234805 matches found
MAL-2026-5225 Malicious code in autotel-mongoose (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5245 Malicious code in effect-analyzer (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5206 Malicious code in @forjacms/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5234 Malicious code in awaitly (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5237 Malicious code in awaitly-mongo (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in hbsig (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...
MAL-2026-5191 Malicious code in wdb-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...
ROOT-APP-NPM-CVE-2026-44003 CVE-2026-44003 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-44003 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-24118 CVE-2026-24118 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-24118 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-43998 CVE-2026-43998 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-43998 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44005 CVE-2026-44005 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-44005 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-23745 CVE-2026-23745 in @rootio/tar - Patched by Root
Root has patched CVE-2026-23745 in the @rootio/tar package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-54798 CVE-2025-54798 in @rootio/tmp - Patched by Root
Root has patched CVE-2025-54798 in the @rootio/tmp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-27606 CVE-2026-27606 in @rootio/rollup - Patched by Root
Root has patched CVE-2026-27606 in the @rootio/rollup package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-2391 CVE-2026-2391 in @rootio/qs - Patched by Root
Root has patched CVE-2026-2391 in the @rootio/qs package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2024-21501 CVE-2024-21501 in @rootio/sanitize-html - Patched by Root
Root has patched CVE-2024-21501 in the @rootio/sanitize-html package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2022-24999 CVE-2022-24999 in @rootio/qs - Patched by Root
Root has patched CVE-2022-24999 in the @rootio/qs package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-34043 CVE-2026-34043 in @rootio/serialize-javascript - Patched by Root
Root has patched CVE-2026-34043 in the @rootio/serialize-javascript package for Root:npm. Multiple fixed versions available...
Malicious code in hello244a (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02e5f7412a9593e0ec3d0d8c28082c01edff82746bd48966c6fb88a3b1f88866 The package contains no library code, no main entry, and no documented functionality. Its only file is package.json, which declares a postinstall...
ROOT-APP-NPM-CVE-2016-20018 CVE-2016-20018 in @rootio/knex - Patched by Root
Root has patched CVE-2016-20018 in the @rootio/knex package for Root:npm. Multiple fixed versions available...