAT-A5TQ8 (CVE-2026-27135)
Inappropriate coding practices In nghttp2
6.3
Medium
Ecosystem: Debian
Package: nghttp2
FLAT-XT9FD (MAL-2026-1752)
Use of software with malware In internal-api-insights
5.2
Medium
Ecosystem: Npm
Package: internal-api-insights
FLAT-4TP2W (MAL-2026-1739)
Use of software with malware In fhgfhgfhfghhffhfgh
5.2
Medium
Ecosystem: Npm
Package: fhgfhgfhfghhffhfgh
FLAT-XME2O (MAL-2026-1528)
Use of software with malware In react-you-might-not-need-an-effect
5.2
Medium
Ecosystem: Npm
Package: react-you-might-not-need-an-effect
FLAT-U6VFC (MAL-2026-1410)
Use of software with malware In ighack
5.2
Medium
Ecosystem: PyPI
Package: ighack
FLAT-9CY09 (MAL-2026-1389)
Use of software with malware In twitch-twilight-intl
5.2
Medium
Ecosystem: Npm
Package: twitch-twilight-intl
FLAT-CIF23 (CVE-2026-29784)
Cross-site request forgery In ghost
5.7
Medium
Ecosystem: Npm
Package: ghost
FLAT-8RL79 (CVE-2026-29053)
Lack of data validation In ghost
5.6
Medium
Ecosystem: Npm
Package: ghost
FLAT-9YOHH (MAL-2026-1093)
Use of software with malware In naughty-package
5.2
Medium
Ecosystem: Npm
Package: naughty-package
FLAT-J6BLJ (CVE-2026-26980)
SQL injection - Code In ghost
7.8
High
Ecosystem: Npm
Package: ghost
FLAT-3V4OQ (MAL-2026-888)
Use of software with malware In pyright-root
5.2
Medium
Ecosystem: Npm
Package: pyright-root
FLAT-B7RP2 (CVE-2026-24778)
Reflected cross-site scripting (XSS) In @tryghost/portal
5.9
Medium
Ecosystem: Npm
Package: @tryghost/portal
FLAT-TZLQK (MAL-2026-288)
Use of software with malware In insightvm-ui-nav-menus
5.2
Medium
Ecosystem: Npm
Package: insightvm-ui-nav-menus
FLAT-1ARYL (CVE-2026-22596)
SQL injection - Code In ghost
5.9
Medium
Ecosystem: Npm
Package: ghost
FLAT-DBPL5 (CVE-2026-22597)
Server-side request forgery (SSRF) In ghost
1.2
Low
Ecosystem: Npm
Package: ghost
FLAT-3K0X9 (CVE-2026-22595)
Authentication mechanism absence or evasion In ghost
5.7
Medium
Ecosystem: Npm
Package: ghost
FLAT-7HJUK (CVE-2026-22594)
Authentication mechanism absence or evasion In ghost
7.5
High
Ecosystem: Npm
Package: ghost
FLAT-3DGHV (CVE-2025-9611)
Insecure HTTP methods enabled In @playwright/mcp
5.1
Medium
Ecosystem: Npm
Package: @playwright/mcp
FLAT-NGZHS (MAL-2025-192785)
Use of software with malware In elf-stats-sleighing-hammer-902
5.2
Medium
Ecosystem: Npm
Package: elf-stats-sleighing-hammer-902
FLAT-Y2VJU (MAL-2025-192736)
Use of software with malware In elf-stats-bright-pinecone-706
5.2
Medium
Ecosystem: Npm
Package: elf-stats-bright-pinecone-706
FLAT-V1JX6 (MAL-2025-192664)
Use of software with malware In asdfgh33
5.2
Medium
Ecosystem: Npm
Package: asdfgh33
FLAT-H8BJ6 (MAL-2025-192589)
Use of software with malware In elf-stats-nutmeg-sleigh-350
5.2
Medium
Ecosystem: Npm
Package: elf-stats-nutmeg-sleigh-350
FLAT-6ZVPO (CVE-2025-11393)
Use of insecure channel - Source code In github.com/redhatinsights/runtimes-inventory-operator
7.6
High
Ecosystem: Go
Package: github.com/redhatinsights/runtimes-inventory-operator
FLAT-2WV1I (CVE-2025-67750)
XAML injection In lightning-flow-scanner
5.8
Medium
Ecosystem: Npm
Package: lightning-flow-scanner
FLAT-0GS9E (MAL-2025-192538)
Use of software with malware In elf-stats-tinsel-sleigh-669
5.2
Medium
Ecosystem: Npm
Package: elf-stats-tinsel-sleigh-669
FLAT-3UHLO (MAL-2025-192495)
Use of software with malware In elf-stats-evergreen-nightcap-747
5.2
Medium
Ecosystem: Npm
Package: elf-stats-evergreen-nightcap-747
FLAT-8Z21K (MAL-2025-192513)
Use of software with malware In elf-stats-marzipan-nightcap-982
5.2
Medium
Ecosystem: Npm
Package: elf-stats-marzipan-nightcap-982
FLAT-DI0C6 (MAL-2025-192499)
Use of software with malware In elf-stats-festive-sleigh-368
5.2
Medium
Ecosystem: Npm
Package: elf-stats-festive-sleigh-368
FLAT-J688B (MAL-2025-192526)
Use of software with malware In elf-stats-sleighing-drum-467
5.2
Medium
Ecosystem: Npm
Package: elf-stats-sleighing-drum-467