40 matches found
Malicious Package
Overview lovable-react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-47833 Malicious code in react-lovable (npm)
The package react-lovable was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c792d58d6efcc096647d6997590af53728e09a15a04d0a88839966aba1271f9b Any computer that has this package installed or running should be considered fully...
Malicious code in react-lovable (npm)
The package react-lovable was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c792d58d6efcc096647d6997590af53728e09a15a04d0a88839966aba1271f9b Any computer that has this package installed or running should be considered fully...
How AI-Native Development Platforms Enable Fake Captcha Pages
Cybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, and drive phishing campaigns...
Malicious code in lovable-cookies-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2866fddcd00a7e51784a043c672960b21264ee2449d71b72d5382f7ab14050b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview lovable-cookies-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2025-47188 Malicious code in lovable-cookies-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2866fddcd00a7e51784a043c672960b21264ee2449d71b72d5382f7ab14050b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lovable-ci (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 383c94c307a9e3918b3e8a1296016307e7d4379f743893becd41721604736176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47075 Malicious code in lovable-ci (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 383c94c307a9e3918b3e8a1296016307e7d4379f743893becd41721604736176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in lovable-cookie-logger (npm)
The package lovable-cookie-logger was found to contain malicious code...
MAL-2025-45068 Malicious code in lovable-cookie-logger (npm)
The package lovable-cookie-logger was found to contain malicious code...
Malicious code in lovable-logger (npm)
The package lovable-logger was found to contain malicious code...
Malicious code in lovable-loggers (npm)
The package lovable-loggers was found to contain malicious code...
MAL-2025-42022 Malicious code in lovable-loggers (npm)
The package lovable-loggers was found to contain malicious code...
MAL-2025-42020 Malicious code in lovable-cli (npm)
The package lovable-cli was found to contain malicious code...
Malicious code in lovable-cli (npm)
The package lovable-cli was found to contain malicious code...
MAL-2025-42021 Malicious code in lovable-logger (npm)
The package lovable-logger was found to contain malicious code...
AI Website Builder Lovable Abused for Phishing and Malware Scams
Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,…...
Lovable 安全漏洞
Lovable is an AI full-stack application builder from Lovable. A security vulnerability exists in Lovable versions 2025-04-15 and earlier, which stems from an insufficient database row-level security policy that could allow an unauthenticated attacker to read and write arbitrary database tables...
CVE-2025-48757
CVE-2025-48757 concerns Lovable where an insufficient database Row-Level Security (RLS) policy up to 2025-04-15 could allow remote unauthenticated attackers to read or write to arbitrary database tables of generated sites. Several sources (NVD, Red Hat, CVE.org, CNNVD, PT-Security) confirm the is...