Lucene search
K

47 matches found

OSV
OSV
added 2026/05/20 12:21 a.m.8 views

MAL-2026-4248 Malicious code in solna-web3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6076f4236301f997d420c7daba9b12c035fe2866fa9fa42f59be230b5e90350a Package name 'solna-web3' is a one-character typosquat of the popular '@solana/web3.js' drops the 'a' from 'solana'. The package's only real...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 6:13 p.m.10 views

Malicious code in @emilgroup/billing-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91fdd5297b7532183f2b29871b23802ced24b046c92f2826618bc083dd243620 The package @emilgroup/billing-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/16 2:49 p.m.4 views

MAL-2026-1472 Malicious code in n8n-nodes-xml-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72bcfbf156c4f649a0f1bee9fe86ea767c5ff6edb02fca89a95569143d7ebf96 The package n8n-nodes-xml-utils was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.9 views

Malicious code in syntax-class-constructor-call (npm)

The package 'syntax-class-constructor-call' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/02 2:33 p.m.4 views

MAL-2026-1115 Malicious code in chai-vest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b92343f543acb60949d618ec06160013b1536a63f3db5431a4e24b1eaac2ccae The package chai-vest was found to contain malicious code. Source: ghsa-malware 2d3a82ac6f8ebd7b7eba324f04e78d43fccef2f3ddf20c24014f4768dc50731d Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 3:25 a.m.7 views

Malicious code in researchpoc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ee8d68b9386bf55de2d3ed033493507ee88db166ae46345172ba93d938f3a27 The package researchpoc was found to contain malicious code. Source: ghsa-malware 912631f8dc76f3b4ddae075966fd902e7ab19c0799a0cd29b0c9ece7d79cd1ce An...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/01/06 12:54 p.m.3 views

MAL-2026-73 Malicious code in chai-as-required (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d4e11cf62bfc3ebf38053f2a9100239db0bc6e3069a4cd202f4469c5095cacf The package chai-as-required was found to contain malicious code. Source: ghsa-malware 6fc3ec9f20ee6a20fa8c22b25629b78558ca88fca81f4b25f414ad2eb13dcb...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/12/12 6:34 a.m.5 views

MAL-2025-192563 Malicious code in sd-pay-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7543455a42022174e965eac8f842494f5ad7eb1e0755dfd01035529d63d7a5ff The package sd-pay-ts was found to contain malicious code. Source: ghsa-malware c21a3fe3b0a1df838e4d8b768b5dcc2cf3831bea34c8527fd9e8493ab480bdd7 Any...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/11/05 10:57 p.m.3 views

MAL-2025-49366 Malicious code in mojio-client-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fea28b1c502ade1afb436a22ffc2bd83e1c413dd85b274370f805ec0760be91 The package mojio-client-lite was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/11/05 1:41 a.m.3 views

MAL-2025-49361 Malicious code in react-notifications-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fbe66f8e85ad0ad7c2682e9640e0f2a48344bcef9beeaa8de12e5e687744acf The package react-notifications-alert was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/04 10:22 p.m.2 views

Malicious code in jsonretype (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f5153794835635057bad05300635360b4d6601aee683831850a767d139b4dbc The package jsonretype was found to contain malicious code. Source: ghsa-malware 95bc6e978289ad50ccb9d7e8a9656e9324b18e7d85d9765ac24a158b7d6e8a5e Any...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/10 2:24 a.m.5 views

Malicious code in mshops-web-metrics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ecbec2aacbd449fd0cb4b36bd3ac061312dae30f2dc01a987af141e97998523 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/10/09 9:6 p.m.1 views

MAL-2025-48237 Malicious code in redirect-zoju4g (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80eebf2a6f2148e8444d2a901e3bb9276690a04dfdf2da395c8fced58fe13c2e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/09/15 2:27 a.m.1 views

MAL-2025-47177 Malicious code in err-notification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f0eafe58cdd2171d0209fa3bbc4150f186232cd35115cfb537dde7dd1842e98e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/07/15 1:27 a.m.4 views

Malicious code in asios.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9de41cd145f6fc73566a02847dc79c1f7237e2aa159ac104f24fed3b920ea24b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/10 3:38 a.m.3 views

Malicious code in statsmodels (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 652ecd7593c19928f04b76d12afc53ab879f625813dec79bde8d79ce065d24a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/03 12:39 a.m.2 views

Malicious code in twc-app-example-vue (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 274ea59bea6b31be4c1b08dce0b142ccdff5b3d9541c5edecd6cab49226d93cd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/03 12:34 a.m.4 views

Malicious code in hide-console-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 553d9f1d98ecb2b448f09091adba1ab0cdce9e4f07391a50fc002ba74669645a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/17 6:43 a.m.3 views

Malicious code in orangex-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d75dcd0936faaa1ade20abad6c214921354886d0070329789e51d75e0a82c48f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/17 6:28 a.m.4 views

Malicious code in telegram-bot-hoster (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3b1f6f7d44822f546914ae3155fe660229e8ccb900d78e88fe8dfa32aa1ae90 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Rows per page
Query Builder