CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•5 views

Malicious code in proxima-hugo-pm2-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9bb17e16f79c8aed56179cb32c277f170ac4625f582251cd9e83a240a0d374c6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-178495

Malicious code in hugo-plutology-comet-cluster npm...

EUVD-2025-179771

Malicious code in changelog-hugo-fusion-tectonic npm...

EUVD-2025-179288

Malicious code in docusaurus-hugo-uglify-js-dione npm...

EUVD-2025-178499

Malicious code in hugo-capella-janus-nucleosynthesis npm...

EUVD-2025-180308

Malicious code in asteroid-winston-eclipse-hugo npm...

OSV•added 2025/11/13 3:23 a.m.•2 views

MAL-2025-187382 Malicious code in hugo-build-configstore-rollup-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9153c124f5d5e6316c12ad12d229ee3d86fb12c8b46821aa50e1b4c2d6c78a2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

EUVD-2025-177170

Malicious code in pino-pretty-kuiperbelt-vulcan-hugo npm...

EUVD-2025-177509

Malicious code in nuxtjs-hugo-karma-antares npm...

EUVD-2025-179979

Malicious code in boson-hugo-cosmology-mineralogy npm...

EUVD-2025-178500

Malicious code in hugo-build-configstore-rollup-plugin npm...

EUVD-2025-178497

Malicious code in hugo-miranda-prettier-stylelint-xenon npm...

EUVD-2025-176741

Malicious code in regulus-node-sass-hugo-mensa npm...

EUVD-2025-176855

Malicious code in quark-hugo-geckodriver-ionosphere npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•5 views

Malicious code in hugo-plutology-comet-cluster (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efae6173e3dbad8733385d1fb7c202c31c5a07b0f351bc94b93fb683565134e2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

OSV•added 2025/11/13 3:23 a.m.•0 views

MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

EUVD-2025-179460

Malicious code in css-minimizer-webpack-plugin-hugo-gemini-command npm...

EUVD-2025-180056

Malicious code in biomimicry-kuiperbelt-castor-hugo npm...