@lessondesk/schoolbus (>=3.0.43 <=5.2.1) potentially affected by unknown CVE via @tiaanduplessis/react-progressbar (=1.0.0)

@tiaanduplessis/react-progressbar NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @tiaanduplessis/react-progressbar and may be impacted: - @lessondesk/schoolbus =3.0.43, =5.2.1 Source cves: unknown CVE Source advisory:...

@lessondesk/schoolbus (>=0.0.0 <=2.2.27), @radio-retail/ui (>=0.1.1 <=1.3.1) potentially affected by unknown CVE via just-toasty (>=1.4.0 <=1.7.0)

just-toasty NPM version =1.4.0, =0.0.0, =0.1.1, =1.3.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191115...

Malicious code in @lessondesk/schoolbus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c14a4cce7a095ba23b1ec9898ad654afc8e736c94cf26a1b8c15aa123973fe9 The package @lessondesk/schoolbus was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199170

Malicious code in @lessondesk/schoolbus npm...

MAL-2025-191032 Malicious code in @lessondesk/schoolbus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c14a4cce7a095ba23b1ec9898ad654afc8e736c94cf26a1b8c15aa123973fe9 The package @lessondesk/schoolbus was found to contain malicious code. Source: ghsa-malware...

MAL-2025-191031 Malicious code in @lessondesk/react-table-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20317dcad4fb59dc30bb24ed5e1305a81ca00e753ffb0432f71dd107636d0516 The package @lessondesk/react-table-context was found to contain malicious code. Source: ghsa-malware...

Malicious code in @lessondesk/react-table-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20317dcad4fb59dc30bb24ed5e1305a81ca00e753ffb0432f71dd107636d0516 The package @lessondesk/react-table-context was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199174

Malicious code in @lessondesk/react-table-context npm...

EUVD-2025-199176

Malicious code in @lessondesk/material-icons npm...

Malicious code in @lessondesk/material-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 124d8e4d2ba731e6a005fd1c68c60af6629b037c8c121d0468394110d2f98103 The package @lessondesk/material-icons was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199177

Malicious code in @lessondesk/eslint-config npm...

EUVD-2025-199178

Malicious code in @lessondesk/electron-group-api-client npm...

Malicious code in @lessondesk/electron-group-api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac0a3fb5a82613479f65dbe89f633c1db69447886fc383477e3e4ae4a31be1ad The package @lessondesk/electron-group-api-client was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199180

Malicious code in @lessondesk/babel-preset npm...

EUVD-2025-199181

Malicious code in @lessondesk/api-client npm...

MAL-2025-191026 Malicious code in @lessondesk/api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c812dd964064f404443160aac0a9fddb5dccef95ecfb131a074fcf7176bd49f The package @lessondesk/api-client was found to contain malicious code. Source: ghsa-malware...

@lessondesk/schoolbus (>=3.0.43 <=5.2.1) potentially affected by unknown CVE via @tiaanduplessis/react-progressbar (=1.0.0)

@tiaanduplessis/react-progressbar NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @tiaanduplessis/react-progressbar and may be impacted: - @lessondesk/schoolbus =3.0.43, =5.2.1 Source cves: unknown CVE Source advisory:...