234874 matches found
EUVD-2026-3270
Malicious code in zod-js npm...
EUVD-2026-3272
Malicious code in @brokenzzz/garfish npm...
Malicious code in wac-react-relay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6230f7070c6a961274bcbd24ce695e9079873b97e2a34d1548f39451925cb2 The package wac-react-relay was found to contain malicious code. Source: ghsa-malware 8e4689baba605d11cb3859f852360989942c364318df4e05fc6d1265ff31061...
EUVD-2026-3271
Malicious code in wac-react-relay npm...
MAL-2026-335 Malicious code in wac-react-relay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6230f7070c6a961274bcbd24ce695e9079873b97e2a34d1548f39451925cb2 The package wac-react-relay was found to contain malicious code. Source: ghsa-malware 8e4689baba605d11cb3859f852360989942c364318df4e05fc6d1265ff31061...
MAL-2026-329 Malicious code in @brokenzzz/garfish (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d357b148f23b1917c8d9b30afb0a067acdcdf988ca7b7f8a382726ba3e31b439 The package @brokenzzz/garfish was found to contain malicious code. Source: ghsa-malware...
EUVD-2026-3273
Malicious code in 1231dai npm...
EUVD-2026-3276
Malicious code in cyrpto npm...
EUVD-2026-3274
Malicious code in viem-js npm...
EUVD-2026-3275
Malicious code in tailwin npm...
MAL-2026-331 Malicious code in cyrpto (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88df3de403df4549d6cae9b1d508f683da4ed91d472a6020a40a3dbd6d5930fc The package cyrpto was found to contain malicious code. Source: ghsa-malware 1e003c50bdddfa1368c5ed0e356acfab8b21a0d410f1d181471b88221a590cd9 Any...
EUVD-2026-3277
Malicious code in tronweb-tool npm...
MAL-2026-330 Malicious code in @daffadeveloper/signal-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae0087b0a9b601b66eed90dbf41396601a483159b3e74933ad6ed63e6a06e3d1 The package @daffadeveloper/signal-node was found to contain malicious code. Source: ghsa-malware...
filecc (>=0.0.1 <=1.0.1), gm-i18n-migrate (>=2.7.0 <=2.9.0) +3 more potentially affected by CVE-2025-15536 via opencc (>=1.0.6 <=1.1.3)
opencc NPM version =1.0.6, =0.0.1, =2.7.0, =2.7.2, =1.0.2, =1.0.5 - wise-paas-notify-utility =1.4.10-s2t1 Source cves: CVE-2025-15536 Source advisory: SNYK:JS-OPENCC-15874418...
MAL-2026-324 Malicious code in typedoc-plugin-fuel-variants (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6adc38777e8d247da805a1d508c3d27067be2a85dc25149b0d18453a67dcc18a The package typedoc-plugin-fuel-variants was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in eslint-plugin-fuel-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 99675eb06a245907c7a2133cf7d75af3037229a059d0a135bf8c3d518432a6a4 The package eslint-plugin-fuel-react was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview sd-cip-module-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview originresponsehandler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview sd-pdc-module-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview idel2-content is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...