32089 matches found
MAL-2026-616 Malicious code in c11dff444 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d47b3f981fe050f2eab507069b880d1c47c4107c28eba0d1a16010400a249ad The package c11dff444 was found to contain malicious code. Source: ghsa-malware 437d8651f7d884d1905e0d01e2accffb3fcce5408fc4a6b0ef2ca6c37f0bade4 Any...
Malicious code in n8n-nodes-gg-udhasudsh-hgjkhg-official (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f177f9d8bad0a259983bc9f3e0880c59ee120b1e686e3f10b490ab0527beec3 The package n8n-nodes-gg-udhasudsh-hgjkhg-official was found to contain malicious code. Source: ghsa-malware...
CVE-2022-26534
FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via a malicious viewchange packet, will cause normal nodes to change view excessively and stop generating blocks...
MAL-2025-191231 Malicious code in @huntersofbook/form-naiveui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdec58532c2efc0e228886d82b5dd62cd0699f654168e5c792e524b3a2d73747 The package @huntersofbook/form-naiveui was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191415 Malicious code in react-scrambled-text (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3888a54f9c5c14abb5fd0b64ec41778b1bc989da36cd5e48a480514eb81b9e57 The package react-scrambled-text was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191308 Malicious code in @quick-start-soft/quick-remove-image-background (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f9fbf3fe9e4ab7de62ad125cf8376c5b6f00b67df5291788b607659981ff021 The package @quick-start-soft/quick-remove-image-background was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198816
Malicious code in test-foundry-app npm...
Malicious code in winston-kinetic-zenith-corvus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33aea94bfb56e0007d05b76e2fd4429326a2eba7c08d4c4190df4b030c654c44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cat-meta-stack-minify-try (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80dec973455eae025b75ae4a2fb66d3f693521c903c9ca3af246808867e0af65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in perseus-carina-duplex-bellatrix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82db29da799b8923adf9e0105b02d015268632fba539c6d56c55e7300b952ba2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in warn-array-container-grid-stub (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1fc1c40e8556a40bb1303463fa81490f6a1cd507d53c7b15d0ccee323cc63deb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nightwatch-levels-lepton-phoebe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c6bc901157dba2a0f11bcf68e5429ef2be6851012441f8d6b91565d140110d93 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in planckscale-webpack-json-neptunology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dac476c90bc256cd8261ff18ff844d1b911ddf79b4f68c7de94b528d89ddc48 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chi-error-kappa-shell-error (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d52be924692085514a7ac69e4324d76070a96c0a3599cbe5efcff36f82206d6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kinetic-upgrade-pino-sagitta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 742650f379653a3093a99f5335ba2cd25cd4c67f9dd90c26b5adb849eb1de6ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in beta-error-rho-authenticate-tree (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 30cc2769230687e6e7eada5a89a33afaecb48c332be1d59dc5e4f2b0ba46f3f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in paleoclimatology-framework-mensa-spectron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c12f313dedc707d720600d06707caee7d75a5cb19e5f99bedf1d25cd3c43b861 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in husky-bulma-nebula-concurrently (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 029de86705f76c06a577e00966fac5cdab3d36021be7d50cec1844bd03f7b785 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in astrometry-halley-auriga-cressida (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0987c30c3ce3db7f1c02cef5135ac147f992aaf87e66da991eb1ef87264a23f5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in electron-nconf-callisto-flare (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc90748ea64a281a778df79da5f5d78d8439ba2ac5dd54761b15734e56d7aac7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...