CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD-2025-114906

Malicious code in cosmos-commitizen-quito-orbit npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in hugo-io-commitizen-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b14422502a986da3f3e8a3e58d27382f380fdb312eedf3d04e62baee24a4dcd4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-115181

Malicious code in commitizen-concurrently-fomalhaut-orbit npm...

EUVD-2025-122373

Malicious code in run-script-nconf-hermes-commitizen npm...

EUVD-2025-111849

Malicious code in leda-convict-commitizen-cassini npm...

MAL-2025-144419 Malicious code in link-passport-prettier-plugin-markdown-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 997cbb9644d6e2a6ea49c021e47526c36a9c49d25715d531b0e999691733fd1a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145320 Malicious code in nconf-janus-commitizen-socketio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce5c0a3964cbb5df915e60a77fb981005314339b39767d8b59181c63a6791732 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141203 Malicious code in cosmos-commitizen-quito-orbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d396766edb0e28e3c059fe2e8744a122fa7919dcec485819019662e51aa0af36 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-140944 Malicious code in commitizen-style-loader-ursa-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55d2ebc38705a078126552608b320280b5a60874c5f00b2dc23be6eef2c6a79e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•0 views

MAL-2025-145738 Malicious code in oauth-yonder-galaxy-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1d70ded952f8de2ce371bb5f64f977cd19dff957f0d3a4a8ca34c1c3a1bac7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-148163 Malicious code in spica-json-umbra-commitizen (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e26370197219e71a02c3263fecd9518f07a236ae4b30c53a4642cb3efe432a77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-115169

Malicious code in commitizen-rimraf-figures-phoebe npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in commitizen-cache-spawn-vega (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a0ef65d7296351d71c06f748a304a64aa2e5ce87ebd5092bc4ab6d793f938de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-115161

Malicious code in commitizen-ultra-event-dotenv-parse-variables npm...

EUVD-2025-115166

Malicious code in commitizen-spectron-webdriver-resolvers-sirius npm...