14 matches found
EUVD-2026-21146
nimiq-blockchain is missing a wall-clock upper bound on block timestamps...
CVE-2026-40093
The CVE describes a wall-clock upper bound omission in Nimiq’s block timestamp validation for the nimiq-blockchain Rust implementation (1.3.0 and earlier). Specifically, non-skip blocks enforce timestamp >= parent.timestamp and skip blocks enforce timestamp == parent.timestamp + MIN_PRODUCER_T...
MAL-2025-189560 Malicious code in soap-weywot-robotics-on (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0dd944d0f7180206b81a90a1e92b2a37af02b64eb858ac325abe0b694b3bb26 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oloc-yg-uthi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 419656e30a34414d961680d45e8df5c828e689c595d4b4a9680af7a57b701960 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-173723 Malicious code in butauahur-asofui-dspifh (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0437021eac60be7ecf8af1498caf988df421972ad4a6706d516f585349aeb182 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-171147 Malicious code in emilydavies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32e2fa107499c755b63d9970369868805efb3dfe4c62a41c2b236843d82bacf7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148259 Malicious code in standard-schema-ophiuchus-cors (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c0e4548d0345c3c25e6d215a91cfcfd790bd26b81d2ff925912297004814b30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-127839 Malicious code in joni-rujaksoto52-wekto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b539bb2e9a873fa3b94278ccafd64dd5a6c82f9b099b92bf1bb1db76b5842db1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in erwin-tumis51-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8c60d9760877700438b3633b64c460b76c0d412c66a4b8901507c9f4ecd354 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-119780 Malicious code in erick-nasisayur74-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 787cf0e79ac049478f5e666b278648377cfd784979089c3f52e04a1becbae563 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-116059 Malicious code in noisy_lemming_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfa216ad06d88fa8bbcc616a6f69c5d8d025f6b01cf39628af652b05cef0ae2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lisa-getas75-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cc3c1a0fb42ad488a9d58a8ce54bad48e11af452b32ee719f69cd7cd1fe3bef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lutfi-klipo8-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e2ecff947a6050e5ae3b5511a753f6e62577708b5feec07b60bab61378d18ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in maman-getas35-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a390957ec92ed70d272ec90f366a9692d45e7f9f0ae6947507d954880215052 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...