86 matches found
MAL-2026-6054 Malicious code in @mastra/node-audio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in @mastra/braintrust (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dc69743b21fec5f3b447419f86b5799d5216e1f1f16d96c8aba930d99514553 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...
Malicious code in fed-callnative (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5104 Malicious code in @pcldpvkoewpogw/testhacker (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75fc3a0b4dc467bfee8bcd715fb5eef861c97aaa7f933a04dc5ac6922af1b8fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mrgn-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-1475 Malicious code in delta666 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8eaa59df9b36fbda7fdbb9f429aa77b3dd4ce913b22d3e1f7991750136306a The package delta666 was found to contain malicious code. Source: ghsa-malware ed1b6c9a5c4e82e4f1f205e90a5ac9c271dccbf998e06ed81199102594e23d0f Any...
Malicious code in solongnerds (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4924a4f78f84d4b49d96f2ced7769ac484017ae28bb6fe63f94e937b199222f The package solongnerds was found to contain malicious code. Source: ghsa-malware 5ef9463bd7feaee40d35efb13e75f19b54fd802eeb788cddc3cbbd1ba90b2ba4 An...
MAL-2026-391 Malicious code in internallib_v962 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9664f22a915362fceed28ec2e15ea4bfbc16dbdd91cb358cba05ef247fec36a5 The package internallibv962 was found to contain malicious code. Source: ghsa-malware 1e08ba6555343cafd51a03a186572eaf33065999ee721770a8d507645826dfd...
Malicious code in sonia3-npm-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 339534853ebcb623a903a0515ab9ae854edaac8fdfec58d3edb454c501238d19 The package sonia3-npm-js was found to contain malicious code. Source: ghsa-malware 3b951ad6a6c46f78a032c0c93db496b6b13cfadccf178f195cd6c3f28531ed1e...
Malicious code in @seung-ju/react-hooks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adf0b1f6ebc35246707044936c68dfe237eb92c6e65e24e87383fcfb2dbe55f The package @seung-ju/react-hooks was found to contain malicious code. Source: ghsa-malware...
Malicious code in @ensdomains/eth-ens-namehash (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0009bf3870d33e9e174ce53fe0a281b43402e1f8b78f62e6cd296ad8f082588 The package @ensdomains/eth-ens-namehash was found to contain malicious code. Source: ghsa-malware...
Malicious code in xo-ui-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58815a099f64599f6c8c7778c42dc78094abeace3c685c538fe1ee5604b86818 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in xo-validation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a2dc971622a44de97536e68fb7287ef32a7a1bdabe0d0386eadf248219cea54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @acme-types/acme-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b754e0118dde98a24e6f1ea46eb2ed30d7b59cd938fbc627e6dc4429251482 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in prefer-arrow (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4c923d3d6c399e77c6af5aa1cbd1e4712cb7bd89045f7ad31667227e6e3bd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @jameson777/mytest8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b156e6ec35304232881859a1a11917ad7244fcea63f2683ef1a381098858d9d The package @jameson777/mytest8 was found to contain malicious code. Source: ghsa-malware...
Malicious code in mender-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95b2a0aeb7e210157ad59facfa9c0e679873c34a71078e93e3410440365970a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in tenantadm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ce8c0c0c24aa09e7e543bac2dca10d2642ad336d071e8bc5ffac9be251ff10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in mad-8.2.1.2.2.8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1fd4259c0de84b69ec4997af8ecf958bef9b6dd06c7ed580c56cfdb9baedc2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eslint-plugin-consumerweb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f0908b28feb167dcbd08913b9ddf69ed6e3dab2f79a88d0b757e0869acb4e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...