873 matches found
EUVD-2026-1968
Malicious code in jz-test-npm npm...
[SECURITY] Fedora 43 Update: python3.12-3.12.12-2.fc43
Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...
MAL-2026-98 Malicious code in py-publish-test-0126 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 993085ca23a6a729d332eade4d58778a42c1d19b18237ab4b3c3a6bacf9fd126 Dependency confusion demonstration package with reporting through a decorator function --- Category: PROBABLYPENTEST - Packages looking like typical pentest...
Malicious code in seanp-test-package-do-not-use2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99e839ce8a19ba7b81bda65289233cd34aa7bc4daba6d742f102288bbc5e514d The package seanp-test-package-do-not-use2 was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview seanp-test-package-do-not-use2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...
EUVD-2026-1121
Malicious code in seanp-test-package-do-not-use2 npm...
EUVD-2025-205828
Malicious code in @ptest2535/testpackage npm...
MAL-2025-192981 Malicious code in @ptest2535/test_package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b13d530a9ae65d0d85399d64cd8b0842f91f121a59d8e6386d63a730746d23d The package @ptest2535/testpackage was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192850 Malicious code in pentestlyio-testpackage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c33a99a3bfd88931eb474977950169e0ee173b9f3df727cdcec54ec1fd3b1ed3 The package pentestlyio-testpackage was found to contain malicious code...
[SECURITY] Fedora 43 Update: python3.13-3.13.11-1.fc43
Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...
org.apache.hugegraph:hg-pd-dist (=1.5.0), org.apache.hugegraph:hg-pd-service (=1.5.0) +1 more potentially affected by CVE-2025-26866 via org.apache.hugegraph:hg-pd-core (=1.5.0)
org.apache.hugegraph:hg-pd-core MAVEN version =1.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hugegraph:hg-pd-core and may be impacted: - org.apache.hugegraph:hg-pd-dist =1.5.0 - org.apache.hugegraph:hg-pd-service =1.5.0 -...
@nocobase/devtools (>=2.0.0-alpha.2 <=2.0.0-alpha.51), @nocobase/server (>=2.0.0-alpha.2 <=2.0.0-alpha.51) +1 more potentially affected by CVE-2025-13877 via @nocobase/auth (>=2.0.0-alpha.2 <=2.0.0-alpha.51)
@nocobase/auth NPM version =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.2, =2.0.0-alpha.51 Source cves: CVE-2025-13877 Source advisory: SNYK:JS-NOCOBASEAUTH-14287473...
EUVD-2025-199281
Malicious code in @trackstar/test-package npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-179789
Malicious code in chakra-ui-test-quark-astrophysics npm...
Malicious Package
Overview @gitlab-test/npm-v10 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in @gitlab-test/pnpm-v9 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 352b39cbb73b3231bb6a6698230853fb58dd0313c7187e98a39dba4502226b02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @gitlab-test/npm-v10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a2cc1d206acfbb6ecfb92153bc522f6649d002c96ca2cb99d3dd7367520f64a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 43 Update: python3.10-3.10.19-1.fc43
Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...