Lucene search
K

1333 matches found

OSV
OSV
added 2026/06/30 4:18 p.m.8 views

MAL-2026-6687 Malicious code in procwire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011cf28d546459d946b1ed6d92c3beb4cb7c5322d6a9370d52fcd40e9a81ac2f On Windows, installing [email protected] automatically downloads and executes an attacker-controlled executable. The package.json preinstall script runs...

6.3AI score
Exploits0References3
OSV
OSV
added 2026/06/29 4:53 p.m.6 views

MAL-2026-6635 Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/29 4:44 p.m.6 views

MAL-2026-6669 Malicious code in pvd3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c992d4bd87c36aa389d168c263ca0b89c04b425b0483217ae1098a0c2f3ee10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/09 3:10 p.m.10 views

MAL-2026-5384 Malicious code in enquriers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c7f041bb6800c0c765683543b18f204299e64265c3d9124c54f7f0169b53348 Package name 'enquriers' closely resembles the widely-used 'enquirer' package transposed/added characters, suggesting potential name-confusion risk. ...

6.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 2:29 a.m.11 views

Malicious code in void-ulid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17c8bf4c8a22f2c86dcf8af482d28d5fccfc1d5971289e4f06afedc17c0585a9 void-ulid impersonates the legitimate ulid/ulidx ULID generator its package.json reuses the upstream github.com/ulid/javascript repo URL but ships a...

5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview nottuff18 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/26 9:3 a.m.21 views

MAL-2026-4789 Malicious code in ggk-happy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d747cc7acd8bbc1defbf475aa3202fd332fd43135a6fedddfcc37356ce02eb54 Package presents itself as the legitimate slopus/happy CLI README instructs npm install -g happy; homepage, repository, bugs, and author fields all...

5.5AI score
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 1:48 p.m.14 views

Malicious code in itc-actors-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22687e1f7601dde1753d3775925d62d040892631394937e56e9b9fba74fb85c6 The package contains callback.js which collects host identifiers and user information os.hostname, os.userInfo, os.platform, cwd and transmits them v...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/04/15 10:5 p.m.7 views

MAL-2026-2904 Malicious code in trackora-node (npm)

trackora-node is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:45 a.m.7 views

Malicious code in fadlsjf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7851237c54cc21d98214fdd4c10550fb6665672f78c6f685de666e25f116c54f The package fadlsjf was found to contain malicious code. Source: ghsa-malware 84c2aa35dc6cdbc9581e9c90d31fc8048bf73c56102725c533f82882b2aa3422 Any...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/12 5:13 a.m.7 views

Malicious code in @kinggupong/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c19c128fca5c3aacdbc42a4005ff6e5fac66da9fb811bf98788503f6dfd00eb The package @kinggupong/libsignal-node was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/05 3:35 p.m.12 views

Malicious code in pear-apps-lib-feedback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 331d2742dee8271e5d493e475aab23ee3f05adc5e02888d87127d189883cc50c The package pear-apps-lib-feedback was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 2:24 a.m.11 views

Malicious code in internallib_v157 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d07f4a0d2270cdcb827bb50e9f546d7c4ab3b07ede66343b90478831a731b83 The package internallibv157 was found to contain malicious code. Source: ghsa-malware 2a4eddb6af3191b7183a9223407a3a1b9fb4e1b4e96da5ee15af1ae2f0515ac...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 4:41 a.m.8 views

Malicious code in react-sdkk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5be5e5cc941dec9a36d78d9de45e31cd604e0efacd37d1b78b62e452689b2cb7 The package react-sdkk was found to contain malicious code. Source: ghsa-malware 60e38e54e0f061a0da679900787b26c8949e350345b5ae5e12688321574bd4c7 Any...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 4:41 a.m.10 views

Malicious code in mongooose_updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f397bd93c8a607a5fb7cb6c4da24be0ed65157020f40d778f66f4bb8f0c6237b The package mongoooseupdated was found to contain malicious code. Source: ghsa-malware c02f092aac581da5247eba7163d5bcbb065ed41865e8eeb464ea1fedd8a4d6...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 7:48 a.m.11 views

Malicious code in ern-picking2-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cdd28d37200aac1cd5fc446acddca1c77227c48fbccf070f31a765422439184 The package ern-picking2-api was found to contain malicious code. Source: ghsa-malware 6d206018d9dd4cfb8e95bc0197ea0db4d442ee3b16f5209a2b452bc203dc8d...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 7:43 a.m.10 views

Malicious code in equimper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 174afe3f7c17abcec63d8bfa72500c726f7e7cc7a5b9f726c387f5e9c5399287 The package equimper was found to contain malicious code. Source: ghsa-malware 239809818f810ae94c81e006270640279952fcd3123a3e4da631e6810f4ed4de Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/21 7:37 a.m.9 views

Malicious code in ts-tweetnacl-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8035e1fe9ea296c85e726e0afad93eacff3199c25542e19153f914cc63251c12 The package ts-tweetnacl-utils was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
OSV
OSV
added 2025/12/30 4:5 p.m.12 views

MAL-2025-192978 Malicious code in tailwindcss-typography-style (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f2e4636e4f08bc04591afc5b27fce2e03dea82a9883b2dc8092a6f23fa6f55d The package tailwindcss-typography-style was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
EUVD
EUVD
added 2025/12/03 2:20 p.m.5 views

EUVD-2025-200747

Malicious code in elf-stats-nutmeg-chimney-245 npm...

6.6AI score
Exploits0
Rows per page
Query Builder