Lucene search
K

97 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in crazynut (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99acc5fd6f39abd90d81467df8fe55d92230edd286a12d9f628ad6f9c1c34a9a The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago7 views

Malicious code in @vite-ln/build-ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8972bbfdd55ad200dd49b08501d7391beca99841f0c36479806f2b1e329950a2 Package @vite-ln/build-ts copies the legitimate vite package's manifest verbatim description 'Native-ESM powered web dev build tool', author 'Evan...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/07/06 6:58 p.m.8 views

MAL-2026-6884 Malicious code in syncora (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fad6a402b2081c7bd35f082e81588979985d9e4b458e0a34794e50f4acc14fd7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/03 4:0 p.m.9 views

Malicious code in alder_morrgan (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96468d16380fb68b99823735be418b7393216e068ce91f6aa31f2e1305d9d4d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/06/29 4:53 p.m.6 views

MAL-2026-6609 Malicious code in @contentprod-authoring/block-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa028931eef026447363bc2ef44ace207f4f3226de4289e354d26d730fa28186 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/23 6:10 a.m.6 views

MAL-2026-6277 Malicious code in search-from-search (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e2e600c7cba50d7cc3cbff52a18f77e508ec66be3a50cd4960f84771598548 package.json registers node callback.js as both preinstall and postinstall, so the payload runs automatically on npm install. callback.js collects th...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/17 5:1 a.m.6 views

MAL-2026-6031 Malicious code in @mastra/otel-exporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1998b4d1e4f2d960197b14f573628777e4456ff374f007ac39cca273a206aea The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/09 11:19 a.m.10 views

MAL-2026-5347 Malicious code in moustick (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector deae034e46d94eafe1db97a6a57a664400f03caa48af8f775f6064c361c6bb9a Package impersonates the popular cookie-signature library — it copies the description, README, author TJ Holowaychuk, and repository URL of...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:5 p.m.18 views

Malicious code in viem-multichain (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 000bdcb32a8ca1f6657425685c88c4b60917055d5a202275c50d004462e37459 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 6:48 a.m.7 views

Malicious code in cortana-md-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686dc6172d061151a94189d41cd564a6127d00f10af75880962a357301ec135e The package cortana-md-bot was found to contain malicious code. Source: ghsa-malware a712b3a56136d272ebf1a688ff9ea1cc572023730622963df1e6e82389177d28...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/03 5:13 a.m.3 views

MAL-2026-1165 Malicious code in @global-dax-ad-platform/dax-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e50b13916c14b17a01e550d32711ed37f8842bc2a0eede3ea254df64f7a0af1a The package @global-dax-ad-platform/dax-components was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/02/02 8:27 a.m.4 views

MAL-2026-648 Malicious code in yazxzpedia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f94694d3882914e6f75cc35db5533b7d7c4d9caebb2631033de332d3c49e562 The package yazxzpedia was found to contain malicious code. Source: ghsa-malware e97d515edc36ba99b0d5fa4cc5cd35798ff96229f05a9f93ba6dbef0631f1ac0 Any...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/13 4:13 a.m.6 views

Malicious code in francium-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bbfe7cfa0e201004579dc73a60307dbd93e6507801d3dd767b689cb748535c1 The package francium-utils was found to contain malicious code. Source: ghsa-malware 36e968a97c914ae6c1bf4fb980564d69546cc92105d1be341f56c933ec2caa12...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/07 5:38 a.m.8 views

Malicious code in sort-imports-es6-autofix (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20061f2672fcbe82b13ab8e09c629d93991ef45200bb30c7bf9a1dc78cbb4230 The package sort-imports-es6-autofix was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/19 8:44 a.m.6 views

Malicious code in chai-as-awaited (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e469d359c2a3a5ca20b47691e64d2330d38d9ad0f173fb440b2ac677d333d6a The package chai-as-awaited was found to contain malicious code. Source: ghsa-malware df0ec4507c7a16056091fbf705d97408c308041bf9b5798d113fdc3042a00b3...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:55 p.m.7 views

Malicious code in expo-router-on-rails (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92bd7bcf264644e954c78205f555c4b45d42e4e628db37666799375a9a8777f5 The package expo-router-on-rails was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/05 10:57 p.m.4 views

Malicious code in mojio-client-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5fea28b1c502ade1afb436a22ffc2bd83e1c413dd85b274370f805ec0760be91 The package mojio-client-lite was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/28 2:1 a.m.5 views

Malicious code in types-lodash.es (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ad198ed6efdd1d7367a198d4b5c761b7ecf5421158cf8cce424a4f693598f1f The package types-lodash.es was found to contain malicious code. Source: ghsa-malware cd47d05a7a2bdd9fbd2f267aaeb6664d79583714a396f493858e926e1cc25f0...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/27 6:11 a.m.6 views

Malicious code in unused-imports (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01031534d46574b4aca0e5341d43399ac25cf7c751f841cf6af2eec7b73fa797 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/14 3:46 a.m.5 views

Malicious code in private-callouts (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a2946aeff32829327711ed5cbdd0127273806a52a23e9be1f96113c04562bc6 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
Rows per page
Query Builder