CVE-2025-57325

Summary: Rollbar v2.26.4 and earlier are vulnerable to a Prototype Pollution in the internal function utility.set, allowing an attacker to inject properties into Object.prototype via crafted input, potentially causing a DoS. A fix is available in versions 2.26.5 and 3.0.0-beta5 or newer. The CVE ...

@tnf-dev/js (>=1.0.1 <=1.0.1-24), @tnf-dev/react (>=1.0.1 <=1.0.1-24) potentially affected by unknown CVE via @tnf-dev/core (>=1.0.1-10 <=1.0.1)

@tnf-dev/core NPM version =1.0.1-10, =1.0.1, =1.0.1, =1.0.1-24 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47285...

Malicious code in zarabotok-na-kriptovaliute-dlia-nachinaiushchikh-forum-5vff29khr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aedf613f47b3557e94c05e4616c8964f6d4cd5fa415f68cf8695fe4bb8f999bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in flare-perseus-australis-spica (npm)

The package flare-perseus-australis-spica was found to contain malicious code...

Malicious code in stxnext-blog-zh (npm)

The package stxnext-blog-zh was found to contain malicious code...

MAL-2025-43900 Malicious code in cosmiconfig-vortex-proxima-repository (npm)

The package cosmiconfig-vortex-proxima-repository was found to contain malicious code...

Malicious code in linghun-xiangyu-vol1 (npm)

The package linghun-xiangyu-vol1 was found to contain malicious code...

MAL-2025-43240 Malicious code in @zalastax/nolb-fask (npm)

The package @zalastax/nolb-fask was found to contain malicious code...

Malicious code in @crabas0npm/porro-voluptatum-asperiores-consectetur (npm)

The package @crabas0npm/porro-voluptatum-asperiores-consectetur was found to contain malicious code...

MAL-2025-44013 Malicious code in dian-kupang25-breki (npm)

The package dian-kupang25-breki was found to contain malicious code...

MAL-2025-43627 Malicious code in blackgoldpvt (npm)

The package blackgoldpvt was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript

...

MAL-2025-6886 Malicious code in solana-spl-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in mycodesvn (npm)

The package mycodesvn was found to contain malicious code...

Malicious code in phpwpcc (npm)

The package phpwpcc was found to contain malicious code...

Malicious code in hotel-apple-banana-bdaxu (npm)

The package hotel-apple-banana-bdaxu was found to contain malicious code...

Malicious code in jasper-avbkv-p4win-lavender-project (npm)

The package jasper-avbkv-p4win-lavender-project was found to contain malicious code...

Malicious code in test-mlw2-cagey-bawds (npm)

The package test-mlw2-cagey-bawds was found to contain malicious code...

Malicious code in ganymede-kastra-antd-javascript (npm)

The package ganymede-kastra-antd-javascript was found to contain malicious code...

MAL-2025-34496 Malicious code in tango-maple-rv2b (npm)

The package tango-maple-rv2b was found to contain malicious code...