26 matches found
GHSA-RF6F-7FWH-WJGH vulnerabilities
Vulnerabilities for packages: renovate, langfuse, prism, vitess, eslint...
GHSA-RF6F-7FWH-WJGH vulnerabilities
Vulnerabilities for packages: librechat, arangodb, vitess, langfuse, prism, eslint, renovate, langfuse-fips...
Malicious Package
Overview eslint-config-nlx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-179505
Malicious code in cross-env-atlas-non-blocking-eslint npm...
EUVD-2025-179030
Malicious code in eslint-tardigrade-gammarayburst-cryonics npm...
MAL-2025-186852 Malicious code in eslint-tardigrade-gammarayburst-cryonics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6ba0986e5b3fa90399d98555fce56050736ff52b31ceb2a66250e086fda217 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177836
Malicious code in mineralogy-oauth-eslint-node-sass npm...
EUVD-2025-113799
Malicious code in event-eslint-airbnb-loop npm...
MAL-2025-145224 Malicious code in mutation-ganymede-proxima-eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3528842534dd10aa2d17333987b5c806f6eb520cfd49588cb9f587b849f61014 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-124744
Malicious code in morgan-eslint-config-dione-lint npm...
EUVD-2025-113886
Malicious code in eslint-pipe-rigel-websockets npm...
Malicious code in eslint-config-promise-jest-winston (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59c4f82e6f2157597c61c7da8d74b237bb4130bc06799b25ab24bc0ef47a1d3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-30104
Malicious code in bioql PyPI...
Malicious code in eslint-v9232 (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in eslint-8.23 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d4e01b0c5206bd63f9c05e96300c4f8f6e2f5640c76f4742303f802da707471c The OpenSSF Package Analysis project identified 'eslint-8.23' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-41285 Malicious code in eslint-8.23 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d4e01b0c5206bd63f9c05e96300c4f8f6e2f5640c76f4742303f802da707471c The OpenSSF Package Analysis project identified 'eslint-8.23' @ 99.0.9 npm as malicious. It is considered malicious because: - The package...
MAL-2025-7844 Malicious code in @epc-tools/eslint (npm)
The package @epc-tools/eslint was found to contain malicious code...
Malicious code in accretion-galaxy-accretion-eslint (npm)
The package accretion-galaxy-accretion-eslint was found to contain malicious code...
Malicious code in @epc-tools/eslint (npm)
The package @epc-tools/eslint was found to contain malicious code...
MAL-2025-2464 Malicious code in eslint8_flat_config_mjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea965fc719f78ae7eb9148cb5a4cd65ee8a06887968868fee8558dbff3faff00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...