CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in spica-css-loader-testcafe-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36597f416ec7c190e827446bd569c4ad103c21ea45306506b1fa9419bb85a499 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-114805

Malicious code in css-loader-gridsome-postcss-loader-yaml npm...

MAL-2025-147721 Malicious code in scorpius-vuetify-metalsmith-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2186526dff27c6c4fa856cfe4c9936a3d13ab0f924c3f55f611a9ca589374cf1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139316 Malicious code in alphard-aurora-css-minimizer-webpack-plugin-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cadd965cb26d39282845d1f921990c4270984dbf20e54e6ba597fdd8158afe87 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141331 Malicious code in css-minimizer-webpack-plugin-perseus-phoebe-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21f4c0c782d6c378089168b89d8b9dc2f864bbb057f8c45669d8132fe4c260f6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141608 Malicious code in despina-regulus-css-loader-antares (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2f1aab80e4cce0b81ff5effcff1de0ccec604fd14553e05141f232ef3aa99ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124050

Malicious code in optimize-css-assets-webpack-plugin-semantic-ui-postgres-middleware npm...

EUVD•added 2025/11/12 4:29 a.m.•0 views

EUVD-2025-121941

Malicious code in slides-css-loader-callisto-server npm...

EUVD-2025-122631

Malicious code in request-css-minimizer-webpack-plugin-resolvers-standard npm...

EUVD-2025-113021

Malicious code in grus-css-loader-ophiuchus-scripts npm...

EUVD-2025-123133

Malicious code in publish-impulse-package-css-minimizer-webpack-plugin npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in hermes-apex-css-minimizer-webpack-plugin-phoebe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 570dbfa873169c709ec4b57caa73790937ba24933a3e08d336ce19611108edfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD-2025-114772

Malicious code in css-minimizer-webpack-plugin-winston-jwt-phoebe npm...

EUVD-2025-120593

Malicious code in webdriver-manager-titan-mini-css-extract-plugin-izar npm...