Lucene search
K

46 matches found

RedhatCVE
RedhatCVE
added last week5 views

CVE-2026-55697

A flaw was found in pnpm, a package manager. A remote attacker could exploit this vulnerability by crafting a malicious repository that declares a configDependency in its pnpm-workspace.yaml file. When a user installs packages from this repository, pnpm improperly treats the declared dependency a...

8.8CVSS6.6AI score0.00127EPSS
Exploits1References4
Snyk
Snyk
added 2026/06/11 9:0 p.m.11 views

Malicious Package

Overview @solana-labs/spl-toke is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/06/10 1:34 p.m.12 views

Malicious Package

Overview solidity-abi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/05/29 10:54 p.m.9 views

Malicious Package

Overview @cloudplatform-single-spa/dataplatform-trino is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/29 10:9 p.m.9 views

Malicious Package

Overview hardhat-evmchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/25 8:52 a.m.15 views

Malicious Package

Overview chai-as-redeploy is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/22 2:43 a.m.22 views

Malicious Package

Overview credential-verification-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/22 2:43 a.m.17 views

Malicious Package

Overview python-env-auditor is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/05/04 3:2 a.m.8 views

Malicious Package

Overview @m0ntana/app.web is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/04/15 2:59 p.m.8 views

Malicious Package

Overview tether-wrk-base is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/03/26 12:52 a.m.8 views

Malicious Package

Overview validator-lut-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/25 1:54 a.m.5 views

Malicious Package

Overview @rexxtheproject/elaina-libsignal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 4:35 a.m.9 views

Malicious Package

Overview spstargm is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 4:32 a.m.6 views

Malicious Package

Overview decode-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/16 2:49 p.m.4 views

Malicious Package

Overview n8n-nodes-format-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/12 5:13 a.m.4 views

Malicious Package

Overview kinggupong is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 2:18 p.m.2 views

Malicious Package

Overview aaaaaxxxxx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.11 views

Malicious Package

Overview sap-autofix is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.10 views

Malicious Package

Overview mhnumjp is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/03 6:32 a.m.4 views

Malicious Package

Overview fps-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder