370 matches found
PT-2026-4314
Orval generates type-safe JS clients TypeScript from any valid OpenAPI v3 or Swagger v2 specification. Versions 7.19.0 and below and 8.0.0-rc.0 through 8.0.2 allow untrusted OpenAPI specifications to inject arbitrary TypeScript/JavaScript into generated mock files via the const keyword on schema...
@orval/angular (>=8.0.0 <=8.0.1), @orval/axios (>=8.0.0 <=8.0.1) +9 more potentially affected by CVE-2026-23947 via @orval/core (>=8.0.0-rc.0 <=8.0.1)
@orval/core NPM version =8.0.0-rc.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.1 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...
@beshkenadze/orval-mcp (=7.11.2-fix.2), @orval/angular (>=7.10.0 <=7.18.0) +11 more potentially affected by CVE-2026-23947 via @orval/core (>=7.10.0 <=7.18.0)
@orval/core NPM version =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =7.10.0, =1.0.1, =7.10.0, =7.10.0, =7.13.2 Source cves: CVE-2026-23947 Source advisory: SNYK:JS-ORVALCORE-15038726...
Exploit for CVE-2021-21980
Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...
Malicious code in @ensdomains/mock (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa69028234e7d9845b0190a845d7ed004315332e53db9625716d3e8c34f9d555 The package @ensdomains/mock was found to contain malicious code. Source: ghsa-malware e5e3d7ebf0c01ec0fcf11c5473aa2d0ae19924590bc4f27ac7e988945272d5...
EUVD-2025-198871
Malicious code in @ensdomains/mock npm...
MAL-2025-190806 Malicious code in @ensdomains/mock (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa69028234e7d9845b0190a845d7ed004315332e53db9625716d3e8c34f9d555 The package @ensdomains/mock was found to contain malicious code. Source: ghsa-malware e5e3d7ebf0c01ec0fcf11c5473aa2d0ae19924590bc4f27ac7e988945272d5...
EUVD-2025-179682
Malicious code in cold-mock-daemon-hash-thread npm...
EUVD-2025-175956
Malicious code in thread-daemon-try-omega-mock npm...
EUVD-2025-180219
Malicious code in authenticate-array-cluster-mock-import npm...
EUVD-2025-177787
Malicious code in mock-xml-omicron-protected-class npm...
EUVD-2025-178093
Malicious code in link-cold-file-mock-info npm...
EUVD-2025-180313
Malicious code in assert-alpha-boolean-awk-mock npm...
EUVD-2025-177790
Malicious code in mock-parse-earth-export-hot npm...
Malicious code in socket-mock-java-rho-spy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c73783490d318eb38b0f589f800124ffffafbe09192fd2fb01fc5ce1f82b4195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177537
Malicious code in notify-beta-tree-mock-minify npm...
EUVD-2025-179161
Malicious code in emulate-earth-lambda-iota-mock npm...
EUVD-2025-177791
Malicious code in mock-easy-tree-long-cloud npm...
EUVD-2025-176397
Malicious code in short-easy-cat-mock-daemon npm...
EUVD-2025-178372
Malicious code in interface-stack-mock-execute-log npm...