Lucene search
K

896 matches found

OSV
OSV
added 2026/05/28 1:39 p.m.10 views

MAL-2026-4852 Malicious code in @service-suppliers/set_initial_loaded (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bd44f16d8e16a982d3d1b38f7956db80de10ef3c0c176e7079e684926c1c3c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 1:39 p.m.8 views

MAL-2026-4850 Malicious code in @service-suppliers/reset_country_list (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f5e6ef79773321419089b562c7d3d0a2dc262c6f2e3337df06d953ac9b2a45a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 1:39 p.m.11 views

MAL-2026-4854 Malicious code in @service-suppliers/set_suppliers_data (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0469f2493e0faa6db2b4dd70c85c58062f538457a60d4d4b77b44c861f665665 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 9:5 a.m.12 views

Malicious code in ts-schema-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d68e7e22dfa399a34405dd3c5824b27aa46ef7773d2bad7b4b698c77f17ccf1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/23 12:0 a.m.11 views

MAL-2026-4283 Malicious code in token-usage-tracker (npm)

Ten packages published by npm user asdxzxc at version 1.0.10 target developers working on AI and LLM tooling. Each package masquerades as a developer utility while executing a two-stage payload triggered via postinstall: package.json → lib/setup.js → lib/worker.js. Credential harvesting:...

6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 1:53 a.m.9 views

Malicious code in build-integrity-verify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a4941223186440162de6c5ce0a5a5797589d69e6957473761b04818b8b9b5e7 The package contains no functionality of its own. Its postinstall lifecycle hook runs npx env-security-scanner@latest auditenvironment via...

6.4AI score
Exploits0References2
OSV
OSV
added 2026/05/20 12:52 p.m.8 views

MAL-2026-4250 Malicious code in wallet-backup-verifier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3537e19be49ba9b1222856a7df147f5751a129e0b9eac69158467e21c0a1755a Package presents itself as a 'Community Security Alliance' MCP server for verifying cryptocurrency wallet backups, but performs three concrete...

5.9AI score
Exploits0References11
OSV
OSV
added 2026/05/15 11:24 a.m.5 views

MAL-2026-3798 Malicious code in dowload_ebok_terra_incognita_urania_by_ian_mcdonald_um4vu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46bfb7896115fb68b62b6a68518071f377d15648305a4fed4e9c1ac373f4a2cb The package dowloadebokterraincognitauraniabyianmcdonaldum4vu was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 3:31 a.m.10 views

Malicious code in @uipath/context-grounding-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08219b377dcb6cc4d5e37e03ac84d8fbce414fc1388eda8d60092c4f468c3cac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 2:58 a.m.12 views

MAL-2026-3525 Malicious code in @uipath/agent-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 1:53 a.m.7 views

MAL-2026-3512 Malicious code in @mistralai/mistralai-gcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3dcfd7fec176cc54232767b454429a7b3e0106aebbb16f2e9bdacc57e8a20ff9 The package @mistralai/mistralai-gcp was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 1:2 a.m.13 views

Malicious code in @tallyui/connector-vendure (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0283da4a59287c5418e3485a9a642cfbb9cc387f5e1ab4c120af92199daa0970 The package @tallyui/connector-vendure was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 12:33 a.m.8 views

MAL-2026-3499 Malicious code in @tanstack/vue-start-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11c2f37aa0a8c4d809c3136f8f7c227c463f4f8e7a2b4515336b730941dcc4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:24 a.m.10 views

Malicious code in ts-dna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90ca06cbc068262aa930c182a5904cba8d5748f32663b648a0b78a183f4fe219 The package ts-dna was found to contain malicious code. Source: ghsa-malware a5660e49e1a2b3661bdf6ce230d7f75889675d5690086f7da2a2a04391dd13a5 Any...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 12:23 a.m.13 views

Malicious code in @squawk/airways (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a54989a6191f1d94771608b8f3552bda56715631b5a25aa301da35cd1ccd869b The package @squawk/airways was found to contain malicious code. Source: ghsa-malware d2d4644fde6979be241ba839c52ea3532ef3b0b25355b239ade4e1dafd9e272...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:58 p.m.8 views

Malicious code in @tanstack/vue-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a2e72fba4613219c26e8bfb79da1c3db3666a9e7dc945f1b064e95aa04a5ac5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:57 p.m.13 views

Malicious code in @tanstack/zod-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b6bc07c0e2b0175dd6e6bd29157ea6967bb2bcb66f643f9dafd89ab77a9f6fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/11 11:52 p.m.11 views

MAL-2026-3471 Malicious code in @tanstack/react-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 048a583947c3ecbeb540293e0de5d513e84f0ea2793ca31ee5d2a76d4f750ddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/04 3:2 a.m.18 views

MAL-2026-3317 Malicious code in @apple-pay-trust/destroy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6515019a886959d905d728f0fdcebeb16aa3e62bcf2e2643c0424ba87aeb8f79 The package @apple-pay-trust/destroy was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/04 3:2 a.m.8 views

MAL-2026-3320 Malicious code in @google-pay-trust/start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16feef8620dbb1f3b6c7c6c67f9f7883438f368a3bfd2c2c591d7f30467e67c4 The package @google-pay-trust/start was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
Rows per page
Query Builder