Lucene search
K

291 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 6:3 a.m.9 views

Malicious code in npmjs-doc-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e75a4fc474b58b6d7226e8448d6c909312baf7aff6e9587188cc56a2a5dface Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 6:3 a.m.12 views

Malicious code in bign.tsm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a742cbbbd867c961c2a0d001e20f92dfadd209e9071734e840bbd0e0606d4f6b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/15 11:45 p.m.8 views

MAL-2026-5846 Malicious code in prettier_v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0da6eb947f9a9046563fe43e0b5064d7dc2a75e019425a564276d44d39bc263 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 11:33 p.m.8 views

Malicious code in vite-enhancer-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f95dc5a82c03457cbfab461f0b1775f3918589db6ac513342a1ec0dc1aacc1fb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/15 11:33 p.m.7 views

MAL-2026-5843 Malicious code in chai-smart-assert (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 44c476c94a62f5a3949ef8e6173aae3a6fa9b4411d7b157d06ea96835fbf258c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/12 2:32 p.m.5 views

MAL-2026-5690 Malicious code in ecto-spectral-leak-8d4e2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed80e7979c97935537c82692c1be6aa9fa4880f76b412057e9d8ed7d66af999f On npm install, postinstall.js executes shell commands that enumerate AWS Secrets Manager across regions aws secretsmanager list-secrets followed by...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/06/10 12:10 p.m.11 views

MAL-2026-5495 Malicious code in @solana-launchpad/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f311ca65e1dd4812e0b9812be713108a676a6f25c8d48443ab93a97133447b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:9 p.m.17 views

Malicious code in customerdigital-service-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d58926a994bd05ac4db3c984f96186b2d52da1235a3f56f34843c01dd2246408 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 1:39 p.m.12 views

Malicious code in @service-suppliers/set_suppliers_loading_stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52d21512cf72b6b9822978fa95b217f0412f0d8ec55e5667addf4a486ad0965b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 12:27 p.m.12 views

Malicious code in web3-prices (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee650bfe594eb17193a4760fd6fc279eb10670ae045500913ea673951427b47e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 8:48 a.m.12 views

Malicious code in unique-string-64 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c13681b6b78ec7996b99f0b0404fe78f1deb2235a379314856002f8f3ec02501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 8:11 a.m.13 views

Malicious code in nba-blocker-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f1fe232a9f7f60759e2b252db2948228245fa7ee3881d1fb5e3954a2ca3bcf1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 7:12 a.m.11 views

Malicious code in flow-parser-oxidized (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 656e2f1d3b8c65b9726bb52918453404799c461b0db5ae89061e6b740aa4862d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/12 4:20 a.m.9 views

MAL-2026-3553 Malicious code in @uipath/llmgw-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b2a10d3449dbb21333a81b53c4eab1037a00c862459fa93155f1bd9a94102ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSV
added 2026/05/12 12:7 a.m.11 views

MAL-2026-3486 Malicious code in @tanstack/solid-start-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a9f623ce85c893266087d3eeb9812938d0f3eea0ddb33cd735589c104dafb8e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 11:59 p.m.8 views

Malicious code in @tanstack/vue-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23dd073c586a2dad28ee9957fd8a3059bcbb261fbbb6a17e3b99a7145158ef8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/24 3:19 a.m.10 views

Malicious code in next-rwa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b11e0d18d15210fc1b53ccc943f01bd8f2d6873d4dd2586d535336fb14de6662 The package next-rwa was found to contain malicious code. Source: ghsa-malware 7f7d55fa4afccd86d6cbe53d7ad7643039f7e0bc251a0cb9b149708720c87639 Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/24 2:39 a.m.7 views

Malicious code in sagat-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b9e0a31b6bceddf90e920c8c6eb6313c822ca883c8daaa6905c5d8835fb8220 The package sagat-core was found to contain malicious code. Source: ghsa-malware cd038a03954f5c3c52c0f68ddfd36cbd9746f905131c22fa2089a72f8929be62 Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/23 3:52 a.m.6 views

MAL-2026-3003 Malicious code in @amsterdam-local/forms-component-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 291b91d9d855e239db33d7709fe9a88228eee0a166ce7312b5fb7f55f57dc488 The package @amsterdam-local/forms-component-library was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/22 2:49 p.m.9 views

MAL-2026-2996 Malicious code in sparkling-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a51b8dc4e5a69bd2a09d2bb1c705963de6b9513ff871237d21a5f6641abc0ac The package sparkling-sdk was found to contain malicious code. Source: ghsa-malware b0457cea0504e91fd51a3802d694a20e91fab0bf48731ae4a18c484eab349202...

5.7AI score
Exploits0References1
Rows per page
Query Builder