Malicious code in exprss (npm)

The package exprss was found to contain malicious code...

@artemislunapatron/common (>=1.0.4 <=1.0.14), pwp-core (>=1.0.0 <=1.2.4) +1 more potentially affected by unknown CVE via exprss (=0.0.1-security)

exprss NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on exprss and may be impacted: - @artemislunapatron/common =1.0.4, =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-20100...

MAL-2025-20100 Malicious code in exprss (npm)

The package exprss was found to contain malicious code...

@artemislunapatron/common (>=1.0.4 <=1.0.14), pwp-core (>=1.0.0 <=1.2.4) +1 more potentially affected by unknown CVE via exprss (=0.0.1-security)

exprss NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on exprss and may be impacted: - @artemislunapatron/common =1.0.4, =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:GHSA-6QC7-JGQ7-34RF...

Malicious Package in exprss

All versions of exprss typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process wa...

Malicious Package

Overview All versions of exprss typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the...