Lucene search
K

444 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 3:48 a.m.3 views

Malicious code in iwan-mieaceh73-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77da58ae2825792cdabda8f6df19ee8b8513f5bb961782f7cbd140f8831bc266 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 3:48 a.m.0 views

MAL-2025-81618 Malicious code in testy_skink_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b83c1a83cb082ce75a0318c8604d1926763bea690fc9a2d66954b629201abce2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 2:29 a.m.1 views

MAL-2025-73120 Malicious code in gita-botok30-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9513b2f169a398510e84a9e60881ab902a33934d60e2f5dde2ddb414e22b695 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 2:29 a.m.1 views

MAL-2025-71861 Malicious code in ade-tahu94-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a40e151f77cfc18e70cf9abe2ba767acde014cc54e3af73ee977c68e4a807afc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.2 views

EUVD-2025-55509

Malicious code in changing-fuchsia-iguana npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.0 views

EUVD-2025-55510

Malicious code in changing-bronze-limpet npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.0 views

EUVD-2025-55508

Malicious code in changing-moccasin-smelt npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.1 views

EUVD-2025-55506

Malicious code in changing-white-horse npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.0 views

EUVD-2025-55507

Malicious code in changing-violet-crawdad npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/11 12:41 a.m.2 views

MAL-2025-70615 Malicious code in significant-tomato-swan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 397dfef6807f0949c57e8e8d4495fbdc768bdee20950baa7f1b58225c7b64363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:41 a.m.4 views

MAL-2025-70590 Malicious code in shiny-lime-cat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8de4bcf13bacab09b2e2283166b8da951d953837d83850565c04a2f4a2ab15e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:41 a.m.2 views

MAL-2025-67143 Malicious code in changing-white-horse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9db5370b8b830bc4326e932b1c7c63dfeb5d95b32d6baea514fd02489291a87c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:17 a.m.2 views

Malicious code in vera-tahu77-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4872c7a3ad39dbe5972a54a4f34b18494f5f7220b844fd9dca75021e4798a0a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.1 views

MAL-2025-63441 Malicious code in ida-sroto43-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5179768d0a41bf74ec4f9a5ca7f199bd52df20354bcbe3e34b230d7947c6e2a0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.2 views

MAL-2025-65635 Malicious code in tomi-lutis19-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d73e52cd9a8f07d37e450b1fcfa637fb0e80c6fcd83dae47a0a0e0db8b2cd8a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.2 views

MAL-2025-66240 Malicious code in xeric_earwig_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b810b86529c534377a5d8c80447141c9391d24d7a6057de517cdf5bd9dbc5947 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/10 5:21 p.m.1 views

MAL-2025-55467 Malicious code in budi-sate92-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f438d8aaf06d4d0c9b1ecc299623382b7b057346e7c682da6c2b13d490663b95 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/10 5:18 a.m.1 views

MAL-2025-54679 Malicious code in rina-getuk21-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a5f03b63c9f27b366e65ad5a44374e1f39725954a1b1443bfbc840a93caa808 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/10/29 5:49 p.m.5 views

CVE-2025-62797 CSRF in FluxCP account endpoints allows account takeover / state-changing actions

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A critical Cross-Site Request Forgery CSRF vulnerability exists in the FluxCP-based website template used by multiple rAthena/Ragnarok servers. State-changing POST endpoints accept browser-initiated requests that are authoriz...

8.6CVSS6.5AI score0.00182EPSS
Exploits0References2
OSV
OSV
added 2025/10/29 5:49 p.m.5 views

CVE-2025-62797 CSRF in FluxCP account endpoints allows account takeover / state-changing actions

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A critical Cross-Site Request Forgery CSRF vulnerability exists in the FluxCP-based website template used by multiple rAthena/Ragnarok servers. State-changing POST endpoints accept browser-initiated requests that are authoriz...

8.6CVSS6.9AI score0.00182EPSS
Exploits0References4
Rows per page
Query Builder