Malicious code in vite-postcss-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0637d37f1a6fc3f427c6a79a64570aa5d30ae202fb9a5a98031c38b4dbc27ed0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6016 Malicious code in vite-postcss-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0637d37f1a6fc3f427c6a79a64570aa5d30ae202fb9a5a98031c38b4dbc27ed0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6013 Malicious code in mooduliop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f1271416f28653d9403bf610aaf03ff8b6c25c715c6c477b4e24a7a0577623d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5999 Malicious code in nodemailer-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92fcb8bbe96410119e865394273d8185c940c7b31957a92fa23e23c4e893ea8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6002 Malicious code in rtp-rapyd (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0a521f8592c35bef558ae1fd9a4f584f1365784b6f3254816e6db8f4592e453 Any computer that has this package installed or running should be considered...

MAL-2025-5997 Malicious code in dex-sample-app (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5833f372bb58f2c3d63ada7d769c410b4464de4c9a0084d3e8f8ecbee863f4f Any computer that has this package installed or running should be considered...

CVE-2025-53644 OpenCV contains a use after free buffer write due to an uninitialized pointer

OpenCV is an Open Source Computer Vision Library. Versions 4.10.0 and 4.11.0 have an uninitialized pointer variable on stack that may lead to arbitrary heap buffer write when reading crafted JPEG images. Version 4.12.0 fixes the vulnerability...

Malicious code in @company-internal/logger (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d0932de39c3f8c9bcb34c9f241df2d154d4659532cfddb67ddd06e283c38c14 Any computer that has this package installed or running should be considered...

Malicious code in ethers3-wallet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8fb5b9e90e4847906036d20312e485929a131f5272106349e82cb2538bb4b7e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5990 Malicious code in xeno-code (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d4584c129d15f1b447b33ff8077afcf4b79d34b44dd6c9752ffa9a028790f9bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5987 Malicious code in rollup-linux-riscv64-gnu (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8a98f596921acebe0065ab2b5beda61f909a0c6595ad8ce2845d1d76a78fb9e Any computer that has this package installed or running should be considered...

MAL-2025-5873 Malicious code in @gdcorp-commerce/cx-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28edf91ea21172ce7f3ff12d49071830bd423ed825a3b22b8e7228e1091cff42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5868 Malicious code in @forge-ui-components/media-player (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3352739bbbfe79ebecd02fae7c7026cc29a1c947649126c59f096d8cd4bbd02 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in affirm-stories (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d272936a4eff29177065edbae96d257f877dfa97b8ccc9f9bef126d0b7552659 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5890 Malicious code in angieslist-office-app-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ef02b48854bea0c3c7e012377ff6e37a2ca9b371c56552ac87a3ec84a8ec098 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in modern-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 551ccc399991abf0310245b17e68d5526426644f1b0e41c7d7d6b1b1286a425f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in apple-keto-acv-gummies (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3431204b738da9726bd553e79f2bdb59fcc81bbb87b633b959947a1d24675da7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5976 Malicious code in white-oganesson (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 59cd363bc35266e8da511b349bb11e84db784a1bbd5fe29148aadb24aaeef2f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5934 Malicious code in lime-thulium (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a907ea9dce24caaae763586a97ec2bbd30c827e3f5dae239e43c2094b535bfc3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in blue-einsteinium (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d29bce29ab50051cea7b565e77089c60c66a34ba8f074b85f8e835a25e8c7f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...