34 matches found
MAL-2026-819 Malicious code in json-mapping-sources (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77824e69a815d8ac27a50bb52fa0a39fe2c7e512e6597d3aefd500b0eae847e8 The package json-mapping-sources was found to contain malicious code. Source: ghsa-malware...
Malicious code in rxjs-angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a3493cee8ab4bb7f4b656ed430193cea7d26bd53c7c124c9eeda99cf31ef7f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in solarpeng_node_eval (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d1e85f15a5e94e61b12759aeb924685d04a4755d7de2f57df2a81ba1c8cd549 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47538 Malicious code in @sev-ui-verse/hooks-and-helpers (npm)
The package @sev-ui-verse/hooks-and-helpers was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1049160f2e90aa1d0d8bffb031d38446873f5a0aac9805e51720e06075e0e582 Any computer that has this package installed or running should be...
Malicious code in newrelic-pixie (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16c7baf5c47666c1407211c9fb57ede68cd4a7eea34bd8e591af32fd24c11f5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mcp-server-everything (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 263d07d53076b8ca1efe56fcd69d4a4e3c6d6a496b6086a03b8bafb8ae58900c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in soundcast (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 379b1dd8b190afa55771e449b6c9e079ab30456e18816ffc30f20d8252a07932 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @balajih4kr/postcss (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29b83a8b5260357625ba9fad6ee0649e25c265bd0127fe1a27f9130777766e6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-plugin-esm-import-extension (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 769b40ee6390325702297fd5566f36d41bba67cb00a7bd3dbbb369801bc409b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in middy-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2680c1b38c5fec59b6d12311259c4f6af0119a326ab6f798afe61497f8ce2744 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in com.unity.rendering.light-transport (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fc9f46e39b3f3be7d09553ea71c7f7f3611b95a6cca1730f90f7094dda0ad54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in com.unity.scripting.python (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware be82e73674df50f7f47d6c1c4f94d2c17d47e0b4fe889b1d813aef836bd95c98 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in poc-sim (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bc002dd617428d821e25cfa749908affae826cf40db7db85821cb7e344418ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rct-centered-text (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dc6a8e05244932d5a9c6a3e845c59c4313f962558c160bf03c579325473646d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/ullam-neque-voluptates (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 206aa477c95775264ca34e824a6b56da2f94b6e1592b395003f7ca3f1bbb3361 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/facilis-nihil-quae (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfd54cacc89e540b79cd9a88406fd35ee1bf1c6fce9ff31175f27bd203848a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @diotoborg/aliquam-fugit-culpa (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ef1648286cec9d589994019dcd70d5ca65051707ed2fe7f71afc5ecae94ef9d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dwt-runner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71538fff3798a2b42ad1f28f2cbd053e501b0e143b563f0334e005a1ed152e24 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ai-chatbot-starter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af9d2068c841a174507d461d5d7113108623c8d971ee140701fe429feaf8e83c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-cache (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6192027c3576f1efb2bbd06fa525cab0ca4115483f0e8df0a0d2c93f60b24a71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...