CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MAL-2025-188784 Malicious code in postcss-loader-regulus-whitedwarf-paleoanthropology (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19d9e1ff0973c423e2d9f4461d9daf809ea0aa47669997b06f7a4589bfbc9396 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187402 Malicious code in hydra-markdown-pdf-resolvers-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3b797c75fdfd25ea211ed69e79105dbfa687f29b61dee7b5781593c49413254 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188777 Malicious code in postcss-html-webpack-plugin-enif-ultra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed318452e4290638abbef91f54d51d2d2f0ecfc9073c4d399951524680acd6f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188783 Malicious code in postcss-loader-prosthetics-loopback-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51f9f63b6e2e1816f62d699a65d1f5b8c88dc6d76c09ded78c5dca4dcc42d958 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188371 Malicious code in nuxtjs-fomalhaut-postcss-avior (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b3531082acc33005105cb670ecb9ad95d910561eb968cd85dccd4a71b29b32d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187067 Malicious code in fusion-postcss-loader-supercluster-biohacking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 400dc4a5c17ace9f40ad7f1fd6da92459fd78712491da86cdf24cdb0f3e04ad9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-187009 Malicious code in forever-cygnus-postcss-jwt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89fd6949db8f73f60ad61fd46e85a491a3d296a9479c600d2a79f928c0d66e92 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-189025 Malicious code in quark-postcss-soap-nova (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19ab6eb7fe1ae8807a5143e9fe44dc0700539f225b246bea505b8b47fe4081da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175857

Malicious code in typeorm-postcss-process-biomimicry npm...

6.6AI score

OSV•added 2025/11/13 3:23 a.m.•4 views

MAL-2025-188778 Malicious code in postcss-loader-bootes-dotenv-parse-variables-csv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc8c8e7ddc227365def94f5bebb667a28e8286055e4184311450fd633fa2131 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-188780 Malicious code in postcss-loader-hapi-publish-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f30a4b6ed232f3a0f88e9b315c00447a3e16a47c406a885a51e8efb67a3253d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•5 views

MAL-2025-187368 Malicious code in holography-hercules-janus-postcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc0747bbcd6e1cb7fbbcd0dc7b214cd578ce9437437d5ff92c3122cd217d7f36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•3 views

MAL-2025-186704 Malicious code in electron-postcss-loader-yaml-pyxis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8dd6b06620bf85f280ff8659339047adecb9bcdc503d3a50fafb169483256ed This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•3 views

MAL-2025-186526 Malicious code in delphinus-miranda-postcss-loader-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd0bdf76910544de6f7f52a3893e80a33923959859d77b7bb710fdc4a41378e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...