Vulners
Lucene search
2 matches found
Malicious code in napi-postinstall (npm)
This package installs a windows based malware file node-gyp.dll via install.js...
6.9AI score
Exploits0References1
@helpwave/eslint-config (>=0.0.1 <=0.0.3), @infai/fass-framework (>=0.1.0 <=0.1.1) +12 more potentially affected by unknown CVE via napi-postinstall (>=0.1.6 <=0.2.5)
napi-postinstall NPM version =0.1.6, =0.0.1, =0.1.0, =0.10.8, =0.10.8, =0.10.8, =0.10.8, =3.7.0, =1.1.0-alpha.b912b41d, =1.28.1, =1.28.1, =1.28.1, =1.28.1, =1.6.0, =1.9.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-6025...
5.8AI score
Exploits0
20