487 matches found
@bassist/eslint-config (>=0.3.0 <=0.5.0), @bassist/oxc-integration (>=0.1.0 <=0.2.0) +7 more potentially affected by unknown CVE via @lint-md/core (>=2.0.0-beta.14 <=2.0.0)
@lint-md/core NPM version =2.0.0-beta.14, =0.3.0, =0.1.0, =2.0.0, =4.1.0, =1.1.0, =1.19.7, =1.1.0, =1.0.0, =1.3.4, =1.3.5 Source cves: unknown CVE Source advisory: SNYK:JS-LINTMDCORE-16755005...
@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2026-23870 via react-server-dom-webpack (>=19.0.0 <=19.0.1)
react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...
Malicious code in eslint-config-service-users (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4e2d9cbfd1dc174c6898b4375b8d4417da80c535833d43c5a4ae977252e9269 The package eslint-config-service-users was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2066 Malicious code in @teale.io/eslint-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 284588dababf2ba34a063a6b82abf5443b1636ece9f11895620ab5bab1e6b515 The package @teale.io/eslint-config was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2068 Malicious code in eslint-config-ppf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cc85236d3cad46c2333a3252ffd8e3b96ae35f96a4ea2a4cb801d17c4e07390 The package eslint-config-ppf was found to contain malicious code. Source: ghsa-malware...
Malicious code in eslint-config-ppf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cc85236d3cad46c2333a3252ffd8e3b96ae35f96a4ea2a4cb801d17c4e07390 The package eslint-config-ppf was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview @teale.io/eslint-config is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
Malicious Package
Overview @saferpay/eslint-config-base is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2026-792 Malicious code in @meli-lint/eslint-config-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8f8e866ee1edded4e092e1ece0dac9fae771a6870cc053bcfe711d56d77b1e4 The package @meli-lint/eslint-config-base was found to contain malicious code. Source: ghsa-malware...
Malicious code in @meli-lint/eslint-config-tests-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 132488198f2cf5f0c73a4f6dd4d766162d9ef2bae156055d07c84b60e3e7b26d The package @meli-lint/eslint-config-tests-jest was found to contain malicious code. Source: ghsa-malware...
MAL-2026-793 Malicious code in @meli-lint/eslint-config-base-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4086f80598ff1b89ade2e3e2efb54b1a60f19cdc764415d7d52738252eb98f77 The package @meli-lint/eslint-config-base-ts was found to contain malicious code. Source: ghsa-malware...
Malicious code in @meli-lint/eslint-config-base-ts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4086f80598ff1b89ade2e3e2efb54b1a60f19cdc764415d7d52738252eb98f77 The package @meli-lint/eslint-config-base-ts was found to contain malicious code. Source: ghsa-malware...
MAL-2026-794 Malicious code in @meli-lint/eslint-config-tests-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 132488198f2cf5f0c73a4f6dd4d766162d9ef2bae156055d07c84b60e3e7b26d The package @meli-lint/eslint-config-tests-jest was found to contain malicious code. Source: ghsa-malware...
Malicious code in eslint-config-nlx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9a74a6c52535673292fbe7e0b1b58a412da2ba3ebd7a06dd21e944f40bb22a9 The package eslint-config-nlx was found to contain malicious code. Source: ghsa-malware...
Malicious code in eslint-config-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3747d49c7b72e1659dde0b66b3e7b95bd198fc6a8f8f37d9a7a1bc2fc76dd54 The package eslint-config-stitch was found to contain malicious code. Source: ghsa-malware...
MAL-2026-688 Malicious code in eslint-config-nlx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9a74a6c52535673292fbe7e0b1b58a412da2ba3ebd7a06dd21e944f40bb22a9 The package eslint-config-nlx was found to contain malicious code. Source: ghsa-malware...
MAL-2026-689 Malicious code in eslint-config-stitch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b3747d49c7b72e1659dde0b66b3e7b95bd198fc6a8f8f37d9a7a1bc2fc76dd54 The package eslint-config-stitch was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview eslint-config-stitch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...