EUVD-2025-177883

Malicious code in meta-grep-stack-serialize-authenticate npm...

EUVD-2025-177882

Malicious code in meta-load-thread-grep-decompress npm...

EUVD-2025-177881

Malicious code in meta-monitor-info-import-final npm...

EUVD-2025-178158

Malicious code in lambda-cloud-class-public-meta npm...

EUVD-2025-179376

Malicious code in decompress-simple-lambda-container-meta npm...

EUVD-2025-179373

Malicious code in decrypt-info-meta-table-big npm...

EUVD-2025-179137

Malicious code in encrypt-meta-authenticate-log-string npm...

EUVD-2025-180435

Malicious code in analyze-meta-error-chi-serialize npm...

EUVD-2025-179917

Malicious code in cache-meta-root-try-key npm...

EUVD-2025-179851

Malicious code in cat-meta-stack-minify-try npm...

EUVD-2025-176234

Malicious code in stack-theta-meta-index-web npm...

EUVD-2025-175475

Malicious code in xml-sigma-meta-daemon-delta npm...

MAL-2025-188862 Malicious code in promise-meta-node-orchestrate-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a5d73de94d6841eb4dd5821707f352f8bee1c512dad1e7a52a134db5697862e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186509 Malicious code in decrypt-info-meta-table-big (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be4883bdd1cd22e99353350c8cdb2c98e0bd344ac3801dc0999b5d205d66f663 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187679 Malicious code in kernel-visualize-meta-import-transpile (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9223446c8456063e02bf6a2c8259e55d37e8b0523946e7d529d719fa47b3a4c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-178883

Malicious code in float-beta-deploy-star-meta npm...

EUVD-2025-178203

Malicious code in kernel-visualize-meta-import-transpile npm...

EUVD-2025-178381

Malicious code in integer-omega-virtualize-star-meta npm...

Information Disclosure

github.com/rancher/rancher is vulnerable to Information Disclosure. The vulnerability is due to improper handling of Impersonate-Extra- headers, which are sent to external entities via the /meta/proxy endpoint, allowing an attacker to access identifiable or sensitive information such as email...

Malicious code in nurul-sambel40-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e1782c5b256bcd0bd35dfcfd9d2666a33791fa5a5612bea58414c7a25e55a89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...