Malicious code in frontegg-nuxt-example (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1dfeb24eb6c59e883dded7166ce9ff73fb43ab8352fcc2a154f86c7bf96be5e8 Any computer that has this package installed or running should be considered...

Malicious code in zoro-gep-sdk (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31a52e159d0a3693023b3ef06e39e833dd2b2edbd49add25009006ba7800df90 Any computer that has this package installed or running should be considered...

CVE-2025-45055

Silverpeas 6.4.2 contains a stored cross-site scripting XSS vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when viewed by an administrator, executes embedded JavaScript in the admin's session. This allows attacker...

Malicious code in payu-ui-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cf0aeb232e5fb73a346852b81510521a06efd6f05c9b7760e6c13b3644abe68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in kubernetes.io (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 00f207ddd7d4909824d1a01b502b9d29b27380e31b9b410162ed5381de2fae41 The OpenSSF Package Analysis project identified 'kubernetes.io' @ 1.0...

Malicious code in c2pa-js (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8983a214dc0d52693f13d8a50f2e5d171641b4b847ce37ea539b48f94971e5e0 Any computer that has this package installed or running should be considered...

Malicious code in www-cfg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8e83ae0e09d965d0daf4532cb29c1b79698d342dc5afb338632d224d1f2706cc The OpenSSF Package Analysis project identified 'www-cfg' @ 1.0.2 npm as malicious. It is considered malicious because: - The package communicat...

Malicious code in lazy-logrocket (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35d13ebfd82c66db49337a0483da4a0c5460498a2a1a5941e45f1b44f05a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in virtru-private (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60777031b508b2b27184e7bcdd9afb52ab3ca2e19bda0d7d4dee9333e7ff1190 Any computer that has this package installed or running should be considered...

Malicious code in launch-darkly-provider (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6696ff99444d08a99f63e53ce846b37cf11486968604779920e29d8ca0185d08 Any computer that has this package installed or running should be considered...

Malicious code in virtru-design-params (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2c17dc3a9d15ee9a1acba1ea2eac04dd9544e09908d2014fcb8b9c689ba07c29 Any computer that has this package installed or running should be considered...

Malicious code in checkout-sparse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f5576b93b0dbfc8f72fa10da0b8b43e6ba0e801c71d51807996063ee1f73f84 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in rosetta-primitives (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 066c537cf24b296d35abde5f38191e4f60c82f7bd0583997251e70bdb2c21052 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in helloworldmyworld (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ea11c9b6eb65ebdd9deee023e1154599bc86dce39350a49b2589c88f7dce2b31 The OpenSSF Package Analysis project identified 'helloworldmyworld' @ 1.999.2 npm as malicious. It is considered malicious because: - The packag...

Malicious code in is24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1781ddf04bb479bb1a5178f987729c525417b1cc220c1be7fefbd9f86ccc7a23 The OpenSSF Package Analysis project identified 'is24' @ 9.9.9 npm as malicious. It is considered malicious because: - The package communicates...

MAL-2025-4611 Malicious code in is24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1781ddf04bb479bb1a5178f987729c525417b1cc220c1be7fefbd9f86ccc7a23 The OpenSSF Package Analysis project identified 'is24' @ 9.9.9 npm as malicious. It is considered malicious because: - The package communicates...

Malicious code in @seo-frontend-components/blog-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 38bc78437090a04d89a5116ac7ad94f3821cfd50c08d81f48528c53e26b6da96 The OpenSSF Package Analysis project identified '@seo-frontend-components/blog-schema' @ 1.999.0 npm as malicious. It is considered malicious...

Malicious code in @seo-frontend-components/card-blog-carousel-mobile (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1eaa599a9c0235a5d52b5534f4177883c03e7ae19496ef98593fadfc3a7ccef8 The OpenSSF Package Analysis project identified '@seo-frontend-components/card-blog-carousel-mobile' @ 1.999.2 npm as malicious. It is considere...

Malicious code in @fmr-pr103625/apex-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 87f7d6eefb4242b16b30fbedd12103828145a5d82610917904a48a2ee5b1f063 The OpenSSF Package Analysis project identified '@fmr-pr103625/apex-core' @ 1.999.2 npm as malicious. It is considered malicious because: - The...

Malicious code in @cat-ecom/pcc-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 96cbe81d68d4bf1046012598de37b5dcef6f28b3ce01653ab29b3405b359d30e The OpenSSF Package Analysis project identified '@cat-ecom/pcc-components' @ 99.99.99 npm as malicious. It is considered malicious because: - Th...