4598 matches found
MAL-2025-59918 Malicious code in active_swallow_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da92beb3b96bdbd517f1a27a1cd260df384224d5de5f92d6baa1bea3f3e5c819 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-60124 Malicious code in combined_warbler_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b4d32873984a7e5a5dc531b5f87b64b634dd66e00da18033b9b576e94f43641 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-61195 Malicious code in resulting_emu_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d280b1d715748db4cbd730af0e9c02f847a23f07a9a3bc3f11c9dccd9b5a7077 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cindy-klentik92-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c75e87c18a602cb701aeaba2a4508cd634b61c5339875350f3f8c1f6770163c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-57761 Malicious code in nana-klanting39-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1665bc59317206fd59c7faf31907dda992b41b5152d193d9942a32016735725c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in joni-sambel18-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9660959c55db46bb9b910d88621937be18a713f09c3c93fee4031487bd6aa4bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-58657 Malicious code in silly_ant_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 808b1b70f4cbf46483708bc2b9c0fb09b52c71b2a0ec0b108cee67648a1054d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wawan-gembus45-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75baff84ca36bdbfeb0c71dcfa93bf835beec45850cb5a185d63ed9038db0937 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in surya-sambel51-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f04f048d93bf252a20b0112553ac17d045d4e1c866a84f540ab309fa88b94226 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-56752 Malicious code in hilarious_blackbird_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69258472527a78134ff0796bc24dd89854f5aa8d9568e47bc9e6ff24fc6717e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-56934 Malicious code in iwan-mieayam54-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d078f3b05a627f5a587f53d2351a55c100290306f61f9a5d3a786c6987b4201 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54869 Malicious code in sinta-lupis21-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 891747892324e53742c9886fbf25cb6a0df07f130f329ae535e19286d2387e86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54005 Malicious code in okta-tempe9-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b04435af55d22d881d10da1d052ae3bdf365cd5e1dac299f370fca1af84f9066 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in qori-lengko7-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d392e8f585c2623f1319c91b9debf53097aad7bc6e652419231eef71cdc68bae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53036 Malicious code in joko-takokak71-pore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5242f4bad2527fcdd593e09e1516143c385b4b8f7b5ac369f9a4f4a1093800de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-52924 Malicious code in hendra-toge41-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5722d7cfa92fff27b3649a7ace46abdf9cebcab810472dbaa1cc3b1cc6eb1fef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eka-sate23-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98848f12921cbbc7c3f57cec73f1c629f622e498fd26a0a96cbd666d4c893c6e The package eka-sate23-sluey was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded n...
Malicious code in candra-kentang61-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09065b7db49b2f4f6008456fac5968d88efa8e9ac9a29da5ac6f9ed077a2f43b The package candra-kentang61-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that...
CVE-2025-54863
Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...
CVE-2025-62630
Due to insufficient sanitization, an attacker can upload a specially crafted configuration file to traverse directories and achieve remote code execution with system-level permissions...