Lucene search
K

550 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 10 hours ago4 views

Malicious code in abuden222 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c141ada78ccdede0bb49a76d998fcf07eb4cc60c58cce5fdc1b5933b85a817d The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 10 hours ago4 views

Malicious code in abuden217 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42fce03517a0e7a241f99d0ce806a5bb90a4f70b083a2997c80868f3bc37d4b4 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added last week6 views

Malicious code in sleek-pretty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba44435dd6e0686c11ff8a9e27c60eef2f2fbdbcdbd0c3936d1f07cc78d38090 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 2:10 p.m.6 views

Malicious code in terminal-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8c7e821d2559361693f75e32b42a5e7a0eef5d99c723d0e35b06f12fd91e9600 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 4:50 p.m.9 views

Malicious code in @huobi-ui/activity-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2dc07679f0c801fbb465a2502687e29ed687871964c5d84c0dd5f2b7f94e8ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 4:11 p.m.9 views

Malicious code in @muaththir/api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66954b91179d60bfbf1c18e8ed8ed9e6b12ab7b13bc6ab2a4174c3bf063c2c0a On npm install, the package's preinstall lifecycle hook runs node index.js, which collects host identifiers os.userInfo.username, process.cwd, Node...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 3:13 a.m.12 views

Malicious code in @mastra/clickhouse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea737d5664a4642538e7e34488a6b0a8df3156828a62e33ada84544a33b214b5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 1:34 p.m.14 views

Malicious code in solidity-abi (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d00c844413b4c809e5d57d1952a17f67f2c72324fd379c91d5fdd8aa3fdd9da9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 9:5 a.m.12 views

Malicious code in ts-schema-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d68e7e22dfa399a34405dd3c5824b27aa46ef7773d2bad7b4b698c77f17ccf1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 8:47 a.m.13 views

Malicious code in motion-ui-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ddce58f1bde22bf0563aee5f71aefe48c82ad61076557935bf8fff16eb9df3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/23 10:18 p.m.13 views

Malicious code in @gbrlxvii/ts-project-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ccd044c036fa133a25ae5988694388a63c47a5edcf58c36d1dad610b8d1194a0 The package self-describes as a TypeScript linter but on require silently loads lib/perf.js wrapped in try/catch in index.js which performs...

5.9AI score
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 3:49 p.m.10 views

Malicious code in sol-coverage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6ac3d8c51b3f87a97b7b9724145b73d894fc4027da14122aea3eb6d51bfb671 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/12 3:40 a.m.9 views

MAL-2026-3589 Malicious code in nextmove-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df7f916a0e0b35995c3bb3ad68e6686d75a52472172d505eee44bf060e54c105 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/04 1:43 a.m.9 views

Malicious code in pi-exa-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75549c181fe30d370fa436cfe9a04d0df8fa0270b0d022bd5e69b780fc5c10ea The package pi-exa-mcp was found to contain malicious code. Source: ghsa-malware 8b7369c9538e4cea56d92cc659b74b1243d5fd03b619c23d32a85c21b5c8981a Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/15 2:19 p.m.4 views

MAL-2026-2690 Malicious code in @pnc-ref/harmony-support-v18 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c6a47dfcf980f2cd22ec066b1f85f003d7001a45e28ee6a5541e4b18e5edc5 The package @pnc-ref/harmony-support-v18 was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/31 6:13 p.m.14 views

Malicious code in @c8o/nimbus-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8225c79aa127203c225df747705db370e11cfae184af100a063b2dfa4eb20eb8 The package @c8o/nimbus-core was found to contain malicious code. Source: ghsa-malware 23fd3197db4264e7b8ef6d65380e017c5b205b46a8e732df586feffcf3c7c7...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/24 1:31 p.m.8 views

MAL-2026-2129 Malicious code in express-session-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3beac16c32c8776482bafbb2ad95b50b7b18bf6e93fbf712238f60a4d7ae363d The package express-session-validator was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/23 1:47 p.m.8 views

Malicious code in falcor-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9785eb8c1ddee20b09854389d561efd036035d846771b120bb4d7c412816f19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/22 6:14 p.m.7 views

MAL-2026-2051 Malicious code in @emilgroup/insurance-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc13f3218d4cac889a3d7c9d646430c04959f242c5c6cb593d3a31f84baa7a4 The package @emilgroup/insurance-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 6:11 p.m.8 views

Malicious code in @emilgroup/accounting-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81b18ede5b5fb4b02a83fa00e0ee9bed39f2a9aa04a952734abf0022f00f7bf4 The package @emilgroup/accounting-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
Rows per page
Query Builder