Lucene search
K

2468803 matches found

OSV
OSV
added 3 days ago4 views

MAL-2026-6643 Malicious code in @reference-web/pmp-i18n (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa9fa64959cdfca9cd71a151253756f0ce40111abc40bdbbfcdab7032796f84e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 3 days ago4 views

MAL-2026-6645 Malicious code in @rmlibrary/formatting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @partner-apps/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91a55f75e5401bc702943c887c3e72fb80f4a7f21bb34f65350fc54aeaf999d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @rakuten-rewards/messaging-sdk-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7fc8243854c9528882d45c044a4a7c7ce2ad94143a84f135b2b98cb536ce2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @sentryx-libraries/auth-interceptor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 774e35b0d1dd89d33c2121f90c2d7c3d6a8ecc7165396d63db9416c03c284250 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @multformats/multiaddr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3ff8f79934c43d48f410746d2fe1a9244365c8bac615e7552dcedbfae15b900 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @rmlibrary/formatting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d9bc486836758abd131ff67787849b4a1b293a61e7b3bfad27fa27cbef6fd33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago7 views

Malicious code in @services-lib/application-http-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f0c35f77748a968c410290c41c1525713b39103edc43ad32d326962c1c300d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in @reference-web/pmp-i18n (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa9fa64959cdfca9cd71a151253756f0ce40111abc40bdbbfcdab7032796f84e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago6 views

Malicious code in @rakuten-rewards/messaging-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5881076c822a732d6344ff3614bf7437722ca46d9d5f5dbdf3105586fa078dd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago7 views

Malicious code in @live-backstage-im/communication-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 3 days ago3 views

MAL-2026-6636 Malicious code in @partner-apps/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 91a55f75e5401bc702943c887c3e72fb80f4a7f21bb34f65350fc54aeaf999d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 3 days ago4 views

MAL-2026-6630 Malicious code in @live-backstage-im/communication-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad217e6f53767b755ad267a2052b4bc35add8ba6cdb6532dfec034c83e3d3426 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 3 days ago7 views

MAL-2026-6641 Malicious code in @rakuten-rewards/messaging-sdk-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7fc8243854c9528882d45c044a4a7c7ce2ad94143a84f135b2b98cb536ce2f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Snyk
Snyk
added 3 days ago3 views

Malicious Package

Overview @gm-rvg/root-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 3 days ago2 views

Malicious Package

Overview @experian-shared/services is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 3 days ago2 views

Malicious Package

Overview @huobi-ui/activity-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 3 days ago3 views

MAL-2026-6622 Malicious code in @gallup/pc-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca755b4cbe794ce9b1389cff974fb13df6325eeb2eb658ca64a7bb7ee734b8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Snyk
Snyk
added 3 days ago2 views

Malicious Package

Overview @finantix/webcomponents is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 3 days ago2 views

Malicious Package

Overview @lexisnexisrisk/insider-threat-platform is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder