CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-113663

Malicious code in fetch-iota-nightwatch-apollo npm...

6.6AI score

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-116590

Malicious code in apollo-fornax-mdx-eleventy npm...

6.6AI score

MAL-2025-139513 Malicious code in apollo-fornax-parcel-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4428990b52194111194eed7d777050d56daa9124b291ecad8271bf7dd940afa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-144898 Malicious code in meteor-apollo-upgrade-zenobia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6297cc76699859130e9718018440cd30c840913c432fca2c2f56741aa440712 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139496 Malicious code in apollo-blaze-rate-limiter-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 105306c763841236f419b884919f6f97a6b63b25a0c00e39bd178d7a8c251e97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139560 Malicious code in aquarius-webpack-apollo-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8aa3d71e1d7a0e15bb88b0ed383e56df383ddcdda804b23c3df1115b266cab90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•2 views

MAL-2025-145947 Malicious code in parcel-apollo-framework-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cea42becba6a089bebabca0dc3b4529b470bb588c4ad13b4ebd10402cbc0a618 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in redis-rehype-ursa-apollo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50bdd382eb1e539450124dd835e0c6ec1041569faf9e48d98e50bcae43941623 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

OSV•added 2025/11/12 4:29 a.m.•2 views

MAL-2025-145303 Malicious code in nconf-apollo-ursa-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 436dd8859e1f1b9fa7b1ea214fde2d84d4d19ab7b120dfd33ea32afc67345d64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139530 Malicious code in apollo-server-terser-webpack-plugin-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 242351a23e7cfbb27df8dcfbf0a3ce9e20b76ec9c4b6267b770b2fa7c8a05448 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149041 Malicious code in ursa-apollo-version-readable (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5eb449d68a1a78b9ec331359f8f01997194d27f618af0a73724e5259164277c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145694 Malicious code in nuxtjs-apollo-gulp-nodejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af6597f351418457f4a298e75a760f4998e77546742ce0037ebdfd07297dda10 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...