Lucene search
K

729 matches found

OSV
OSV
added 2026/03/26 12:52 a.m.5 views

MAL-2026-2227 Malicious code in validator-lut-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9f447a3c02a6c7ea716862009fcf6853c8d52e05144fa78746cbdbfe3ef000 The package validator-lut-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/26 12:42 a.m.6 views

MAL-2026-2222 Malicious code in chain-coremesh (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53c78d25a9b5c960f74dda3653e6f237df054e60b0234511fa4e9fe3d650a00f The package chain-coremesh was found to contain malicious code. Source: ghsa-malware 7c22f3e9c994c2b163ca8dc9cfdd501768a8ed0163ccc7c9fde8160ace616303...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/25 2:32 a.m.7 views

MAL-2026-2169 Malicious code in console-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a453dd193f8ddd250ba6ade5c711f845eced766f664cb75f7969f064a94b86f The package console-loggers was found to contain malicious code. Source: ghsa-malware 4172c3551666d2ed6e2691429d3929465e9f862f0967ff39fcad41faf23fb20...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/25 12:11 a.m.11 views

MAL-2026-2153 Malicious code in @xvortexsockets/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6fe781d4e79519992d2b0f37577515da41d7e0deb2f9f32df7c39dfb8de3916 The package @xvortexsockets/baileys was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/03/24 12:43 p.m.7 views

MAL-2026-2131 Malicious code in nemo-fpti (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d59bda0a25d9b656075c91322ff0c7a8463b743465176a358265f7fb35710b98 The package nemo-fpti was found to contain malicious code. Source: ghsa-malware 7e5357f25ae0271690f061e93dc85be49cf6ebe3ccd0d09110524b0fcbb30ee3 Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/23 1:47 p.m.6 views

Malicious code in in-app-marketing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d475c46e8eda7ca153485336dce8c0b7d3bf8e3ea31a871232bc815438bc140c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/22 6:19 p.m.9 views

Malicious code in @emilgroup/partner-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 021998bae85c5300a2c6e776ee80893de174f4216d701951b4742fd3eff21d85 The package @emilgroup/partner-sdk-node was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/03/22 6:3 p.m.4 views

MAL-2026-2041 Malicious code in @emilgroup/claim-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86e7c53acc9840bac58a8ff7aca0a0d40a03ab2a8ac73dd55d0314373528800 The package @emilgroup/claim-sdk was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:45 a.m.7 views

Malicious code in fadlsjf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7851237c54cc21d98214fdd4c10550fb6665672f78c6f685de666e25f116c54f The package fadlsjf was found to contain malicious code. Source: ghsa-malware 84c2aa35dc6cdbc9581e9c90d31fc8048bf73c56102725c533f82882b2aa3422 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/19 4:39 p.m.6 views

Malicious code in @aifabrix/miso-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ddcc2128fa9a68b4ccf29899647a346301d90cb84cb45c30863872c44e2b3ae The package @aifabrix/miso-client was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/17 4:46 a.m.4 views

MAL-2026-1493 Malicious code in pino-logger-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5c908d1d5a0d2a6a517ef1aa6e7ab5b7ddc8644dc39730c2629f0226a69121a The package pino-logger-utils was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.6 views

Malicious code in minify-replace (npm)

The package 'minify-replace' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/16 12:0 a.m.4 views

MAL-2026-1512 Malicious code in undeclared-variables-check (npm)

The package 'undeclared-variables-check' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.9 views

Malicious code in peer-deps-external (npm)

The package 'peer-deps-external' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/16 12:0 a.m.3 views

MAL-2026-1567 Malicious code in transform-function-bind (npm)

The package 'transform-function-bind' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/13 10:37 a.m.10 views

Malicious code in pulsard-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5088b269cb089b9b077cf5a13f9b00cbb8d01375276ce1e2f1c99fc7154a46be The package pulsard-utils was found to contain malicious code. Source: ghsa-malware ff1030d82dfca7d7403806e0bd8ba645d25cddd141cb5480664a6555f2d441d7...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/13 2:21 a.m.5 views

MAL-2026-1379 Malicious code in 8x8-developer-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 830ce990639483b2f7a9ea4e000d63c831e0d58c94e718a1a20add6885cb93ef The package 8x8-developer-docs was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/12 3:46 p.m.5 views

MAL-2026-1372 Malicious code in @sky-it-livedata-libraries/livedata-commons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20bdbc3cff45e6eac27e84e332d4efa6ad06a4d593b15610a99115bac25d2931 The package @sky-it-livedata-libraries/livedata-commons was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/12 2:18 a.m.8 views

Malicious code in unibody (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62433a668da6675dffc03d0b406316c3a612058aed5063d864c1f6a78d94e937 The package unibody was found to contain malicious code. Source: ghsa-malware d5083ea858a18dda094f7d171b57730132d8348f914ae8b2895725447d8f13f0 Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/11 6:18 a.m.3 views

MAL-2026-1329 Malicious code in google-camelcase (npm)

The package 'google-camelcase' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
Rows per page
Query Builder