Lucene search
+L

4484 matches found

ossf
ossf
added 2026/06/23 12:15 p.m.10 views

Malicious code in poly-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5aab464aac47233efb564c52d5818fef783efa856f8318c61d61ef99ca0da4e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/23 12:15 p.m.9 views

MAL-2026-6285 Malicious code in new-solt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5a46a9516de2c87a2d451b78ace7033fb9dffa9faa4216b84eb068136098cfa Package [email protected] contains index.js which imports childprocess and invokes execSync with bash and zsh shell strings around lines 315 and 331...

6.3AI score
Exploits0References4
ossf
ossf
added 2026/06/19 8:28 a.m.12 views

Malicious code in ts-esys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 041ff0fd2b76f380705ef23061ebfe469477b2fbec8e025eab49a557431a551e The package is published as ts-esys but its package.json author, repository URL, funding metadata, and README are copied verbatim from MikeMcl/big.js...

6.2AI score
Exploits0References2
ossf
ossf
added 2026/06/17 5:7 a.m.8 views

Malicious code in @mastra/voice-aws-nova-sonic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c109adf5a77f9ace07bb1f5ec93cd8d3464bf675b7a93abc5fdfd64669f0c75 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 5:6 a.m.10 views

Malicious code in @mastra/google-cloud-pubsub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1bd3f8519d6016a066d4268dae0e9c0d20ca87350cc759832b6053128a5b8d8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 5:5 a.m.7 views

MAL-2026-5996 Malicious code in @mastra/agent-browser (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49ba6a41e7e43733a8334968ce740af8771208c66c7529d9f4319bd62e39601d @mastra/[email protected] declares a dependency on 'easy-day-js@^1.11.21' in package.json, but the package's own compiled code in dist/index.js nev...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 5:0 a.m.19 views

Malicious code in @mastra/playground-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f95ef610dd6911f5d9c670d625d68b49c360aa9d92d8aa2532087c32ffb88a2a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 4:58 a.m.9 views

Malicious code in @mastra/deployer-netlify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fc319f7f95075b9eb23f3c1dbde016dd6f4a23add16bf96a3449149d316d571 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 4:58 a.m.9 views

MAL-2026-6017 Malicious code in @mastra/deployer-netlify (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2fc319f7f95075b9eb23f3c1dbde016dd6f4a23add16bf96a3449149d316d571 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 4:58 a.m.8 views

Malicious code in @mastra/claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43c60df59e1fa51bbf7a5f6737d2c362f205589d70025f426f1004859168b1fe The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
ossf
ossf
added 2026/06/17 4:58 a.m.10 views

Malicious code in @mastra/deployer-cloudflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 134b341a4308b5afd16ffa8eaf1c28befc1ebbd10303579f674eba8c480ba0b0 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 4:55 a.m.15 views

MAL-2026-6015 Malicious code in @mastra/deployer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ada3444d44067bbe5085e0892f7885b106c016c114676c2601b15bbb52ce4a4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/17 3:11 a.m.11 views

Malicious code in @mastra/evals (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9bc49e06e746f572e3d99fcd89abf22d51e094de6629cb9cce1988e2d3e08c4 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
osv
osv
added 2026/06/17 3:11 a.m.9 views

MAL-2026-5939 Malicious code in @mastra/ai-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98257d70b56e46a3dcd690478b15c54fb55c270db969b777c0cb42bec21ace37 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
osv
osv
added 2026/06/11 9:35 a.m.14 views

MAL-2026-5625 Malicious code in clsx-tailwind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e1efb9d7593baede89024227d99cc6ca9fc0c86e1f0faf8dd78560174cf1b39 Package advertises a trivial Tailwind class-name merger a 5-line cn helper but its main entry dist/index.js unconditionally requires...

5.5AI score
Exploits0References2
ossf
ossf
added 2026/06/10 1:34 p.m.14 views

Malicious code in solidity-abi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d00c844413b4c809e5d57d1952a17f67f2c72324fd379c91d5fdd8aa3fdd9da9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
ossf
ossf
added 2026/06/10 12:41 p.m.16 views

Malicious code in plugin-fastify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85454b4f6eb05f7133937ef6acbdd16ae04b31aaf2b4806bdcac1d845fb80d6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
osv
osv
added 2026/06/10 8:27 a.m.14 views

MAL-2026-5493 Malicious code in @builder.io/dev-tools (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ff13c28b39f7c02f6243516ca6055c3fcbbfb72cc4ca16ecfe99a31099dd1c8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
ossf
ossf
added 2026/06/09 2:17 p.m.17 views

Malicious code in @doaction/signalhub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7bca1eff18553fad58ccd2097810887a61afc717b44a657c6674bfa7317bb41 @doaction/[email protected] is shaped as a dependency-confusion attack against organizations using a private @doaction scope. package.json declares...

5.6AI score
Exploits0References2
osv
osv
added 2026/06/01 12:0 a.m.10 views

MAL-2026-5119 Malicious code in @redhat-cloud-services/types (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6AI score
Exploits0References3
Rows per page
Query Builder