
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
github.com/akegarasu/blive-queue
✨ 简单快捷的b站直播排队插件! ✨
blive-queue 是一个适用于obs、直播姬的 bilibili 直播弹幕排队插件~ 便捷使用方便配置,支持使用弹幕姬的CSS样式!开源、免费!
为主播解决一系列观众参加型活动、游戏等排队需求
弹幕排队 发送关键词 “排队” 可加入排队队列
取消排队 发送关键词 “取消排队” 可以取消排队
完善的后台管理: 拖动排序、手动删除排队、一键清空排队~
支持牌子等级、大航海等级过滤 (牌子等级、舰长过滤)
支持使用弹幕姬样式,兼容大部分弹幕姬样式
便捷的使用方法:如果你使用弹幕姬那么排队姬和弹幕姬的操作几乎一模一样~ 没有使用过也可以下载并且几分钟内配制好
b站专栏 排队姬
前端代码修改自 blivechat
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.