145 matches found
Malicious code in expo-config-plugin-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b958f45e161e1906f12ed405d9d55379fea59c26416698f3ee264080de98a140 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-4314 Malicious code in expo-config-plugin-typescript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b958f45e161e1906f12ed405d9d55379fea59c26416698f3ee264080de98a140 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview expo-config-plugin-typescript is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
@knocklabs/client (>=0.21.6 <=0.21.13), @knocklabs/expo (>=0.5.0 <=0.6.7) +8 more potentially affected by CVE-2026-32689 via phoenix (>=1.8.0 <=1.8.5)
phoenix NPM version =1.8.0, =0.21.6, =0.5.0, =0.1.0, =0.1.1, =0.1.1, =0.0.2, =0.0.1, =0.0.2, =0.0.1, =2.1.8, =2.4.0 Source cves: CVE-2026-32689 Source advisory: SNYK:JS-PHOENIX-16425773...
@clerk/chrome-extension (>=3.0.0 <=3.1.32-canary.v20260529204536), @clerk/expo (>=3.0.0 <=3.3.1-canary.v20260529204536) +3 more potentially affected by CVE-2026-42349 via @clerk/clerk-js (>=6.0.1-canary.v20260303211310 <=6.7.5-snapshot.v20260421194054)
@clerk/clerk-js NPM version =6.0.1-canary.v20260303211310, =3.0.0, =3.0.0, =0.2.13, =0.2.0, =0.8.3 - tauri-plugin-clerk =0.1.1 Source cves: CVE-2026-42349 Source advisory: OSV:GHSA-W24R-5266-9C3C...
@clerk/chrome-extension (>=3.0.0 <=3.1.32-canary.v20260529204536), @clerk/expo (>=3.0.0 <=3.3.1-canary.v20260529204536) +3 more potentially affected by CVE-2026-42349 via @clerk/clerk-js (>=6.0.1-canary.v20260303211310 <=6.7.5-snapshot.v20260421194054)
@clerk/clerk-js NPM version =6.0.1-canary.v20260303211310, =3.0.0, =3.0.0, =0.2.13, =0.2.0, =0.8.3 - tauri-plugin-clerk =0.1.1 Source cves: CVE-2026-42349 Source advisory: SNYK:JS-CLERKCLERKJS-16347748...
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73fe3bd99e2f11ab8bb09a9086c4dca8af56372031492ed11d90f1e32a0e8f53 The package @lokeswari-satyanarayanan/rn-zustand-expo-template was found to contain malicious code. Source: google-open-source-security...
EUVD-2025-199689
Malicious code in @lokeswari-satyanarayanan/rn-zustand-expo-template npm...
EUVD-2025-199157
Malicious code in expo-router-on-rails npm...
Malicious code in expo-router-on-rails (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92bd7bcf264644e954c78205f555c4b45d42e4e628db37666799375a9a8777f5 The package expo-router-on-rails was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191088 Malicious code in expo-router-on-rails (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92bd7bcf264644e954c78205f555c4b45d42e4e628db37666799375a9a8777f5 The package expo-router-on-rails was found to contain malicious code. Source: ghsa-malware...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198834
Malicious code in expo-audio-session npm...
MAL-2025-190842 Malicious code in expo-audio-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab638e9e692037cc0b74ba589ba0f3986462fcf5310a6ba4418a01fb08c6866 The package expo-audio-session was found to contain malicious code. Source: ghsa-malware...
Malicious code in expo-audio-session (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9ab638e9e692037cc0b74ba589ba0f3986462fcf5310a6ba4418a01fb08c6866 The package expo-audio-session was found to contain malicious code. Source: ghsa-malware...
EUVD-2014-7389
Malware in sbrugna...
EUVD-2025-7968
Malicious code in bioql PyPI...
Malicious code in cooni-expo (npm)
The package cooni-expo was found to contain malicious code...
Malicious code in @zalastax/nolb-_expo-google (npm)
The package @zalastax/nolb-expo-google was found to contain malicious code...