Lucene search
K

55 matches found

Snyk
Snyk
added 2026/06/09 2:17 p.m.9 views

Malicious Package

Overview @doaction/mapstore is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2026/06/09 2:17 p.m.8 views

MAL-2026-5372 Malicious code in @doaction/examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361bc047872fceb7885c47404eef734b43ce8e5e7f13554e79d011be6f383339 @doaction/[email protected] declares preinstall: node scripts/postinstall.js in package.json, which requires @doaction/shared/bin/postinstall.js. The...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/09 2:17 p.m.13 views

MAL-2026-5373 Malicious code in @doaction/http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0558fc0fe6ab95434c0f041b1ed88e02039379e9052dbfd3e0faf35a8e8d5d5f Package version 9.9.9 is the canonical version-pinning marker used to outrank any private package during npm dependency resolution. The package...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.14 views

Malicious code in @doaction/sudo-prompt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e989180180ebba42b05f086cda01159058a0a9ccca3c4beb95f3e5a31430dfe6 @doaction/sudo-prompt shares the name of the widely-used unscoped sudo-prompt package but contains none of its privilege-escalation functionality. Th...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.13 views

Malicious code in @doaction/examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 361bc047872fceb7885c47404eef734b43ce8e5e7f13554e79d011be6f383339 @doaction/[email protected] declares preinstall: node scripts/postinstall.js in package.json, which requires @doaction/shared/bin/postinstall.js. The...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/09 2:17 p.m.13 views

MAL-2026-5376 Malicious code in @doaction/rrweb-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6efd52baa69926a32dbac2a3c5eb53c361935e9a3386d2893bf2d7506ab4dfea @doaction/[email protected] is a dependency-confusion / namespace-impersonation package targeting the rrweb session-recording SDK ecosystem. The...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.15 views

Malicious code in @doaction/eventemitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 865100529f6c19b1eff05a47c96abd2d4eb5dba0d4fc0af838c307c816072a20 The package is a thin shim. package.json declares preinstall: node scripts/postinstall.js, which requires @doaction/shared/bin/preinstall.js — meanin...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.12 views

Malicious code in @doaction/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caba10985bd532eb067af52e175856a72552c9b9306895ea9fba9c1083277248 @doaction/[email protected] is a dependency-confusion lure that exfiltrates installer environment metadata on every npm install. package.json declares...

5.6AI score
Exploits0References3
Snyk
Snyk
added 2026/06/09 2:17 p.m.10 views

Malicious Package

Overview @doaction/eventemitter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/06/09 2:17 p.m.10 views

Malicious Package

Overview @doaction/example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
OSV
OSV
added 2026/06/09 2:17 p.m.12 views

MAL-2026-5377 Malicious code in @doaction/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caba10985bd532eb067af52e175856a72552c9b9306895ea9fba9c1083277248 @doaction/[email protected] is a dependency-confusion lure that exfiltrates installer environment metadata on every npm install. package.json declares...

5.6AI score
Exploits0References3
OSV
OSV
added 2026/06/09 2:17 p.m.11 views

MAL-2026-5370 Malicious code in @doaction/eventemitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5221b351f74900764906fd20a62e5c3f390473ed87a1d4fb781e34d3ffd2f623 On npm install, package.json declares "preinstall": "node scripts/postinstall.js", and scripts/preinstall.js unconditionally executes...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/09 2:17 p.m.11 views

MAL-2026-5371 Malicious code in @doaction/example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5632bd1a9818c4a4af54e5297d40c10279d83e702ee5f59fa9bd50c52a33e0bd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.13 views

Malicious code in @doaction/example (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e2df92bb520aefba5bcfa6e3e88b4cbd7da3ea27b121380c17615bcfbab1ade @doaction/[email protected] is a scoped npm package whose package.json self-describes as 'Example package with Datadog environment telemetry for...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:17 p.m.14 views

Malicious code in @doaction/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a625267416db212dbcffcba51a6ac48bd779ccd3760b7ef8f59e6b4905df44e5 package.json declares "preinstall": "node scripts/postinstall.js", which requires '@doaction/shared/bin/postinstall.js'. The package's stated purpose...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/09 2:17 p.m.15 views

MAL-2026-5369 Malicious code in @doaction/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f96ec00bc5ed7192c8483a1b27f2212ce64e5a86f1dc309b66d14ea969de00fb @doaction/[email protected] is shaped as a public-registry shadow of a private internal package: scoped name pattern, inflated 99.99.99 version, and a...

5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/06/09 2:17 p.m.10 views

Malicious Package

Overview @doaction/auth is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/11 8:27 p.m.10 views

CVE-2026-8242

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/10 8:15 a.m.7 views

CVE-2026-8242 Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 8:15 a.m.18 views

CVE-2026-8242

Technical details about CVE-2026-8242 are not publicly available in the provided documents. Monitor for updates from the vendor and security advisories.

6.3CVSS5.2AI score0.00289EPSS
Exploits0References5
Rows per page
Query Builder