7911 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-windows-x64 (>=1.16.0-canary.1 <=1.24.2)
@postman/pm-bin-windows-x64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: SNYK:JS-POSTMANPMBINWINDOWSX64-14103295...
@jbrowse/core (>=1.4.0 <=1.7.3), @persistr/js (>=3.6.3 <=3.14.0) +5 more potentially affected by unknown CVE via tenacious-fetch (=2.3.1)
tenacious-fetch NPM version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tenacious-fetch and may be impacted: - @jbrowse/core =1.4.0, =3.6.3, =1.0.5, =1.0.0, =1.2.0 Source cves: unknown CVE Source advisory: SNYK:JS-TENACIOUSFETCH-14103737...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@affinidi/cli (>=2.1.0 <=2.14.5), @auxx/sdk (>=0.0.1-experimental.1 <=0.0.12) +1 more potentially affected by unknown CVE via @postman/node-keytar (=7.9.3)
@postman/node-keytar NPM version =7.9.3 is affected by a known vulnerability. The following packages have a transitive dependency on @postman/node-keytar and may be impacted: - @affinidi/cli =2.1.0, =0.0.1-experimental.1, =1.0.0, =1.0.5 Source cves: unknown CVE Source advisory:...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
@agent-relay/daemon (>=2.0.5 <=2.3.14), @agent-relay/dashboard (>=2.0.18 <=2.0.19) +339 more potentially affected by unknown CVE via posthog-node (>=4.0.0 <=4.18.0)
posthog-node NPM version =4.0.0, =2.0.5, =2.0.18, =2.0.5, =2.0.5, =0.59.0, =1.0.0, =0.3.0, =1.0.0, =1.1.1, =0.1.6, =0.7.107, =0.1.0, =0.0.0-dev.7baee3d, =0.0.0-dev.acb62ef and more Source cves: unknown CVE Source advisory: SNYK:JS-POSTHOGNODE-14103346...
@asyncapi/cli (>=0.14.1 <=2.16.7) potentially affected by unknown CVE via @asyncapi/studio (>=0.10.0 <=0.20.2)
@asyncapi/studio NPM version =0.10.0, =0.14.1, =2.16.7 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190863...
MAL-2025-190802 Malicious code in @caretive/caret-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dbdd6e96adf12b150ce3a286faf8fcab904140af31ec590599a3c1c01a3ba12 The package @caretive/caret-cli was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198875
Malicious code in @caretive/caret-cli npm...
Malicious code in @caretive/caret-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dbdd6e96adf12b150ce3a286faf8fcab904140af31ec590599a3c1c01a3ba12 The package @caretive/caret-cli was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198844
Malicious code in bytecode-checker-cli npm...
Malicious code in evm-checkcode-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67c49d35b6096e7c647d830c11a75a90f1bd3b90677f1c72d1bdefcd87b134e8 The package evm-checkcode-cli was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198836
Malicious code in evm-checkcode-cli npm...
MAL-2025-190841 Malicious code in evm-checkcode-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67c49d35b6096e7c647d830c11a75a90f1bd3b90677f1c72d1bdefcd87b134e8 The package evm-checkcode-cli was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190768 Malicious code in devstart-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f231d9b0651ac7f2fb06d9936228b85a858023ac4f8b505f6bcf63ac5d661a5 The package devstart-cli was found to contain malicious code. Source: ghsa-malware 54539cce13f7aae0398b444bd30638c4e74ef9546c180e0bfb778aa00be08a30 A...
EUVD-2025-198733
Malicious code in devstart-cli npm...
Malicious code in devstart-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f231d9b0651ac7f2fb06d9936228b85a858023ac4f8b505f6bcf63ac5d661a5 The package devstart-cli was found to contain malicious code. Source: ghsa-malware 54539cce13f7aae0398b444bd30638c4e74ef9546c180e0bfb778aa00be08a30 A...