Malicious code in @nativescript-community/typeorm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f52d32f97f0c022f47383943d101a89ef5465d96aece46233bc2005a4c14d6a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47157 Malicious code in @nativescript-community/ui-material-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe208e03b1176bddeb8912705cd3294928ff3009cc5c7e98d9495dfd695feea8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nativescript-community/ui-material-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe208e03b1176bddeb8912705cd3294928ff3009cc5c7e98d9495dfd695feea8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nativescript-community/ui-material-tabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4102ccea0c14992d0974fb6022f1fff84012fc5ccb94c235452a1abc75a6f90c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47159 Malicious code in @nativescript-community/ui-material-tabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4102ccea0c14992d0974fb6022f1fff84012fc5ccb94c235452a1abc75a6f90c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @triniwiz/nativescript-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dee524a059c5be768ba0f921b02cf030608c6377823ec2fda73727e66313248 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47171 Malicious code in @triniwiz/nativescript-pdf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dee524a059c5be768ba0f921b02cf030608c6377823ec2fda73727e66313248 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47150 Malicious code in @nativescript-community/sqlite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12fdec6c515865f33dafbfd89c6a2e810138eab46fe92d29955d74a13e37567f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nativescript-community/arraybuffers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbd4477b4250e2af1b9a5fdcd76d234900437c12290d3cc79ec173d8f0fbc862 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nativescript-community/text (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70e308e7da4975ddec5cf39601e96232abc461d9544cc82745a13e8efd7b4200 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47165 Malicious code in @nstudio/nativescript-loading-indicator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b551e46bc14865c379331dce05e3f6adb61e5f385acc0aa24b912176766d0c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nstudio/nativescript-loading-indicator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4b551e46bc14865c379331dce05e3f6adb61e5f385acc0aa24b912176766d0c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47164 Malicious code in @nstudio/nativescript-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ac10be560243885c47e80e47d545e8006f285d8fe9f5756c7b92f9cd2085639 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nstudio/nativescript-checkbox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ac10be560243885c47e80e47d545e8006f285d8fe9f5756c7b92f9cd2085639 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47148 Malicious code in @nativescript-community/perms (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bc3fd96213519273f7b1eb5a8c0fd5d3b40c41fccda225d8d442dc2d3f44b882 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

@nativescript-community/ble (>=3.1.8 <=3.1.22), @nativescript-community/sentry (>=4.6.19 <=4.6.45) +14 more potentially affected by unknown CVE via @nativescript-community/arraybuffers (=1.1.5)

@nativescript-community/arraybuffers NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on @nativescript-community/arraybuffers and may be impacted: - @nativescript-community/ble =3.1.8, =4.6.19, =4.4.4, =1.0.11, =0.0.27, =6.0.0, =6.0.0,...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...