expr-eval: expr-eval: Prototype Pollution

A prototype pollution flaw was found in expr-eval. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution...

EUVD-2025-175939

Malicious code in titan-despina-zenobia-antares npm...

EUVD-2025-177949

Malicious code in markdown-pdf-jsonp-brane-cross-env npm...

EUVD-2025-134776

Malicious code in anabuyil-na10n-nitnuli npm...

EUVD-2025-140972

Malicious code in kapvino-sodi-vanunds npm...

EUVD-2025-86271

Malicious code in erick-esdoger12-miaww npm...

EUVD-2025-54855

Malicious code in distinctive-aqua-crayfish npm...

MAL-2025-7933 Malicious code in @erboladaiteas/voluptatibus-ab (npm)

The package @erboladaiteas/voluptatibus-ab was found to contain malicious code...

MAL-2025-35694 Malicious code in test-mlw2-linns-ceils-movie-hanap (npm)

The package test-mlw2-linns-ceils-movie-hanap was found to contain malicious code...

10er10 (=0.23.0), 1405-authtokens (>=1.0.1 <=1.0.5) +8069 more potentially affected by CVE-2016-10539 via negotiator (>=0.2.3 <=0.6.0)

negotiator NPM version =0.2.3, =1.0.1, =1.0.3, =1.0.2, =1.0.0, =0.0.1, =0.2.0, =0.0.1, =0.0.1, =1.0.0, =1.2.9 and more Source cves: CVE-2016-10539 Source advisory: OSV:GHSA-7MC5-CHHP-FMC3...