525 matches found
MAL-2025-83473 Malicious code in bambang-taiwan88-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d5ca100d492ea03718edf312b320b9d930f8abcc58af3b80ef9cab516d66776 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eko-papeda4-wekto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d92cdfd5ac8449969cf39583c07d93da2b82d258e8e5d2d791b2d79297c2276 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fitri-rawon100-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f47ba0f565a21a79cee9d0d0d62d198251b8edab7ceed269e42040a4a13ad3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wawan-lepet63-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a43f1ab67ba983cfbe7a01288e12b88b6c88636e796cbe25b62c082080022be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in galih-toge73-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2e9f2f8ca3192502a4568fbe6c977150679af99dcb2ac340fb31408ca5ce7c9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-89380 Malicious code in patria-dodol82-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5aa84d6f753707181c9e9b43751ee88b2736fd9161aac369eec30e3e20f66af0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-88398 Malicious code in maya-tahu30-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fa18c22668dcae8996f93db945bcdca742411d91baac12624b90af76c608c34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-90654 Malicious code in siska-pisang70-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b91511ba4cfa5e1c1c4c900c1ea4cb1711627f8a0325ce215df5aab09f60c5b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-78184 Malicious code in fauzi-saguer53-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7777ead17793ac51c9af1c6b601dc4021a39c77bc7e27ed8714c5bd058bd5e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hendra-gado-gado43-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f8a36dc6c06890f8178075f745d8bc09d1e81310d96a6972566c2b426d9249 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-76290 Malicious code in xaver-esdoger61-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015670bdccc769d2f9fb9ac05eefe4f8e61c43df8d29cb9d4740e74a7957c847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-71875 Malicious code in agus-kemplang31-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f63a074a4715e364dc0d29db905e2640eddaa38ae85d6f15c304029a001b6bc2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in profound-indigo-mink (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 012547fc3e6b24f15f23ab2fc928e249af92ca55473808ad5498e29ad7e3a7b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in unaware-peach-deer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 46de2d7f398790fee054a14fce2d1d9f32aa3c59c516ca78c4fc3d29ec78ab28 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in then_partridge_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 759d48074d9849475b37d00cfa065f51a497bcc9fef9e5a7eb2820d9fefea85b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-57167 Malicious code in kiki-tahutek43-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 457727a7767cf7769494201289665a59e5cbc8fa02aade8e532014c50fc47966 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jaja-toge98-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2c9963d6422b22592d7be74d7e6c455dd4a531442ef3d99152db8d000caa0d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oktafian-nasisayur25-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e524ee09a7003be7c56b8f0b027f84eab1959ae1a77da2f7958c1da9470737f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
PT-2025-45541
Name of the Vulnerable Software and Affected Versions Simple Downloads List plugin for WordPress versions up to and including 1.4.3 Description The Simple Downloads List plugin for WordPress is susceptible to unauthorized data modification. This is due to a missing capability check on the wp ajax...
CVE-2025-54863
Radiometrics VizAir is affected by a vulnerability where the system’s REST API key is exposed via a publicly accessible configuration file. Public access could let an attacker remotely alter weather data and configurations, automate attacks across multiple instances, and exfiltrate sensitive mete...