brick (=0.0.0), bud (>=0.0.0 <=0.1.2) +16 more potentially affected by unknown CVE via first-val (=0.0.0)

first-val NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on first-val and may be impacted: - brick =0.0.0 - bud =0.0.0, =0.0.5, =0.0.0, =0.0.0, =0.0.7, =0.0.9, =0.1.0, =0.0.0, =3.1.1, =0.0.0, =0.0.4, =0.0.0, =0.0.2 and more Source cves...

Malicious code in first-val (npm)

The package first-val was found to contain malicious code...

MAL-2025-20604 Malicious code in first-val (npm)

The package first-val was found to contain malicious code...