383 matches found
org.webjars.npm:adal-node (=0.1.28), org.webjars.npm:canvg (>=1.5.2 <=1.5.3) +14 more potentially affected by CVE-2026-41675 via org.webjars.npm:xmldom (>=0.1.31 <=0.6.0)
org.webjars.npm:xmldom MAVEN version =0.1.31, =1.5.2, =0.7.2, =0.14.0, =0.11.0, =7.14.0, =2.7.0, =2.9.2 and more Source cves: CVE-2026-41675 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16134553...
Malicious code in buildkite-test-collector-jasmine-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6e8247a020880206aa9a5d4eb40d4b1f61cf39245356fd6e91db063d0c14b79 The package buildkite-test-collector-jasmine-example was found to contain malicious code...
MAL-2026-2732 Malicious code in buildkite-test-collector-jasmine-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6e8247a020880206aa9a5d4eb40d4b1f61cf39245356fd6e91db063d0c14b79 The package buildkite-test-collector-jasmine-example was found to contain malicious code...
org.webjars.npm:chai-backbone (=0.9.2), org.webjars.npm:express (=5.1.0) +5 more potentially affected by CVE-2026-4923 via org.webjars.npm:path-to-regexp (=8.2.0)
org.webjars.npm:path-to-regexp MAVEN version =8.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:path-to-regexp and may be impacted: - org.webjars.npm:chai-backbone =0.9.2 - org.webjars.npm:express =5.1.0 -...
org.webjars.npm:chai-backbone (=0.9.2), org.webjars.npm:express (=5.1.0) +5 more potentially affected by CVE-2026-4926 via org.webjars.npm:path-to-regexp (=8.2.0)
org.webjars.npm:path-to-regexp MAVEN version =8.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:path-to-regexp and may be impacted: - org.webjars.npm:chai-backbone =0.9.2 - org.webjars.npm:express =5.1.0 -...
Malicious code in eslint-loop-meteor-jasmine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74c329a482c68f847b5078bc7c6cd99a0df89ac2ee483147aa5ed8810a29dc2c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in koa-higgs-jasmine-wezen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a94744e4363382314160fd2c7e5b498755be2a10ae9e8fa7b684813a28d90a46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179227
Malicious code in dynamo-run-script-jasmine-kuiperbelt npm...
EUVD-2025-175598
Malicious code in webdriverio-jasmine-dione-perseus npm...
MAL-2025-190338 Malicious code in winston-pino-jasmine-jupiter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5379730ea03719315dac34057961525d8cb45f557c9a2a4ad60fa9929dadfc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180052
Malicious code in biosignature-jasmine-solis-promise npm...
EUVD-2025-177522
Malicious code in nova-virgo-jasmine-redshift npm...
Malicious code in winston-pino-jasmine-jupiter (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a5379730ea03719315dac34057961525d8cb45f557c9a2a4ad60fa9929dadfc6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177233
Malicious code in petrology-supercluster-relay-jasmine npm...
Malicious code in nightmare-jasmine-janus-prompts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0fd20f4768df0374f9f8cae260d09775d2e0445ccce5d3ce5630d9857463bac0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175538
Malicious code in winston-pino-jasmine-jupiter npm...
EUVD-2025-175627
Malicious code in wavefunction-parallax-jovian-jasmine npm...
Malicious code in biosignature-jasmine-solis-promise (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b6320a51a6ff5ec4676483ba7f9cfb24e153d3e1ac3ff03e68da55a92a0610f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178345
Malicious code in iota-geomorphology-rate-limiter-jasmine npm...
EUVD-2025-178182
Malicious code in koa-higgs-jasmine-wezen npm...