scraping-eksi (>=0.0.0 <=1.0.1) potentially affected by unknown CVE via limited-parallel-loop (=0.0.0)

limited-parallel-loop NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on limited-parallel-loop and may be impacted: - scraping-eksi =0.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25373...

Malicious code in limited-parallel-loop (npm)

The package limited-parallel-loop was found to contain malicious code...

brick-node (>=0.0.0 <=0.0.17), change-object (=0.0.0) +9 more potentially affected by unknown CVE via pause-function (=0.0.1)

pause-function NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on pause-function and may be impacted: - brick-node =0.0.0, =1.16.0, =0.0.0, =1.0.1 - stream-format =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28923...

change-object (=0.0.0), cli-qa (=2.0.0) +7 more potentially affected by unknown CVE via run-serially (=0.0.0)

run-serially NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on run-serially and may be impacted: - change-object =0.0.0 - cli-qa =2.0.0 - comma-list =0.0.0 - fd-select =1.0.0 - frp-tick =1.0.0 - innkeeper =1.0.4 - limited-parallel-loop...

MAL-2025-25373 Malicious code in limited-parallel-loop (npm)

The package limited-parallel-loop was found to contain malicious code...