EUVD-2025-179693

Malicious code in cluster-volcanology-eslint-plugin-singularity npm...

Malicious code in eslint-plugin-chai-lacerta-quasar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5ac9c2490e31cd01f911ada3fe41b454765bdacb067fe04d3d6dd4851be3643 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-114610

Malicious code in deimos-lint-mini-css-extract-plugin-kastra npm...

EUVD-2025-111900

Malicious code in kronos-apollo-changelog-eslint-plugin npm...

EUVD-2025-112973

Malicious code in halley-eslint-plugin-google-phoenix npm...

EUVD-2022-1944

Malicious code in bioql PyPI...

EUVD-2022-2243

Malicious code in bioql PyPI...

CVE-2025-57754 eslint-ban-moment exposed a sensitive Supabase URI in .env (Credential leak)

eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In 3.0.0 and earlier, a sensitive Supabase URI is exposed in .env. A valid Supabase URI with embedded username and password will allow an attacker complete unauthorized access and control over database and user data. This could...

Malicious code in @amber-team/eslint-plugin (npm)

The package @amber-team/eslint-plugin was found to contain malicious code...

MAL-2025-7734 Malicious code in @crimson-team/eslint-plugin (npm)

The package @crimson-team/eslint-plugin was found to contain malicious code...

CVE-2020-2262

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

Malicious code in eslint-plugin-internal-playwright (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1777e495156cf7146557c4b12278bbf9af5efe01c047f211bda8e66eb5503f8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-28X9-HC4P-9VH2 Stored XSS vulnerability in android-lint Plugin

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

Stored XSS vulnerability in android-lint Plugin

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

CloudBees Jenkins Android Lint Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

CVE-2020-2262

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

CVE-2020-2262

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

Cross site scripting

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the plugin's post-build step...

CVE-2020-2262

CVE-2020-2262 affects Jenkins Android Lint Plugin versions 2.6 and earlier. The issue is that the plugin does not escape the annotation message in tooltips, causing a stored XSS vulnerability when an attacker can provide report files to the plugin’s post-build step. Impact is stored XSS in Jenkin...

CloudBees Jenkins Android Lint Plugin Information Disclosure Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Android Lint Plugin is used in one of the Android static Android Lint...