DevDefender Security Digest — 2026-03-09

Relevant news, security threats, and vulnerability reports that affect developers, software pipelines, IDEs, and dev environments.

1.SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 87
Security Affairs · 2026-03-08
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Malware Reverse Engineering is no longer a huma…
npmnpm package
2.[psf/black] Black's vulnerable version parsing leads to RCE in GitHub Action
GitHub Advisory DB — GitHub Actions · 2026-03-07
github actionsgithub action
3.[mcp-memory-service] mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
GitHub Advisory DB — PyPI · 2026-03-07
pypimcp
4.pysec-2026-1
Vulnerability-Lookup — PySec · 2026-03-09
A PyPI user account compromised by an attacker and was able to upload a malicious version (1.1.5.post1) of the `dydx-v4-client` package. This version contains a highly obfuscated multi-stage loader th…
pypi
5.Can the Security Platform Finally Deliver for the Mid-Market?
The Hacker News · 2026-03-09
Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partner…
supply chain
6.AI Agents: The Next Wave Identity Dark Matter - Powerful, Invisible, and Unmanaged
The Hacker News · 2026-03-03
The Rise of MCPs in the Enterprise The Model Context Protocol (MCP) is quickly becoming a practical way to push LLMs from “chat” into real work. By providing structured access to applications, API…
mcpmodel context protocolworkflow
7.[mcp-memory-service] mcp-memory-service Vulnerable to System Information Disclosure via Health Endpoint
GitHub Advisory DB — PyPI · 2026-03-05
pypimcp
8.CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Microsoft MSRC Update Guide · 2026-03-08
Information published.
mcp
9.[@oneuptime/common] OneUptime: Synthetic Monitor RCE via exposed Playwright browser object
GitHub Advisory DB — npm · 2026-03-07
npm
10.[@x402/svm] x402 SDK Security Advisory
GitHub Advisory DB — npm · 2026-03-07
npm
11.[x402] x402 SDK Security Advisory
GitHub Advisory DB — PyPI · 2026-03-07
pypi
12.[shescape] Shescape has possible misidentification of shell due to link chains
GitHub Advisory DB — npm · 2026-03-07
npm
13.[@frangoteam/fuxa] FUXA has a hardcoded fallback JWT signing secret
GitHub Advisory DB — npm · 2026-03-07
npm
14.[@oneuptime/common] OneUpTime's Unsandboxed Code Execution in Probe Allows Any Project Member to Achieve RCE
GitHub Advisory DB — npm · 2026-03-07
npm
15.[@powersync/service-core] PowerSync: Some sync filters ignored on 1.20.0 using `config.edition: 3`
GitHub Advisory DB — npm · 2026-03-07
npm
16.[@powersync/service-sync-rules] PowerSync: Some sync filters ignored on 1.20.0 using `config.edition: 3`
GitHub Advisory DB — npm · 2026-03-07
npm
17.[github.com/Tencent/WeKnora] WeKnora has Remote Code Execution (RCE) via Command Injection in MCP Stdio Configuration Validation
GitHub Advisory DB — Go · 2026-03-07
mcp
18.[github.com/Tencent/WeKnora] WeKnora Vulnerable to Tool Execution Hijacking via Ambigous Naming Convention In MCP client and Indirect Prompt Injection
GitHub Advisory DB — Go · 2026-03-06
mcp
19.[parse-server] parse-server: Malformed `$regex` query leaks database error details in API response
GitHub Advisory DB — npm · 2026-03-06
npm
20.[flowise] Flowise Missing Authentication on NVIDIA NIM Endpoints
GitHub Advisory DB — npm · 2026-03-06
npm
21.[flowise] Flowise has IDOR leading to Account Takeover and Enterprise Feature Bypass via SSO Configuration
GitHub Advisory DB — npm · 2026-03-06
npm
22.[flowise] Flowise Allows Mass Assignment in `/api/v1/leads` Endpoint
GitHub Advisory DB — npm · 2026-03-06
npm
23.[flowise] Flowise has Arbitrary File Upload via MIME Spoofing
GitHub Advisory DB — npm · 2026-03-06
npm
24.[plane] Plane has SSRF via Incomplete IP Validation in Webhook URL Serializer
GitHub Advisory DB — PyPI · 2026-03-05
pypihook
25.[fickling] Fickling has `always_check_safety()` bypass: pickle.loads and _pickle.loads remain unhooked
GitHub Advisory DB — PyPI · 2026-03-04
pypihook
26.[sagemaker] SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality
GitHub Advisory DB — PyPI · 2026-03-05
pypi
27.[plane] Plane is Vulnerable to Unauthenticated Workspace Member Information Disclosure
GitHub Advisory DB — PyPI · 2026-03-05
pypi
28.[org.eclipse.jetty:jetty-http] org.eclipse.jetty:jetty-http has different parsing of invalid URIs
GitHub Advisory DB — Maven · 2026-03-05
maven
29.[@perfood/couch-auth] @perfood/couch-auth has an Observable Timing Discrepancy
GitHub Advisory DB — npm · 2026-03-05
npm
30.[org.cloudfoundry.identity:cloudfoundry-identity-server] Cloudfoundry UAA has logic error in the token revocation endpoint implementation
GitHub Advisory DB — Maven · 2026-03-05
maven
31.[@perfood/couch-auth] @perfood/couch-auth has a host header injection vulnerability
GitHub Advisory DB — npm · 2026-03-05
npm
32.[org.keycloak:keycloak-broker-saml] Keycloak SAML Broken has Authentication Bypass by Primary Weakness
GitHub Advisory DB — Maven · 2026-03-05
maven
33.[@fonoster/voice] Fonoster is vulnerable to directory traversal
GitHub Advisory DB — npm · 2026-03-05
npm
34.[org.keycloak:keycloak-services] Keycloak allows authentication using an Identity Provider (IdP) even after it has been disabled by an administrator
GitHub Advisory DB — Maven · 2026-03-05
maven
35.[ragas] RAGAS has an Arbitrary File Read vulnerability
GitHub Advisory DB — PyPI · 2026-03-05
pypi
36.[org.eclipse.jetty:jetty-server] The Eclipse Jetty Server Artifact has a Gzip request memory leak
GitHub Advisory DB — Maven · 2026-03-05
maven
37.[time-sync] `time-sync` was removed from crates.io due to malicious code
GitHub Advisory DB — Rust · 2026-03-05
crates.io
38.[langgraph] LangGraph checkpoint loading has unsafe msgpack deserialization
GitHub Advisory DB — PyPI · 2026-03-05
pypi
39.Socket Named a Supply Chain Innovator in Latio's 2026 Application Security Market Report
Socket.dev Blog · 2026-03-05
Latio’s 2026 report recognizes Socket as a Supply Chain Innovator and highlights our work in 0-day malware detection, SCA, and auto-patching.
supply chain
40.[xgrammar] xgrammar vulnerable to DoS via multi-layer nesting
GitHub Advisory DB — PyPI · 2026-03-05
pypi
41.[Markdown] Python-Markdown has an Uncaught Exception
GitHub Advisory DB — PyPI · 2026-03-05
pypi
42.RUSTSEC-2026-0036: Vulnerability in time-sync
RustSec Advisory Database · 2026-03-05
`time-sync` was removed from crates.io due to malicious code
crates.io
43.[django-allauth] django-allauth has an open redirect vulnerability
GitHub Advisory DB — PyPI · 2026-03-05
pypi
44.[dbt-common] dbt-common's commonprefix() doesn't protect against path traversal
GitHub Advisory DB — PyPI · 2026-03-05
pypi
45.[dnp3times] `dnp3times` was removed from crates.io due to malicious code
GitHub Advisory DB — Rust · 2026-03-05
crates.io
46.[pyload-ng] pyLoad has an Arbitrary File Write via Path Traversal in edit_package()
GitHub Advisory DB — PyPI · 2026-03-05
pypi
47.[org.pac4j:pac4j-jwt] pac4j-jwt: JwtAuthenticator Authentication Bypass via JWE-Wrapped PlainJWT
GitHub Advisory DB — Maven · 2026-03-05
maven
48.[eml-parser] eml_parser: Path Traversal in Official Example Script Leads to Arbitrary File Write
GitHub Advisory DB — PyPI · 2026-03-05
pypi
49.[fickling] Fickling missing RCE-capable modules in UNSAFE_IMPORTS
GitHub Advisory DB — PyPI · 2026-03-04
pypi
50.[changedetection.io] changedetection.io has Zip Slip vulnerability in the backup restore functionality
GitHub Advisory DB — PyPI · 2026-03-04
pypi
51.[immutable] Immutable is vulnerable to Prototype Pollution
GitHub Advisory DB — npm · 2026-03-04
npm
52.[time_calibrators] `time_calibrators` was removed from crates.io due to malicious code
GitHub Advisory DB — Rust · 2026-03-04
crates.io
53.[changedetection.io] changedetection.io vulnerable to XPath - Arbitrary File Read via unparsed-text()
GitHub Advisory DB — PyPI · 2026-03-04
pypi
54.[time_calibrator] `time_calibrator` was removed from crates.io due to malicious code
GitHub Advisory DB — Rust · 2026-03-04
crates.io
55.RUSTSEC-2026-0032: Vulnerability in dnp3times
RustSec Advisory Database · 2026-03-04
`dnp3times` was removed from crates.io due to malicious code
crates.io
56.The 89% Problem: How LLMs Are Resurrecting the "Dormant Majority" of Open Source
Snyk Blog · 2026-03-04
AI coding assistants are resurrecting millions of abandoned open source packages. Learn how LLMs expose the “Dormant Majority” and why package health intelligence is critical for supply chain secu…
supply chain
57.OX Security is Now Available in the Cursor MCP Directory
OX Security Blog · 2026-03-03
<p>Secure your code at the speed you write it. Security tooling should meet you where you actually write code. With OX Security in the Cursor MCP Directory, now it does &#8212; and getting started tak…
mcp
58.RUSTSEC-2026-0030: Vulnerability in time_calibrator
RustSec Advisory Database · 2026-03-03
`time_calibrator` was removed from crates.io due to malicious code
crates.io
59.RUSTSEC-2026-0031: Vulnerability in time_calibrators
RustSec Advisory Database · 2026-03-03
`time_calibrators` was removed from crates.io due to malicious code
crates.io
60.[ms-agent] MS-Agent vulnerable to Command Injection
GitHub Advisory DB — PyPI · 2026-03-02
pypi