Malicious Package

Overview h-jsencrypt is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

EUVD-2026-4517

Malicious code in h-jsencrypt npm...

MAL-2026-495 Malicious code in h-jsencrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...

Malicious code in h-jsencrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...

RuoYi 安全漏洞

RuoYi is a backend management system for individual developers of RuoYi China. A security vulnerability exists in RuoYi 3.8.9 and earlier versions, which stems from an incorrect operation of the files ruoyi-ui/jsencrypt.js and ruoyi-ui/login.vue that results in sensitive information being stored ...

Insecure Random Number Generation

jsencrypt is vulnerable to insecure random number generation. It is insecure because it generates predictable random numbers using Math.random rather than using a cryptographically secure random number generation...