CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MAL-2025-148653 Malicious code in thuban-graphql-backend-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9c95f79844ce145d2a3991132c10d022323b047eb69d35edbb4b4e3dfcc77f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-143797 Malicious code in janus-apex-writable-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abfdc92c35108b7bac99e9f035fd519cc20125241b0a253c8541000e44936d16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-122158

Malicious code in sedna-graphql-figures-nodejs npm...

6.6AI score

MAL-2025-148658 Malicious code in thuban-oauth-graphql-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1bea268dfde784764d8a6760df49b436ccfb4a3c6881153cfd443747248420d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147986 Malicious code in slides-graphql-markdown-pdf-dynamo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e875d6758d07bb506554c8efb933ea288df266b933847f0fdb34e06da7e69b3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-148896 Malicious code in ultra-graphql-xo-deimos (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb7fe9788fc5f85a480b8336fcd4cf110708d0c9494d6b9eb531def9a0c2053f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139345 Malicious code in altair-airbnb-graphql-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c76d50832dc7ab98677387bda1e24e8e43a74397e6dc03c9b59ea52ff4393cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141276 Malicious code in cross-env-yakutsk-octans-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ec258cbc55d95a4aa0c35968e62956f226510e7535d823debd9ec5c976ed91e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142777 Malicious code in gacrux-phoebe-graphql-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3f68c04258710a2b6f395d4cf50b5517baaf63d917dbd72a928d9bf32e8bb1ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142997 Malicious code in graphql-chai-schema-elara (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8815d1a4d4f17193b365dff9a9095f12e31e182c8b4d9189ceeeb9f15874d46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-113454

Malicious code in fornax-umbriel-magellan-graphql npm...

6.6AI score

MAL-2025-145012 Malicious code in mira-oauth-graphql-airbnb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd666d7a3a56d61d6f5aaaadba57754e6def4f1ffc6d210c12b9da72eccc0b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144877 Malicious code in metalsmith-graphql-pegasus-hermes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f17541e872a174d77d0112b013ca7a42e843793669c3082e2c94fd27cdf7dfa4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-120694

Malicious code in vulcan-graphql-sadr-leda npm...

6.6AI score

MAL-2025-143142 Malicious code in halley-graphql-europa-eridanus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55027f6a56c857da8cb0b35b787396175411ea1da50f3df1203935e5cd19b1e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148075 Malicious code in solis-graphql-figures-mysql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45612d2418157df1b47f3b420231aaaf83a4363bb4a5c2aa3eed9c095e71deb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...