MAL-2025-4797 Malicious code in @loybung/emoji (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b93520f6920db8156f89701cab5337d1aeb0421b6e8d4a598896dd12b78aad06 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3792 Malicious code in middy-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2680c1b38c5fec59b6d12311259c4f6af0119a326ab6f798afe61497f8ce2744 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1446 Malicious code in weex-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3463fb43413f5f55fea549cc0240a5b8e3726099081d9d9379f10c772591d870 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1406 Malicious code in coinw-main (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3fa00c723741623254392df4efea8cb1992992ec41b9cbd448a7d3b478759cb8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-26317

In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINTATINFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection...

MAL-2024-12003 Malicious code in meu-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e353f941edf7dd059abeaa51d5917deb104c737b659e3efdd3ebaf4e5ad8b18b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11061 Malicious code in operation-server-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 562d8b7d5fca6f14e6a57f77567f7fbb054ae76c5e77c760fc622107d046bd88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10947 Malicious code in tetther (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0fe50db74634f51e1891c210282fbddafd5232a78124822bc40007cc286a7dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10608 Malicious code in bitcore-mnemic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a72a50d12427111f0b683bda37a019abbeeee63bc70ac6278b220df90b87991 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10530 Malicious code in web3-toekn (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53b34b72b8ff8d01e0d648851125a64aec37c620314f8895fea14db88514aac9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9461 Malicious code in git-commit-message-convention (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94d09a62681923adfe2316c61633ccb26eeaa743e0350118824ffd40bb4c038c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8775 Malicious code in hwueoir (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a61bb143d23079ed74f5ec95f7653175efb08a0098c177bb96cff7a2773777f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8331 Malicious code in @diotoborg/explicabo-vitae-velit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 094d83d051dce82ca443c4514f0e69d45a1462720580a4fa33ae7a19cf39f69b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8652 Malicious code in @diotoborg/temporibus-dicta (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df148adc844e8bdab353a4ff4ba1b8ae891eb2d3cb6e375dae862e35059eafcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8508 Malicious code in @diotoborg/omnis-necessitatibus (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e408c7456f60e6aec51cbc88126c238e83a8360ec9c7ba1d1afa12d24ec51e90 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8488 Malicious code in @diotoborg/occaecati-porro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5e777faebf47bc26816539986c6201c0bed936306739e2a2fe207a15b5a4b9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8092 Malicious code in xhjxhjmilo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eeb4f42537fd788cee33d67ffab5c8b404c6d6525b19d2aa29781cc131e1a05a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7435 Malicious code in carousal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5390d19342c9cb8e78126b1968ed21b16cab8b998018d119687a7d27e9cde72b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7215 Malicious code in @zitterorg/fugit-odit-fugiat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0aac1efba4a0cd6714c50de7989f3e1da7329d3358e0172881655617f86b3d93 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1595 Malicious code in blueprint-org-planning-app-adp-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ce904784ecde9ca4b860730c45d27dbca01912380066fe5415b10d3f17f0af8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...