136678 matches found
Malicious Package
Overview suport-color is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview cloude is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2026-966 Malicious code in opencraw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaed661cc51e76234fc6cba7587b973903e00bbacd33da7114aeb726d957b577 The package opencraw was found to contain malicious code. Source: ghsa-malware 5bc39adf3939792f918a50cbc9a9952a11d950e361d83d5631449f20ad634945 Any...
MAL-2026-952 Malicious code in claud-code (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 858992810c1a4133d95b6fa19033c07591db548a46df39b67e0d393d7dd212ad The package claud-code was found to contain malicious code. Source: ghsa-malware 5fe9842d778d45ad5b5e4d81db678d608711dd4b186e053569dae6f210481651 Any...
CVE-2026-26996 vulnerabilities
Vulnerabilities for packages: code-server, tileserver-gl, lerna, serve, rancher-api-ui, pulumi, renovate, prism, vitess, npm, argo-workflows, sqlpad, langfuse, opensearch-dashboards, eslint, kubeflow-pipelines, kubeflow-centraldashboard, saf, node-gyp...
GHSA-3PPC-4F35-3M26 vulnerabilities
Vulnerabilities for packages: code-server, tileserver-gl, lerna, serve, rancher-api-ui, pulumi, renovate, prism, vitess, npm, argo-workflows, sqlpad, langfuse, opensearch-dashboards, eslint, kubeflow-pipelines, kubeflow-centraldashboard, saf, node-gyp...
GHSA-3PPC-4F35-3M26 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines, sqlpad, graalvm, actions-runner, rancher-api-ui, redisinsight, kubeflow-centraldashboard, langfuse-fips, foxx-cli, tileserver-gl-fips, kibana, tileserver-gl, opensearch-dashboards, renovate, vitess, emscripten, serve, pulumi, npm, gemini-cli, saf,...
Malicious code in abcxyzz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8b953a8183a1a7ba906c9117e8afe658b2606311b606d8b3ecad680076fc51e9 The package abcxyzz was found to contain malicious code. Source: ossf-package-analysis b22a45e3a267d5930d5e8dfdb52954bf049c7b63a9bdb0818e5daff1191e74...
Malicious code in realestate-ask (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc4db310e1c17bbf02575dc3a75ab56d4d38581001d31617c583443f7d88a126 The package realestate-ask was found to contain malicious code. Source: ghsa-malware 75a155e1870bd51f018f66476427d1da99c87cbbcab800c354dad13f76b67c3b...
MAL-2026-919 Malicious code in mds-webcomponents (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b33015300fa18b6b3d2c2f1c0af0e77cbd9fa96c7af7befbe61a5422165824e package.json declares preinstall: node index.js, which runs automatically on every npm install. index.js collects os.homedir, os.hostname,...
Malicious code in ethereums-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bddbe5ea052b93fa04966b01c8302455e06311fd6015aaf9c76c07ba8c8f21c4 The package ethereums-lint was found to contain malicious code. Source: ghsa-malware 7671a5fea1c5f2b0118bd9981213bde2b546a4191a57acd041aed6d8560c0de6...
Malicious code in ethereum-lint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f139611e5bee8bd888911afc42c4e762ba55dc37cb142d92fe4203209f917600 The package ethereum-lint was found to contain malicious code. Source: ghsa-malware d4db9b610771f0e6a14c8e5de6545323a4041420731492b2265b31ec14fdaa3b...
MAL-2026-908 Malicious code in hops-preset-jest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8165500e6c415192d0b46d0e106f29fb3ae49fce7538b2da40a9e398998c087d The package hops-preset-jest was found to contain malicious code. Source: ghsa-malware d1e4e88ca9b17e3778d9b7f4aa3d9cb2a94cc7ac234505750c84264eb43440...
MAL-2026-895 Malicious code in json-mapping-src (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc958aaacb5ea616283510ccda98b0a4634c35d348eece1613366ac66ad41abb The package json-mapping-src was found to contain malicious code. Source: ghsa-malware 8e7f8a61a6a361880bea88321b1f130627266e5f1d54e8aa9d9f47d64c99db...
MAL-2026-879 Malicious code in codexworld (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adbcf3a15ca44fb393a6c8e40217d59fb72f228be073dda7d50c70236131d586 The package codexworld was found to contain malicious code. Source: ghsa-malware f062939a6f9a6652f3a2e08c3192935b45ce6fd84970a96e43007d424e25b573 Any...
Malicious Package
Overview responsible-ai is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-890 Malicious code in responsible-ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05c11d73745aba3675053c5e949e3d5cf48ec050f6c5df589f613c094a8a038e The package responsible-ai was found to contain malicious code. Source: ghsa-malware 9b9159173d856834d97152b44c3f78779ff8f3dd4368b5d113920865417044c3...
MAL-2026-887 Malicious code in pyrefly (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f731c9ac1e4183a530b005b34a0e1331b1dc61ef8fc60aea56170766e444a48e The package pyrefly was found to contain malicious code. Source: ghsa-malware 588445ae77d1fbd6e2123a29bd2331067492d3a518d7dbbc3a1d57a400622e83 Any...
MAL-2026-885 Malicious code in metadata-stripper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8c267045a16bae6cd73d8221edda625cfc4c3492849b92a48065fd3cbb2723a The package metadata-stripper was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview xsstesting is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...