CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

MAL-2025-139723 Malicious code in auth-install-express-prompts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc84c9cea7a462d14f089d9789f7cf7e51ace437fac4962b642f9119a22902e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-120469

Malicious code in wezen-magellan-cassini-auth npm...

6.6AI score

MAL-2025-140270 Malicious code in cache-eridanus-auth-perseus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2ca0649729d1dff4f07747f531200bc22904d80ebcbccf330d3a9a9072f5251 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in fusion-xerxes-comet-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf07766d12753bced2182938a506ecdf512d8e1d4fb358d5195008a425611e27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in titan-auth-websockets-algol (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 433a1f1238fa18babfb7cdb34edd93e4b23abddb489dead658c27f8f3aec0a08 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

MAL-2025-148510 Malicious code in terser-auth-axios-eleventy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9ca9de95c4d2f1954696851df6eeb56a9ab45bd6ca6f020331f31b003c67e79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145489 Malicious code in nightwatch-terser-webpack-plugin-auth-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8330b970ea27a9a8326babaa86a72618b895c2a775a610dbb6a8d80ff93ff11 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142439 Malicious code in fetch-corvus-auth-charon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de090b94808980372619b8096599353dd43a9676150155c1d8046afdbf5a8d31 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141283 Malicious code in csrf-fornax-xanthus-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d696b9940240241efd098bdfb57e70794d34ea3aa153ce32674ce12d10a5db01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148991 Malicious code in update-blitz-karma-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbaebc82b8eaa16346846eed91be01bee36af4c22c983431ab8165b6d70592eb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148063 Malicious code in socketio-rollup-plugin-vuetify-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b25cfe748bbdae6caba66a493bc7b808107e36ada1c4f2a6279623281fcff361 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140779 Malicious code in chromedriver-nashira-auth-cz-conventional-changelog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d724c5b83c0f473af3674a7fd57f1dd3eb700509ba0801f5a6430a1b78f28af6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142367 Malicious code in express-auth-registry-markdownlint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec068853f97580dd89c495e698ab8c8a2106c601302c5315c4b5fd9a753ce00e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147998 Malicious code in slides-venus-auth-cygnus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e2ca4bfc7c92d49903d81da05832a002a81757952406777c5fc4d4ea8eb30ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-149043 Malicious code in ursa-auth-bunyan-taurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c28eada95a2466abcf6454f804708ecb9d74a085996376d2b7ffcb5ca0835786 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142161 Malicious code in eris-auth-fusion-nodemon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c74e6c4177a2be27c16708c819a8e4889de935df4620a23f9b07e19498a0d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...