184207 matches found
ROOT-APP-NPM-CVE-2026-44576 CVE-2026-44576 in @rootio/next - Patched by Root
Root has patched CVE-2026-44576 in the @rootio/next package for Root:npm. Multiple fixed versions available...
MAL-2026-10665 Malicious code in @fhkry/x-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db9f6c3e5c391d9d3ffeb7f6c1b4154b0266efeb73bdf5543ad81f50236bdabc This package presents itself as a fork of @whiskeysockets/baileys impersonating the original author 'Adhiraj Singh' in package.json and exposing the...
ROOT-APP-NPM-GHSA-R7G4-QG5F-QQM2 GHSA-r7g4-qg5f-qqm2 in @rootio/nodemailer - Patched by Root
Root has patched GHSA-r7g4-qg5f-qqm2 in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-13033 CVE-2025-13033 in @rootio/nodemailer - Patched by Root
Root has patched CVE-2025-13033 in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-GHSA-P6GQ-J5CR-W38F GHSA-p6gq-j5cr-w38f in @rootio/nodemailer - Patched by Root
Root has patched GHSA-p6gq-j5cr-w38f in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...
Malicious code in crypto-hasher (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5162012006c5d2576c6f93540445f10185d44acfb5cef39764f7a2b45c45d205 [email protected] impersonates the hash-wasm library. Its main entrypoint dist/index.umd.js injects code into the WASM Interface update method so...
ROOT-APP-NPM-CVE-2026-44494 CVE-2026-44494 in @rootio/axios - Patched by Root
Root has patched CVE-2026-44494 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44488 CVE-2026-44488 in @rootio/axios - Patched by Root
Root has patched CVE-2026-44488 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-62718 CVE-2025-62718 in @rootio/axios - Patched by Root
Root has patched CVE-2025-62718 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-25639 CVE-2026-25639 in @rootio/axios - Patched by Root
Root has patched CVE-2026-25639 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44486 CVE-2026-44486 in @rootio/axios - Patched by Root
Root has patched CVE-2026-44486 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2020-28168 CVE-2020-28168 in @rootio/axios - Patched by Root
Root has patched CVE-2020-28168 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2021-3749 CVE-2021-3749 in @rootio/axios - Patched by Root
Root has patched CVE-2021-3749 in the @rootio/axios package for Root:npm. Multiple fixed versions available...
MAL-2026-10662 Malicious code in ssweb-wp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdc75de95852418c3d695299d52199b24e52202b2e5595089b3107a73c1e86b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in ssweb-wp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdc75de95852418c3d695299d52199b24e52202b2e5595089b3107a73c1e86b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10661 Malicious code in sauruslord-baileys (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 474b90ec19af5dbbc5bf3c8d27c0c4d079c7d980d6e3316dad3bbf5682abbe52 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10638 Malicious code in monogrok (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3369fb16804682addfec56904223d0255c2a0ca6d35481e744221e8252f2000d Package publishes as a generic 'M!T' library with an unrelated Apache-license README, but the tarball contains an offensive spam / phishing /...
Malicious code in webpack-session-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0007695a788bff7d6d0a87ee48de6771c12a1e21241bd3fc0bc7b5509608533e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
MAL-2026-10648 Malicious code in @hkyyy/portal-widget-helper-0601 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f72e27d8bfbf5b9bfefe661d642be934399a38031c1bee028a20ed3282e0f482 The package has no real functionality — index.js only exports ok: true — and its sole effect is to run a postinstall reconnaissance script...
MAL-2026-10625 Malicious code in @leviosa86com/leviosa86-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...