CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD-2025-112797

Malicious code in hermes-development-virgo-promise npm...

EUVD-2025-124096

Malicious code in ophiuchus-kinetic-development-ursa npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in husky-polaris-fusion-development (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98e07928c11a8f6e58b9cae42dddfcfc6bd8f19d423bb3f515f3c11f5acc3363 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-111972

Malicious code in kaus-elara-relay-development npm...

EUVD-2025-114474

Malicious code in development-taurus-slidev-deneb npm...

EUVD-2025-113053

Malicious code in grunt-development-postcss-loader-hydra npm...

EUVD-2025-122680

Malicious code in remark-async-development-exec npm...

EUVD-2025-121900

Malicious code in soap-lacerta-development-element-ui npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in radiant-development-eslint-plugin-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 293c42ba0700755d809e0cffb5dd4eee0f25f2209932a17eabac567d484bb08f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

MAL-2025-148467 Malicious code in taurus-development-sirius-pegasus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7be8b5020ffe59b7b9afc50b4ca06dc749d7ade12a8b455458bca24118978902 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-123521

Malicious code in postcss-loader-mini-css-extract-plugin-development-heka npm...

MAL-2025-146370 Malicious code in polaris-spectron-webdriver-development-xo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01b97c61b120b0d11484dbe757f30da970c4faf2ded6606a69162f1d6f7b2213 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141050 Malicious code in configstore-enif-development-altair (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18867f5616affb9421d74ecd880425debcb7b7e0fc1670211003ddec8dc395d5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141748 Malicious code in dotenv-safe-development-command-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64c16cfd842e8cb52469e8ea8f152f3e7626745060a732985a6a98d9c59f8271 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141619 Malicious code in development-dotenv-pyxis-ariel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae211171bc2d9b5f0fe3cc61c3f814bb976c29080a1cef7a633af982f93147be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143315 Malicious code in hermes-development-virgo-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b9ebfa206b435c81a56d67d919dc4e28ddfda901b05abe2419b067e8de16f38 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...