org.webjars.npm:angular-translate-interpolation-messageformat (>=2.15.2 <=2.19.1) potentially affected by CVE-2025-57349 via org.webjars.npm:messageformat (=1.0.2)

org.webjars.npm:messageformat MAVEN version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:messageformat and may be impacted: - org.webjars.npm:angular-translate-interpolation-messageformat =2.15.2, =2.19.1 Source cves:...

Malicious code in devextreme-angular-rpk (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48daa4ee53933f4f74c8a6cd7644ad441f316912aa3e282498fe602b91f2bc40 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47305 Malicious code in devextreme-angular-rpk (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48daa4ee53933f4f74c8a6cd7644ad441f316912aa3e282498fe602b91f2bc40 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47406 Malicious code in mstate-angular (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c320e2bfb6910ff89bb8610f780de83ce7f70dee3f8dfd5fff63bfda666a28c Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in mstate-angular (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c320e2bfb6910ff89bb8610f780de83ce7f70dee3f8dfd5fff63bfda666a28c Any computer that has this package installed or running should be considered fully compromised. All...

Malicious Package

Overview xo-angular-ui-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in @nstudio/web-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 19e2b2f064a728f3b2e6564cef5f7c00fc9a166f8a2e97291041de79f3b572c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nstudio/angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c1b0ff1d36db43c5565d468f0ca83363bf446a3c5b645dcc6f125bcff4c65b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@ottimis/angular-utils (>=1.3.36 <=5.6.1), @solidpepper/solidpepper-modal-media-selection (>=1.0.2 <=1.0.5) +3 more potentially affected by unknown CVE via ng2-file-upload (=9.0.0)

ng2-file-upload NPM version =9.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @ottimis/angular-utils =1.3.36, =1.0.2, =1.4.1-A20, =0.1.4, =0.1.31 Source cves: unknown CVE Source advisory:...

@bnsights-test/test-admin-portal (>=0.0.57 <=0.0.60), @bnsights/bbsf-admin-portal (>=1.0.0 <=1.2.17) +5 more potentially affected by unknown CVE via ng2-file-upload (=8.0.0)

ng2-file-upload NPM version =8.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @bnsights-test/test-admin-portal =0.0.57, =1.0.0, =1.0.194-beta.19-1, =49.0.0, =12.0.0, =1.4.0-A19, =14.1.0, =14.3.0 Source cves:...

@bnsights/bbsf-admin-portal (>=1.1.66 <=1.1.93-beta.5), @bnsights/bbsf-controls (>=1.0.170 <=1.0.194-beta.10) +3 more potentially affected by unknown CVE via ng2-file-upload (=7.0.1)

ng2-file-upload NPM version =7.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ng2-file-upload and may be impacted: - @bnsights/bbsf-admin-portal =1.1.66, =1.0.170, =1.0.194-beta.10 - @ux-aspects/ux-aspects-docs =11.0.0 - angular-mvp =1.3.16-A18 -...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

angular-fusioncharts (=4.1.0), dpv-angular (>=0.0.17 <=0.0.41) +3 more potentially affected by unknown CVE via @ctrl/ngx-codemirror (=7.0.0)

@ctrl/ngx-codemirror NPM version =7.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @ctrl/ngx-codemirror and may be impacted: - angular-fusioncharts =4.1.0 - dpv-angular =0.0.17, =0.0.1, =0.0.1, =1.0.1 Source cves: unknown CVE Source advisory:...

Embedded Malicious Code

Overview @ctrl/ngx-rightclick is a Context Menu Service for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Linux Distros Unpatched Vulnerability : CVE-2025-59052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container...

MAL-2025-47088 Malicious code in sos-angular (npm)

The package sos-angular was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 947f0382e3c9c40540c29eda0d55e93d15e9f5c4d9689da2113d9693c2554742 Any computer that has this package installed or running should be considered fully...

Malicious code in sos-angular (npm)

The package sos-angular was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 947f0382e3c9c40540c29eda0d55e93d15e9f5c4d9689da2113d9693c2554742 Any computer that has this package installed or running should be considered fully...