705 matches found
MAL-2026-5087 Malicious code in buffer-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9d5f9cc02aafc6aacd829af1fe7b8adb4b215f176b9a412ee46ee28372b7805d The OpenSSF Package Analysis project identified 'buffer-utilities' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4344 Malicious code in verify-mycommand (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2f94ffb54a2471d0cc94ce1ea88f741e034221a374f17bfadbd609cb22f14f24 On npm install, postinstall.js executes whoami and id, collects host identity hostname, platform, cwd and CI metadata CI, GITHUBREPOSITORY, NODEENV...
Malicious code in power-apps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68653eed66e7343973bc919788864990337f7645072d32a9d7465d4bf4ff4e7 On npm install, postinstall.js executes whoami, id, and reads os.hostname, os.platform, process.cwd, and CI/GitHub environment variables, then sends...
Malicious code in secdriven (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e64bd0b65a5cddc6e2032cfdd0a23f06c980a25066490b223d07e1b2e4efe3d8 On npm install, postinstall.js executes whoami via childprocess and reads os.hostname, os.platform, the working directory, and CI / GITHUBREPOSITORY...
Malicious code in did-0091 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a50f30be232b343bc9dff677d6c208f16fff861009dccc9f76409d37264205b On npm install, the package's postinstall script runs node -e to fetch the installer's public IP from api.ipify.org, execute id || ver && whoami &&...
MAL-2026-4160 Malicious code in @apps-home-dashboard/events (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc0d8563d3400388ed59cbe3c7f24298ca289895f3633ff4cf1f179d82cda799 The package @apps-home-dashboard/events was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3817 Malicious code in apex-trading (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cf744353f06f389c92cd15c56bf0ec7d29860e8af7c9618413cf65e455428eb The package apex-trading was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3721 Malicious code in npmjs_ethers-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 44bf066109e89ee5929d905131a51645ca3fa95245ea078f5f727412e2f39a40 The OpenSSF Package Analysis project identified 'npmjsethers-common' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2026-3717 Malicious code in truffle-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52bd5b41de871fbbc8c5895f63dfec08ba2ff6ecb9ea03fa6fdb5d9245c74616 The package.json lifecycle script invokes require'childprocess'.execSync with a curl command at install time. Running curl through childprocess durin...
MAL-2026-3653 Malicious code in @design-system-coopeuch/web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a871445c3913d747a2f1383bcfdac02d6dec26ddb2053260340284cf4ee02233 Package @design-system-coopeuch/[email protected] is a dependency-confusion squat of an internal-looking scope, published at an inflated 999.x version to...
MAL-2026-3592 Malicious code in hedwig-tsconfig (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a650b67b76184573f147a7b286249b1de734cfa85647aea9a9bea3284e155f8 The OpenSSF Package Analysis project identified 'hedwig-tsconfig' @ 99.8.1 npm as malicious. It is considered malicious because: - The package...
CVE-2026-3828
Some Hikvision switch products discontinued since December 2023 are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leadi...
MAL-2026-3415 Malicious code in ac-sasskit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d0a627b8de0f6fc1b418dbc3f6242c1b3c4a0e39e5de9d6b70edce441d72db The package ac-sasskit was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in rsflows-pexml (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ef5b11ec067e18cc3a024fee21e569e0f44cf180619e974cbb1dd8325e1b10c The package rsflows-pexml was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @rsi-community/hub-schema (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d578b50b6334d8e8034b40a4820513fe79475d3466f3cc9c1bc71a619fc3b0a The package @rsi-community/hub-schema was found to contain malicious code. Source: ghsa-malware...
Malicious code in oneblk-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f46bbc3e155a30851463f65a3f9d5af33ebd5172df5ad70f7b022a77448fc6eb The package oneblk-design-system was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in mrdaa-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 757aca74d8d75ecde7421f2c632969a5b34c11a279d9d28b75755c2ca0825ceb The package mrdaa-frontend was found to contain malicious code. Source: ghsa-malware 0b6c586cd7adad52516658de8bbb3eb18f166350414f223fd73fe34a240d6948...
MAL-2026-3363 Malicious code in mrdaa-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 757aca74d8d75ecde7421f2c632969a5b34c11a279d9d28b75755c2ca0825ceb The package mrdaa-frontend was found to contain malicious code. Source: ghsa-malware 0b6c586cd7adad52516658de8bbb3eb18f166350414f223fd73fe34a240d6948...
Command Injection
Overview @evomap/evolver is an A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol GEP for auditable, reusable evolution assets. Affected versions of this package are vulnerable to Command Injection via the runInSandbox function. An...
MAL-2026-3337 Malicious code in @t-in-one/save_application_hid_to_storage (npm)
Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...