Lucene search
K

517 matches found

OSV
OSV
added 2026/05/11 11:43 p.m.10 views

MAL-2026-3467 Malicious code in @tanstack/react-router-ssr-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c8db33bfb3bf19b736238a7e0895ecfd856e38c6e86d83f6eee8df6f5c13730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/04/29 2:40 p.m.5 views

MAL-2026-3170 Malicious code in frank-newton3-db-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c57962acb9140cd99fb10338da13df89a6af2a7da30694456df2bc151acd247 The package frank-newton3-db-poc was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/20 6:15 a.m.8 views

Malicious code in turbo-leven (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0903aeeee8de9f8d0b7bae616fb57ef1468d676ff1f319791b54a4c658211b4 The package turbo-leven was found to contain malicious code. Source: ghsa-malware 6a89f53d914eeb23f58756ee338b08701d799e346d6901d2f374bb51e736b2ef An...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/14 12:12 p.m.6 views

MAL-2026-2658 Malicious code in tailwindcss-style-typography (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b625db5a21e8ed06ca7ce3b8d75adeff20b4179dbebe797b13486039aa74d6ea The package tailwindcss-style-typography was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/13 3:14 p.m.6 views

MAL-2026-2577 Malicious code in @b2b-portal/kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fa5c1b32159c7e6dc9c07e663c7f8cf3b3ee24450a33289a1a79589c69906eed The package @b2b-portal/kit was found to contain malicious code. Source: ghsa-malware 20de22d7080860e2c01f3de58d2809af28e543302e49545749666efd4956c23...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/25 2:30 a.m.11 views

Malicious code in chai-patch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b7a1b00f9cf8ff93aebfbb318e0f4da8d56a985a1eca3c305142e708dc6fc55 The package chai-patch was found to contain malicious code. Source: ghsa-malware a5b659f5744d677c50cb63bc98f750071b3db390e25b81a553debdff48ffac6a Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 1:9 p.m.4 views

Malicious code in sbx-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 199f83840bd0dfd9d9e7295134e439e8adec273f9be8477d0ff68b6ec8c491d1 The package sbx-mask was found to contain malicious code. Source: ghsa-malware d04d541813f3f1e2bd2d1c509c5ea3463d64caf433617ab3398e118171f2cc65 Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/23 1:47 p.m.11 views

MAL-2026-2101 Malicious code in sidebar-basket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abd1b121a57bf0b4d96e4f902f6d051ff5b485ab7fc412f8940ce2c294ddb660 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/22 6:13 p.m.7 views

MAL-2026-2046 Malicious code in @emilgroup/document-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a0db55538f4afebec1f08f4cff1689eb866b7d256eeeabebcd2c52862ec3fe7 The package @emilgroup/document-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/22 5:54 p.m.7 views

MAL-2026-2072 Malicious code in react-leaflet-heatmap-layer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2352243757a42dafc23c429819f6693b8f9a56799589414bbb527f35b1f7ed35 The package react-leaflet-heatmap-layer was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/20 4:49 a.m.4 views

MAL-2026-1944 Malicious code in couplus-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/16 10:13 a.m.6 views

MAL-2026-1463 Malicious code in polymarket-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6c5cc93272b23bb8876a4c2f2ce61ec7887bdeb6b89846a0c385022a156c6ca The package polymarket-validator was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.10 views

Malicious code in es6-recommended (npm)

The package 'es6-recommended' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.10 views

Malicious code in transform-es2015-spread (npm)

The package 'transform-es2015-spread' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.6 views

Malicious code in transform-es2015-shorthand-properties (npm)

The package 'transform-es2015-shorthand-properties' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2...

5.5AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 6:48 a.m.7 views

Malicious code in cortana-md-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 686dc6172d061151a94189d41cd564a6127d00f10af75880962a357301ec135e The package cortana-md-bot was found to contain malicious code. Source: ghsa-malware a712b3a56136d272ebf1a688ff9ea1cc572023730622963df1e6e82389177d28...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/10 1:4 a.m.4 views

Malicious code in iron-signals (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 015416030a87f010b10b6babdffd64778563cfccdc5ad2fa610f456be6314658 The package iron-signals was found to contain malicious code. Source: ghsa-malware 2845ee24242fc511c6b3d7ad1fe8ed0ab3feb42f943edae6255d0a72f2b88460 A...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/09 10:44 p.m.8 views

Malicious code in jsonify-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a8aa1030a7553e5aa40c2770df5c5945ccce7110fbe89a5931b7003453aa08d The package jsonify-core was found to contain malicious code. Source: ghsa-malware 15401bad013f01305211dd3ab1307a4ac9383ef3846645fd154ab648ce77e956 A...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/03 6:49 a.m.6 views

MAL-2026-1194 Malicious code in cmc-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7378c3fbef6f6a80690e0834d8bb1b459165cc9b55bc4d2ac2dcc0c1a574983a The package cmc-client was found to contain malicious code. Source: ghsa-malware 5986e6b65452c046e565efac71b9b6ce753244cfb1c7f2d7ce11751a5f827f69 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/03 6:39 a.m.9 views

Malicious code in selfbot-lofy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef24f8180f463b198ff4fea466684c4439a31102aead233f8faa51b587ac0bb9 The package selfbot-lofy was found to contain malicious code. Source: ghsa-malware 1af8492fa4885fa5b969d5ef3947595dffa2f959bb4e1de73b9ca504dec215a8 A...

5.7AI score
Exploits0References1
Rows per page
Query Builder