66 matches found
MAL-2026-5348 Malicious code in os-ulid-void (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 531ba01f5b5d2442cc8070ae6feec31976f9b67957fa3b0936c2cea7b6034b81 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4846 Malicious code in @service-suppliers/fetch-initial-suppliers-watcher-saga (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e38be804fe779ace5ea3a6a56214beebe7ceabaa5f765b46a0f7888ed2da4fc1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3654 Malicious code in @puppeteer/browsers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a28ea47c2f5a0ac44e0059f5b5f7f0595f6f3d54da32a45478e3fb0b76e7a605 Withdrawn Advisory This advisory has been withdrawn because the malicious package detection was a false positive. This link is maintained to preserve...
Malicious code in apple-internal-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16ae120f182e305f15d778dfe594aa3f79076b93b5bd4be77f293fdf08c5e12a The package apple-internal-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1163 Malicious code in xpack-video-submission (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7775173f0b8d7a6612c5a88940a5e371896db6f065c1b7c94bf87b2fcb6f51a1 The package xpack-video-submission was found to contain malicious code. Source: ghsa-malware...
MAL-2026-737 Malicious code in remark-gfm-v4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3eb645996981f1453b9049a0d97b6f0b6c7ff4cadc29d4ccddd7f48cd65cbb21 The package remark-gfm-v4 was found to contain malicious code. Source: ghsa-malware 10eecf76003bd92639bb172deaa68448c44a5899c772fdcce927765011d807eb...
MAL-2025-192556 Malicious code in cms_comp_static (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e057568833f54e2250c5364e595d7a3046f4eb94f2484b9a0a2236b948cb10f The package cmscompstatic was found to contain malicious code. Source: ghsa-malware 38ce02191cf2d82246d56083ba8f7c2c4c0f14a71060bf8beaea95851f3c7a1e...
Malicious code in @ensdomains/test-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 481ab00e5cd5767ce6cb39bcab250f36dca030dce7d89f8f41b0a2086e1ebdbb The package @ensdomains/test-utils was found to contain malicious code. Source: ghsa-malware...
Malicious code in typeorm-orbit (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1ef9bad1469b974150720a17445c8403c0b0cd2bd2dbb393948afc47f102f95 The package typeorm-orbit was found to contain malicious code. Source: ghsa-malware a8e95331758f44ad97cde664359ec7ba72c0ad0c10caeaf02926a6007d23bb7f...
MAL-2025-190552 Malicious code in chai-type (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dd763492f1ac2f8cf3da33f830d95eb7ea1b0a3c2e2fc03e9b0038dfce25e5c The package chai-type was found to contain malicious code. Source: ghsa-malware a6490275a9d6876c496fa488086d17c0ec0329c4f5f94ee6c061c50fe95c89b1 Any...
MAL-2025-190503 Malicious code in applicationooks21 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d963ea346580a62502bacede10e72568ab2766e2a79256363a3abf50cc3307 The package applicationooks21 was found to contain malicious code. Source: ghsa-malware...
Malicious code in @winstan/vinston (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 701c8532f7235adb3a68d19af65d9a7b583be566885ae32b443bb5789e58ec84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47538 Malicious code in @sev-ui-verse/hooks-and-helpers (npm)
The package @sev-ui-verse/hooks-and-helpers was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1049160f2e90aa1d0d8bffb031d38446873f5a0aac9805e51720e06075e0e582 Any computer that has this package installed or running should be...
Malicious code in str-validator-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cbae0fa7ec3f4325516d97436685965bc1ff6dddaf218710407f697497c579a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @hypervector/hypervector-tbank-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae2dc7f1e6383a12599beba2e8e9b506edafebb226ed53ed821562057b794d64 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in internal-lib-razor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0887160400effb60b7905dc584aa2b213c2c74f7696f2c61b798e64d94ef1fec Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in com.unity.scripting.python (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be82e73674df50f7f47d6c1c4f94d2c17d47e0b4fe889b1d813aef836bd95c98 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @hongfangze/guid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd7220c6bb13c845faf097d4684a1e9ebf6bf2d825956bd8f565b996a804a193 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in depx-contract (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a69e0a710cd2cb5b4880fae8eb37ba76afea9f442c898ab7e528965336f75392 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in opstooling-js-style (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11b3f4ae62b5020e45db0bb5c8c20d6e3ed369a002264afcac1d2ab34476fd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...