26 matches found
EUVD-2025-25601
Malicious code in bioql PyPI...
CVE-2025-55626
An Insecure Direct Object Reference IDOR vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 allows unauthorized attackers to access the Admin-only settings and edit the session storage...
CVE-2025-55630
A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...
MAL-2025-22196 Malicious code in harbor-chime-mpr471-project (npm)
The package harbor-chime-mpr471-project was found to contain malicious code...
Malicious code in harbor-chime-mpr471-project (npm)
The package harbor-chime-mpr471-project was found to contain malicious code...
Malicious Package
Overview chime-secrets is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview chime-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Malicious Package
Overview chime-core-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview chime-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview chime-ci-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in chime-config (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5056e6243008cfb8f92e26f71e00d4f08abfb910bdabbbf516dde94a28421ac Any computer that has this package installed or running should be considered...
MAL-2025-6077 Malicious code in chime-config (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5056e6243008cfb8f92e26f71e00d4f08abfb910bdabbbf516dde94a28421ac Any computer that has this package installed or running should be considered...
MAL-2025-6076 Malicious code in chime-ci-helper (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 280ad6fead53ce916eb475c521931d23da0e7ef62e5a88845facf02492123707 Any computer that has this package installed or running should be considered...
Malicious code in chime-ci-helper (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 280ad6fead53ce916eb475c521931d23da0e7ef62e5a88845facf02492123707 Any computer that has this package installed or running should be considered...
MAL-2025-6079 Malicious code in chime-secrets (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5cc6774ae4b544c6fe8a12fa6caac614e90dfc3e22551bd45e7e2ab1ec60bbfe Any computer that has this package installed or running should be considered...
Malicious code in chime-core-utils (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb533ce212898abdb893a38eb8ade78a5a77d62616bb84b5e0cf00f93ffec6de Any computer that has this package installed or running should be considered...
MAL-2025-6078 Malicious code in chime-core-utils (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb533ce212898abdb893a38eb8ade78a5a77d62616bb84b5e0cf00f93ffec6de Any computer that has this package installed or running should be considered...
Malicious code in chime-utils (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c47d81929483a169d2ee7d4f0f5c08d14518a52a1efa368fc87e2101bd75de5 Any computer that has this package installed or running should be considered...
MAL-2025-6080 Malicious code in chime-utils (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c47d81929483a169d2ee7d4f0f5c08d14518a52a1efa368fc87e2101bd75de5 Any computer that has this package installed or running should be considered...
Malicious code in amazon-chime-sdk-js-exp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 41b8665f77f2bb83789c04cdd6973e2525d3af8609a0e4fc6f41e7b460eb1b51 The OpenSSF Package Analysis project identified 'amazon-chime-sdk-js-exp' @ 10.10.100 npm as malicious. It is considered malicious because: - Th...