Lucene search
+L

21 matches found

osv
osv
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5201 Malicious code in @ethlete/dsp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70c5d7385124d81ab784d06593b0df8f05d245c165ea1ebfee9cb6b49b817ab0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
ossf
ossf
added 2026/06/05 12:53 a.m.42 views

Malicious code in dbmux (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e5a2711ddd8b917b94e7d441193f3cb4b13b5f58b8651c04ee2728119f9f049 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References5
ossf
ossf
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9746e4768872ec865677aee5e0616ec2bddc7d5d26e9c58bffd5541533612d7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
ossf
ossf
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-cloudflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d324ad75e592bc93a8dc377ed5dd767a51a006b12141d0b4f33c95738b85a09 No concrete indicators of installer-side harm were identified for [email protected]. No lifecycle scripts fetching remote code, no...

6.1AI score
Exploits0References4
ossf
ossf
added 2026/06/05 12:53 a.m.20 views

Malicious code in executable-stories-init (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf8558677662bfcde2a5014a6ab8947b18228abb9415a5e41a964bcf5f5dd985 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
osv
osv
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5235 Malicious code in awaitly-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3f926748b1e107755cfd17cb9151edc730b0228b6e857735a6794f8c1e71c65 No concrete indicators of installer-side harm were identified in this package version. No lifecycle hooks fetching remote payloads, no credential-pat...

6.2AI score
Exploits0References12
ossf
ossf
added 2026/06/05 12:53 a.m.19 views

Malicious code in creditcard.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d465ca657b19d32867e41b0ef3e049313241bba9db41c54c9e73d1682d7c1300 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References4
ossf
ossf
added 2026/06/05 12:53 a.m.18 views

Malicious code in autotel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 921a045507925f9accff44927ec74588991f03dd291a3ae95cdc9919523ed800 Pattern matches fired on co-occurrence of the strings 'ping', 'POST', and 'hostname' in the package's bundled and source files dist/chunk-.cjs,...

6.1AI score
Exploits0References4
osv
osv
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5265 Malicious code in node-env-resolver-nextjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 556430b576f70c519fdab92137b48779f60f127f48ff5bdef0bcef838e24131b The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References3
osv
osv
added 2026/06/05 12:53 a.m.11 views

MAL-2026-5215 Malicious code in autotel-backends (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5791740e97cb185ebd5c0e59c386020857b44a67a8c890c3826e19c60e11c3b4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.2AI score
Exploits0References4
osv
osv
added 2026/06/05 12:53 a.m.13 views

MAL-2026-5205 Malicious code in @forjacms/analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44f7217965dcd60b165d3303ec44e2fbd7419e287110e70011a1434d7b5870e0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.2AI score
Exploits0References4
ossf
ossf
added 2026/06/04 10:27 p.m.26 views

Malicious code in wdb-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...

5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/11 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
snyk
snyk
added 2026/05/11 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
snyk
snyk
added 2025/11/24 8:33 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 8:33 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 8:33 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
snyk
snyk
added 2025/11/24 4:24 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder