domquery (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via bind-key (=0.0.0)

bind-key NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on bind-key and may be impacted: - domquery =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-15691...

Malicious code in bind-key (npm)

The package bind-key was found to contain malicious code...

MAL-2025-15691 Malicious code in bind-key (npm)

The package bind-key was found to contain malicious code...