234824 matches found
MAL-2026-5260 Malicious code in mountly (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5229 Malicious code in autotel-sentry (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5233 Malicious code in autotel-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5206 Malicious code in @forjacms/client (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5210 Malicious code in ai-sdk-ollama (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
MAL-2026-5259 Malicious code in github-archiver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d36f95b6a426c5832df260fb417a52efac5da2bef351a5fff36d136ce229157 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5234 Malicious code in awaitly (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...
Malicious code in hbsig (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...
MAL-2026-5191 Malicious code in wdb-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 146faaf0d97c6a533a969bc3f3f117811f9317dc865ed4ab37f1679842ddeaae This package was compromised as part of the IronWorm campaign. This campaign executes a malicious binary payload during installation via a...
ROOT-APP-NPM-CVE-2026-43998 CVE-2026-43998 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-43998 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44003 CVE-2026-44003 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-44003 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-44005 CVE-2026-44005 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-44005 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-24118 CVE-2026-24118 in @rootio/vm2 - Patched by Root
Root has patched CVE-2026-24118 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-23745 CVE-2026-23745 in @rootio/tar - Patched by Root
Root has patched CVE-2026-23745 in the @rootio/tar package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2025-54798 CVE-2025-54798 in @rootio/tmp - Patched by Root
Root has patched CVE-2025-54798 in the @rootio/tmp package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-27606 CVE-2026-27606 in @rootio/rollup - Patched by Root
Root has patched CVE-2026-27606 in the @rootio/rollup package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2024-21501 CVE-2024-21501 in @rootio/sanitize-html - Patched by Root
Root has patched CVE-2024-21501 in the @rootio/sanitize-html package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2022-24999 CVE-2022-24999 in @rootio/qs - Patched by Root
Root has patched CVE-2022-24999 in the @rootio/qs package for Root:npm. Multiple fixed versions available...
ROOT-APP-NPM-CVE-2026-34043 CVE-2026-34043 in @rootio/serialize-javascript - Patched by Root
Root has patched CVE-2026-34043 in the @rootio/serialize-javascript package for Root:npm. Multiple fixed versions available...
Malicious code in hello244a (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02e5f7412a9593e0ec3d0d8c28082c01edff82746bd48966c6fb88a3b1f88866 The package contains no library code, no main entry, and no documented functionality. Its only file is package.json, which declares a postinstall...