5959 matches found
MAL-2026-5172 Malicious code in fundraiserserv (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c27dec042a9f69f24c1a2c860af27a2625740dbd7b7fc3d059659fae6f628c25 The OpenSSF Package Analysis project identified 'fundraiserserv' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in vg-interaction-model (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aba91a5b2aeb99e94b28109825a7ac069669d39c12c118fd37d9ef70afe63261 The OpenSSF Package Analysis project identified 'vg-interaction-model' @ 40.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2026-5168 Malicious code in vg-interaction-model (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aba91a5b2aeb99e94b28109825a7ac069669d39c12c118fd37d9ef70afe63261 The OpenSSF Package Analysis project identified 'vg-interaction-model' @ 40.0.1 npm as malicious. It is considered malicious because: - The...
Malicious code in sourceflow-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1699207dcb748d9894d27585d5e49f48e906eae167d75434c15cd15f1aeb5502 The OpenSSF Package Analysis project identified 'sourceflow-tracker' @ 99.91.9 npm as malicious. It is considered malicious because: - The packa...
MAL-2026-5166 Malicious code in sourceflow-tracker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1699207dcb748d9894d27585d5e49f48e906eae167d75434c15cd15f1aeb5502 The OpenSSF Package Analysis project identified 'sourceflow-tracker' @ 99.91.9 npm as malicious. It is considered malicious because: - The packa...
Malicious code in po-ops-local-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ed7a024c524e1a4bc29e2670d7dc00e5aa4c6891650c3c6bf38a2f388f4a3cb9 The OpenSSF Package Analysis project identified 'po-ops-local-dev' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-5159 Malicious code in po-ops-local-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ed7a024c524e1a4bc29e2670d7dc00e5aa4c6891650c3c6bf38a2f388f4a3cb9 The OpenSSF Package Analysis project identified 'po-ops-local-dev' @ 99.9.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-5153 Malicious code in @att-ebiz/abs-components-bc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d9d4d8606057fc579fbbc6ede648c88bb580827838850f589e8887c1dd374a39 The OpenSSF Package Analysis project identified '@att-ebiz/abs-components-bc' @ 99.9.1 npm as malicious. It is considered malicious because: - T...
Malicious code in @aonunited/angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 411e19a999b3354e6b5ad40e6da82882c1bf314a35d722ade7b3e23eb9c4a46c The OpenSSF Package Analysis project identified '@aonunited/angular' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
MAL-2026-5150 Malicious code in @aonunited/angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 411e19a999b3354e6b5ad40e6da82882c1bf314a35d722ade7b3e23eb9c4a46c The OpenSSF Package Analysis project identified '@aonunited/angular' @ 99.0.1 npm as malicious. It is considered malicious because: - The packag...
Malicious code in rookie-security-test-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1af47f1485c4c5bd3c6ee3cb7330781c1892ebc8bea1c59b0a0045c49ab8c93d The OpenSSF Package Analysis project identified 'rookie-security-test-pkg' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in picnic-react-mise-en-place (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d57f4579f4e0842567d9e59bfa74af355f457cbfdfeabe0f65a9e6952f79aa34 The OpenSSF Package Analysis project identified 'picnic-react-mise-en-place' @ 9999.0.0 npm as malicious. It is considered malicious because: -...
MAL-2026-5121 Malicious code in nepsnowplow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7e26395712f5003186b16919b17058dbc8d140aae9ab0dc20d5add9624cc35c6 The OpenSSF Package Analysis project identified 'nepsnowplow' @ 9999.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in nepsnowplow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7e26395712f5003186b16919b17058dbc8d140aae9ab0dc20d5add9624cc35c6 The OpenSSF Package Analysis project identified 'nepsnowplow' @ 9999.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in js-shared-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis adff3edac3c3ba1c04ba273f77d51c95d153b4e027ec4809b3d2f3c74a712a92 The OpenSSF Package Analysis project identified 'js-shared-modules' @ 1.11.7 npm as malicious. It is considered malicious because: - The package...
MAL-2026-5098 Malicious code in js-shared-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis adff3edac3c3ba1c04ba273f77d51c95d153b4e027ec4809b3d2f3c74a712a92 The OpenSSF Package Analysis project identified 'js-shared-modules' @ 1.11.7 npm as malicious. It is considered malicious because: - The package...
MAL-2026-5095 Malicious code in @challenger6/vm-pattern-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 396b490a90fc45f797d57bb02503489b3a924a18b927cabce392cad7f591c868 The OpenSSF Package Analysis project identified '@challenger6/vm-pattern-library' @ 99.0.0 npm as malicious. It is considered malicious because:...
MAL-2026-5092 Malicious code in retail-location-strategy-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 npm as malicious. It is considered malicious because...
Malicious code in retail-location-strategy-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 056a42f9d6cabda51a99fe21f647f8270a15e121d2017f53e3fa7cc1aad9a47f The OpenSSF Package Analysis project identified 'retail-location-strategy-frontend' @ 1.1.1 npm as malicious. It is considered malicious because...
Malicious code in cms-storehub (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dda5fa0b4771a3299568c8dd8d17d5663d9c8ae782b8c71f4a2baf0ce1f8e5ee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...