Lucene search
K

4 matches found

OSV
OSV
added 2026/06/27 9:55 a.m.12 views

MAL-2026-6547 Malicious code in react-editable-calendar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef4c5725bd98fb80c8dc59c58f68627b6a69aa4c4ae16d3f0c70c011895144cb package.json declares a preinstall hook node src/utils/index.d.js, but the published tarball's files whitelist ships only dist/, README.md, and LICEN...

6.2AI score
Exploits0References7
OSV
OSV
added 2026/06/13 8:13 p.m.16 views

MAL-2026-5743 Malicious code in environment-gate (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80dc74c6c5240e9c146e476300b44582cc114cf1827319ba81d2bcae2d64c2cf index.js contains a commented-out line that, if uncommented, would base64-decode the URL https://www.jsonkeeper.com/b/VKUNI, fetch its contents via...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 12:39 a.m.14 views

Malicious code in @mcpassure/mcp-anvisa-bulario (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e846cabb7b5077244737d7a465e944ebe7635db46cc55e7e5736eeda47d30938 dist/bootstrap.js references a hardcoded URL on pub-046c52795b9445cd9f5cc5cb21b9d59f.r2.dev — an anonymous Cloudflare R2 bucket — and calls fetch...

5.9AI score
Exploits0References10
OSV
OSV
added 2026/05/19 5:4 p.m.10 views

MAL-2026-4645 Malicious code in prettier-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80a3bdd18c28c0c045aaed2a3e5725b3b38cb45bc9c16d0b795c4334caed17a5 Package name prettier-sdk impersonates the top-tier prettier package 50M weekly downloads, copying its README verbatim and forging metadata repositor...

5.7AI score
Exploits0References2
Rows per page
Query Builder