Lucene search
K

103 matches found

OSV
OSV
added 4 days ago3 views

MAL-2026-6894 Malicious code in tracing-str (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 6:3 a.m.13 views

Malicious code in terminal-pretty-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab5f2a4118b739df793ebe9fc8d0a2bcf9716ab9f610cbf6a6c70c45643997b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/06/10 12:16 p.m.11 views

MAL-2026-5496 Malicious code in @validate-ethereum-address/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31c6ff12976558c9f1b005e95ad8a4c3b366723f0a1409d73f904f568be326cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/05/28 1:39 p.m.9 views

MAL-2026-4844 Malicious code in @polka-ui/reco (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 748e9209b5841d7276bc8325c476b21c3061fdc37dc9db0280f033ba9badc8c9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/12 11:23 a.m.11 views

Malicious code in jwscube (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 325d4311f3dd1d82c8f9ee1ddc19a767eb69adf0a338625c8ce1e9d40062dec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/04/14 11:48 a.m.6 views

MAL-2026-2641 Malicious code in chai-as-refined (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7bd5b01fccd5ef5cc96d9a4eecf5801c6b34a062718a2131d2b2abb7a93191 The package chai-as-refined was found to contain malicious code. Source: ghsa-malware 5a69e4e0dbfe130a3d5da8413eb7ad9a490dc1874ee69ef385156479b365da4...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/13 3:25 p.m.12 views

Malicious code in @dtc-campaign-wizard/campaign-wizard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99f551e16bdd57ec65154ddd0b1ebe5a701abe98d86f25490fb3c36b19e9fa41 The package @dtc-campaign-wizard/campaign-wizard was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/13 3:25 p.m.6 views

MAL-2026-2573 Malicious code in @aircall-ecosystem/integrations-msteams-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4343cd15bb1d3104166b2ddf4f549bc184fde49233b5cfba97f353f00a8c2a2e The package @aircall-ecosystem/integrations-msteams-frontend was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:42 a.m.8 views

Malicious code in node-coremesh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c5a0cdd89bf30a4af39a8b084445dc8db5a9433149b2935e8c2ad63a3cef008 The package node-coremesh was found to contain malicious code. Source: ghsa-malware f8ed9a272c9d2d960b2ddae6ef1f7128ff576014f4d3c296ca2b6d74eaea4ceb...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 2:14 p.m.9 views

Malicious code in super-alias (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10ee12ec5ce74c0899ed60e17d1baf7095efc7ab305e51d4fcf20db72306621f The package super-alias was found to contain malicious code. Source: ghsa-malware 2c8c29e0ebca0170c77383154e5c6f2fe5280412fea18d255b496b94ae0aac5f An...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 6:13 p.m.10 views

Malicious code in @emilgroup/billing-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91fdd5297b7532183f2b29871b23802ced24b046c92f2826618bc083dd243620 The package @emilgroup/billing-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/16 1:12 a.m.5 views

MAL-2026-1452 Malicious code in @sheniraid/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f232c1235fdee715d838e2f39abd6c3510308c313c075458df080ce28a4c26fa The package @sheniraid/libsignal-node was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.9 views

Malicious code in syntax-class-constructor-call (npm)

The package 'syntax-class-constructor-call' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/06 2:37 p.m.5 views

MAL-2026-1268 Malicious code in @shenira/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37c19428681ab141c5cbfe55488bba7fb3d752e39dcffc01da944544bc0b104b The package @shenira/libsignal-node was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 4:34 a.m.8 views

Malicious code in anthropic-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49a0221a103a31cc2bf5e4f6c7d5fc7e0a8cbb2128d06aafe849e2c0df492fa8 The package anthropic-sdk was found to contain malicious code. Source: ghsa-malware fb69378ea2c4bf83cabc021e0e00f2cc8f87b8d9ddfd536f6e0285d10dbf4daf...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/07 11:51 p.m.6 views

Malicious code in awsm-acslibs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75908418c77ed1eed9d51f2880e20a9608a49fe6e21582715517f0fa4044d349 The package awsm-acslibs was found to contain malicious code. Source: ghsa-malware 566e39645aaa10c8e2d212725d48fa1023624b811c5d98b6c4cf6354d1beba95 A...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/12 6:34 a.m.6 views

Malicious code in pp-js-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ef567b818a3642f6a51a1d26f23c897c1ecc73c6e431361ee1512d288ab455 The package pp-js-lib was found to contain malicious code. Source: ghsa-malware ba1fcfff2f6e86511e78c7092763167dfd731beef4f008cc933bf1bb5b4255e1 Any...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/12/10 3:13 a.m.1 views

MAL-2025-192422 Malicious code in real-time-tweet-streamer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 692b2a444eb479ec815e98413b99cd6cb677cf8be77edef431d8acf9d6c9e5c5 The package real-time-tweet-streamer was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 9:29 a.m.12 views

Malicious code in initial-path (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bdfbaf17e5ea42f67e6327f5dfe8766f8a5f8d83fb4b390fc8d780da5555187 The package initial-path was found to contain malicious code. Source: ghsa-malware 014c829694ccb06463ad706603727d070cbf38be1e103200b54c1235ccc82611 A...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/18 5:22 a.m.5 views

Malicious code in workingstealer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e56b24eb6e9737f361dce6ec109a95d6329de8392f296067cdc01e7f6950ddd1 The package workingstealer was found to contain malicious code. Source: ghsa-malware a5fb745fd37fc6048377cf7a40be4da1bf4751d412c4601909747d7b4ee38bb0...

6.9AI score
Exploits0References1
Rows per page
Query Builder