36 matches found
MAL-2026-3525 Malicious code in @uipath/agent-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d0350668580724b1a764da5a9904350fcf8127bed8144c82a4cf966517b1ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3511 Malicious code in @mistralai/mistralai-azure (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58e099ab615b8869cb741b5604f6becdf1e9d1d7c5ac326f9c4065f5f590f6 The package @mistralai/mistralai-azure was found to contain malicious code. Source: ghsa-malware...
Malicious code in @w3m-app/switch_network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7b0fe342478f8fa59c7d24a50e0105c12841f0ef1b7e96443843c2f3eba85a5 The package @w3m-app/switchnetwork was found to contain malicious code. Source: ghsa-malware...
Malicious code in @automagik/genie (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6e7702eae0e8ff480f6f47624128cb3bf2ad5934d6c6a9a5481f3ac424db40 The package @automagik/genie was found to contain malicious code. Source: ghsa-malware 00207299cc0b9ee634f5850f194f399c6164fd4621989a43f8e5f9353d3707...
Malicious code in @emilgroup/tenant-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d887c661a1552423bf923bf1028ef4aabb762dc2fa329db39e8b4552ce32803 The package @emilgroup/tenant-sdk-node was found to contain malicious code. Source: ghsa-malware...
Malicious code in timeout-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1df00c4c63fa8e52f67bf4d40b5dadae1ddcb640d127546671ce2bf53b5eafa7 The package timeout-ts was found to contain malicious code. Source: ghsa-malware 16cf2a5883796e1a03bb6cc6da0182692fa5962abe42950ba3d95709ca928a71 Any...
MAL-2026-149 Malicious code in bnia-work (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f78b12fa102dbd32d8d3a27c016f7b790124a3a73bdf1970768799e120183c30 The package bnia-work was found to contain malicious code. Source: ghsa-malware 2583fa3177342feb8975727c7ad5873d1a1e7bea2ce3ce445343aaa9a0b3459b Any...
MAL-2025-192596 Malicious code in starling-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02cb3e1a7a02e3f4215b9e7e7d4f0034bd086085c49a157f37ecf151a9009610 The package starling-api was found to contain malicious code. Source: ghsa-malware a935f963069dc7da39338aa1f718ac33babb8d366d6e23c489a4515b776d6577 A...
MAL-2025-191171 Malicious code in @accordproject/concerto-analysis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd4dfaf2dbfd72597ed98e94903934d34e97ddd5dc4f7aeb7f5450767cb3a34c The package @accordproject/concerto-analysis was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191089 Malicious code in express-starter-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f7f0e424be1b6e1710d9f2670a4a9b6fbc48636560f8af2025d15de19f01e03 The package express-starter-template was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190781 Malicious code in scgsffcreator (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca94ec4e3681855a45287e7aebaa6293b5416e803022d7fb318e447cd18f49bc The package scgsffcreator was found to contain malicious code. Source: ghsa-malware 57471dc81b8368989c69a7f00f7b480aa7036def63b216094e6aca18730e0a16...
Malicious code in mstate-react (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997c10662d47fa55ca8cd4db612274bf4d589c7d82d079b48fae3261bb5c65a7 Any computer that has this package installed or running should be considered fully compromised. All...
MAL-2025-3689 Malicious code in internal-lib-t1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0656cbf9afeeae51e03fe153910e1dad3a3840f219effb0583665acdfefb34ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ui-platform-base-components-v2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b86eb50d9103e65b5af0d24fc0da1302ab769b008a7a2d7c46d686a0fca6d9b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-vc-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57a74516506d551102adff697246e1f0a75c62372b7d5eeedd8b4f2dca093bcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in r5-zknet-wallet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 070dfd4d90ed4eb9d2cd623b84d76f1b2cf1fcfd6bb9704350773e5344446c94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mafid-prod-fe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0ab349dc0f539992fdb9d4baf49cbe8b67efe4f92fc9e163454386aea92fee1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in oasis-os-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0855cc5a073138729aaaff78692f8f6b631c4466abbd62dc4a8d7407b86ea5e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in spacexstats (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a3d5802346cd5966361f229a602839453998b6251e428ec6638141f6fcdb3c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cdp-agentkit-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d53da33893272680319756bf6d56dbd2de8b7d06bc19bd46c65f06c11336031 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...