Malicious code in lithosphere-geodynamo-mui-robotics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c10ad1c51b342754b3c72b5ab819bf08c026d3d4c5c7ec336dbbd9e69f047888 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-111981 Malicious code in holy_anaconda_harlequin-26 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4db3d31271af39aa323080b6978374e058bb43b641c02a5b82f1498c8f44c68c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in utomo-kemplang17-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c17b39f931c7b05cf993a34bd815c4f5a341780368616c6c023a602ba71c1e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-65002 Malicious code in radical_loon_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0b0e336653d31bee75593d10c84785b17112b349d72462c33127fb8d6bc2ddc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2018-12546

In Eclipse Mosquitto version 1.0 to 1.5.5 inclusive when a client publishes a retained message to a topic, then has its access to that topic revoked, the retained message will still be published to clients that subscribe to that topic in the future. In some applications this may result in clients...