Lucene search
K

421 matches found

OSV
OSV
added 2026/04/29 12:29 p.m.8 views

MAL-2026-3165 Malicious code in chai-as-redeployed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2e2a156e4adadf2466c1ce0f0501539ea4bb3306edd9b2c97109326a9f94f3a The package chai-as-redeployed was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/22 1:32 a.m.8 views

Malicious code in claudcode-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f4d319ca32cad5bc9a2f83d4b1b64c39f2d1e75f2fed26cc1172d480891b69 The package claudcode-mcp was found to contain malicious code. Source: ghsa-malware 65a350de7c4fa0545fcd3fa1439e9ea34afa50e5237688032de7bcafeb071ab0...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/20 6:34 a.m.7 views

MAL-2026-2941 Malicious code in npm-doc-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8ae6448e13630c5243e98e1794e9b2f57b0e999d4c31687f0db0f1665496f9 The package npm-doc-deploy was found to contain malicious code. Source: ghsa-malware f7938c30cf6da645723648c4c43979c97d7c006933fb24ccab60154f1cc5d084...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/14 11:47 a.m.4 views

MAL-2026-2638 Malicious code in billing-paywidget (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a1d045f893bda154c8f1c451045b34000b97a678cef9952b2dc3ba2f1c83db2 The package billing-paywidget was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/13 3:25 p.m.4 views

MAL-2026-2598 Malicious code in babel-plugin-fbtee (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82da31ad0bc5f3d25505f208dd3be88eaff3e4054e429cbdc7601dc5e3a3d42d The package babel-plugin-fbtee was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 1:50 a.m.10 views

Malicious code in path-external (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83954c990d9e7dddb109dea7f9ed24bc8ded6b95da0ed050b43e7486675fc67c The package path-external was found to contain malicious code. Source: ghsa-malware 28650e14b5d9d8ba8bb4df91ca765c3e40d62074928911571fbdbc9af91c4e2d...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/24 12:43 p.m.12 views

MAL-2026-2133 Malicious code in server-fpti (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b90fb70466093bba29ed5b8f62a9734b95ff7011add06482beec9546984f11c3 The package server-fpti was found to contain malicious code. Source: ghsa-malware 59d0d75db844e966a9f5cc0e311ca6f2385abdf95ca0ee2387c23be8342f0fb2 An...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/23 1:47 p.m.4 views

MAL-2026-2093 Malicious code in pulse-rsvp-card-entity (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d02d6daeedd5d906c300edc9ce1c430366876726cb5f6c69156b785a38713ad1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/22 5:54 p.m.4 views

MAL-2026-2071 Malicious code in react-leaflet-cluster-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0518fae392cbcd2e3f43b08af24b6736a313bcc053d67bfece2c36c7e609373 The package react-leaflet-cluster-layer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:59 a.m.5 views

Malicious code in innocent-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a43dfe9cc2eebd7f30e81c4d84f86e0375a8f68621f3dd52156c93a9062e67c7 The package innocent-pkg was found to contain malicious code. Source: ghsa-malware e6e3d2128a98a7bfca4b4ef2d91cc684dad0a7386877a5673ecb0911489bbd7a A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.10 views

Malicious code in transform-dynamic-import (npm)

The package 'transform-dynamic-import' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/16 12:0 a.m.5 views

MAL-2026-1554 Malicious code in typescript-validation-schema (npm)

The package 'typescript-validation-schema' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.5 views

Malicious code in proposal-typescript (npm)

The package 'proposal-typescript' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/16 12:0 a.m.3 views

MAL-2026-1512 Malicious code in undeclared-variables-check (npm)

The package 'undeclared-variables-check' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 10:37 a.m.5 views

Malicious code in brlc-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d4e1d5bf92d7953e1333f3d575ad749dc56b9914ae64813b2e9753a0718a2882 The package brlc-base was found to contain malicious code. Source: ghsa-malware c50e966389745dbbf1f8c81e6b0e19db8d01502091437c4148cde8991e9e314d Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/12 2:18 a.m.7 views

Malicious code in unibody (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62433a668da6675dffc03d0b406316c3a612058aed5063d864c1f6a78d94e937 The package unibody was found to contain malicious code. Source: ghsa-malware d5083ea858a18dda094f7d171b57730132d8348f914ae8b2895725447d8f13f0 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/11 6:26 a.m.6 views

Malicious code in vite-chunker (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff8c2fc92377d678aca4ddaeaf13ff2c9a3fe7da1e436478d49b935131562f58 The package vite-chunker was found to contain malicious code. Source: ghsa-malware 77cc8d4b3c8ab1dac6606515127cb65f5c6738fb43b9d6a7800351162e689059 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/10 1:4 a.m.4 views

Malicious code in falcologgerinternalstate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 183181a665c683721a6523db5e15b21f8c20c2b154b2ea57decac425f8ad44e3 The package falcologgerinternalstate was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/06 2:26 p.m.4 views

MAL-2026-1272 Malicious code in test-mal-npm-pkg-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f9e953edc529bc6611e9adac05b4738ab0ea950259e50cb2ea1067f07d9ecf7 The package test-mal-npm-pkg-2 was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/05 3:33 p.m.4 views

MAL-2026-1256 Malicious code in pearpass-lib-data-import (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1ab28e159d40d36665a0a745f8ff8a2f9d55884bfaff1f019638560083aaf42 The package pearpass-lib-data-import was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
Rows per page
Query Builder