18 matches found
MAL-2026-5328 Malicious code in @zimmo/last_search (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis daa94c8fc8cb74e07464808cfbe936d15c1f9814981aaa7c41264d6246edfae4 The OpenSSF Package Analysis project identified '@zimmo/lastsearch' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4830 Malicious code in editorial-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d7404afc131a113ef01d7eb896439a8719bb0f1b8d67e491d53321fdd5981e97 The OpenSSF Package Analysis project identified 'editorial-code' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-4832 Malicious code in mse-authentication (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a953627a77037de50d82384daca1d98d101c4c09b315ab91fd597a43557fbd99 The OpenSSF Package Analysis project identified 'mse-authentication' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
MAL-2026-4831 Malicious code in editorial-mse-authentication-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a97fd474e8661c575287f7cc9fddd0ee1ac95240c13653555ca2b416e895b99a The OpenSSF Package Analysis project identified 'editorial-mse-authentication-ui' @ 99.0.1 npm as malicious. It is considered malicious because:...
MAL-2026-4252 Malicious code in @43uh3ig43/telemetry-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37d4a096b834c0d9acdddefee09b0c6cb4d8c6f68513b2ebb4ec88424f491e89 On npm install, the package's preinstall, install, and postinstall lifecycle hooks all invoke telemetry.js, which collects host metadata OS,...
MAL-2026-3062 Malicious code in @google-pay-trust/cancelled (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b7b08b4a3e94724e2b15686c111c5633ab73daf6f54dbcc7b758b91cfa3797a The package @google-pay-trust/cancelled was found to contain malicious code. Source: ghsa-malware...
Malicious code in @apple-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fc55ea349311a75b2010e08e3c5bc6ad5498bf7f0ed78d942231a42ca46f8d The package @apple-pay-trust/start was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3054 Malicious code in @apple-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92fc55ea349311a75b2010e08e3c5bc6ad5498bf7f0ed78d942231a42ca46f8d The package @apple-pay-trust/start was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/init-google-pay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 155365fdfef6534b365ca7ef2fd9ec698aa3a0af9e1130483658eba525f70e81 The package @google-pay-trust/init-google-pay was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/finish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd69ccad4854f078fe0d815a4f14a1b8ef69fd62704fbf4be49710a2c3926b2 The package @google-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3063 Malicious code in @google-pay-trust/finish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd69ccad4854f078fe0d815a4f14a1b8ef69fd62704fbf4be49710a2c3926b2 The package @google-pay-trust/finish was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3072 Malicious code in @tw-models/storage (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1acb608389781c19ee33b5aa795b18367eab2569c00bce5ca9292db0b08f9594 The package @tw-models/storage was found to contain malicious code. Source: ghsa-malware...
Malicious code in @tw-utils/static (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8060c32aabe89eb22a82291f64a25a65a01040bd6aa838ea676e7f500a25f70d The package @tw-utils/static was found to contain malicious code. Source: ghsa-malware 60a80ead8b8afa898624fa960ac7edaf112ac7b55a89001fc4c066971c2c4c...
MAL-2026-40 Malicious code in spire.officejs-editors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a16e661181ec9b4834133423f88991671288814200d66aa148195cc9c06b5aff The package spire.officejs-editors was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-6884 Malicious code in @capacitor-bmo/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73144f96ecbe009cff465503e7a7c8d70408d0a85196d3b8faefbd6809a731e8 The OpenSSF Package Analysis project identified '@capacitor-bmo/common' @ 99.0.1 npm as malicious. It is considered malicious because: - The...
Malicious code in @capacitor-bmo/common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73144f96ecbe009cff465503e7a7c8d70408d0a85196d3b8faefbd6809a731e8 The OpenSSF Package Analysis project identified '@capacitor-bmo/common' @ 99.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2024-9083 Malicious code in hotels-widget (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bc89d8c1cd178341947d46f998ed1e1915c4d6d5aa787e8e939b51ed463de409 The OpenSSF Package Analysis project identified 'hotels-widget' @ 99.0.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in @ikea-aoa/component-price-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7f7e0211ea2009802ec566e645d03e557dda0a2f62f2546df574ab757ab095d2 The OpenSSF Package Analysis project identified '@ikea-aoa/component-price-module' @ 99.0.1 npm as malicious. It is considered malicious because...