EUVD-2025-176417

Malicious code in server-astrometry-ceres-aether npm...

MAL-2025-145133 Malicious code in mongodb-materialize-lint-staged-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 143e480522b9635afef9b96a04379caf8617f11f48a49d6deb174d2845d3e48e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in babel-rehype-mini-css-extract-plugin-aether (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a1fc500675fae07b9a876c104374b27b82820a5d8bcfaad02b275aa0426a718 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

a2grunnerp (>=0.1.0 <=0.1.8), abba-python (>=0.1.6 <=0.3.0) +1353 more potentially affected by CVE-2021-29517 via tensorflow (>=1.0.1 <=2.1.2)

tensorflow PYPI version =1.0.1, =0.1.0, =0.1.6, =0.0.6, =0.1.0, =0.0.1, =1.1.2, =0.0.1, =2.0.0, =0.3.26, =0.2.1, =7.13.1, =0.0.1, =0.0.2 and more Source cves: CVE-2021-29517 Source advisory: OSV:PYSEC-2021-154...