136590 matches found
1router (>=0.3.96 <=1.0.2), 9router-custom (=0.3.55) +2007 more potentially affected by CVE-2026-41240 via dompurify (>=3.0.0 <=3.3.3)
dompurify NPM version =3.0.0, =0.3.96, =0.3.33, =0.5.0, =1.5.1, =0.18.0-beta.0, =0.0.1, =0.1.0-alpha.1, =0.1.0, =0.1.0, =0.0.0-dev-20240828032938, =0.2.8-experimental.0, =1.2.0, =1.0.0, =4.4.0-rc1, =4.10.8-rc26 and more Source cves: CVE-2026-41240 Source advisory: SNYK:JS-DOMPURIFY-16078387...
Malicious code in terminal-formatter (npm)
terminal-formatter is a malicious npm package that when installed postinstall-hook or imported sends local env variables, files and bash history to https://ghostraper.top and registers a new ssh key in .ssh/authorizedkeys. --- -= Per source details. Do not edit below this line.=- Source:...
MAL-2026-2897 Malicious code in chai-beta (npm)
chai-beta is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/XRGF3 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in chai-as-type (npm)
chai-as-type is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c26313f0733957a7d787 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
MAL-2026-2888 Malicious code in chai-as-encrypted (npm)
chai-as-encrypted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/29ebd497b6f232e6b0a9 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
CVE-2026-30625
Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands npm, npx accept argument flags that enable...
Malicious code in fusion-events (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c8e696e51251f71e47adebced7b96e693530edba7546edfc180e21202e2048 The package fusion-events was found to contain malicious code. Source: ghsa-malware 88d534717a957da6a2dd2be4f5db4aa652489fa5ac3b30382f4a8e5e06865be2...
Malicious code in vs-supplier-portal-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4ce50d0cee946b14aa2dee0c469a73331ff0c63bc65b134b3b50edb5d43c54 The package vs-supplier-portal-web was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview laserlogsink is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in react-dom-19 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e6b5a54efd0bd62412ae002a01495b83a035014f59692e4e942aeaf9fd70d0d The package react-dom-19 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2827 Malicious code in js-logger-pack (npm)
js-logger-pack is a fake npm logger that the attacker developed openly on the registry over 23 versions across two weeks 2026-04-01 to 2026-04-15. Version 1.1.20, published hours after initial detection, is a re-obfuscation of the same payload with a new hash — same C2, same capabilities. Early...
MAL-2026-2676 Malicious code in moscova-plural-json-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a51fa685cb52dec458580533d514310ee1449c22a04bf82f6f1fc1e9e7b9db5 The package moscova-plural-json-parser was found to contain malicious code. Source: ghsa-malware...
CVE-2026-30625
Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands npm, npx accept argument flags that enable...
Malicious code in pnpm-workspaces (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19d252b93a40f90995892530ecd34dc35e9ec7e5b741cb02416fd3dde3e082d8 The package pnpm-workspaces was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-2663 Malicious code in tether-wrk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e816f71a9a4581a5adacb19f57871ba8a9118bb980fbcb97c74d6b601a7e517f The package tether-wrk-base was found to contain malicious code. Source: ghsa-malware dd91537dad139a68aee6f4c63c4f9afb6bd315f2d76ee0e8e998dde7a421ef4...
MAL-2026-2881 Malicious code in bjs-lint-builders (npm)
big.js typosquat campaign - SSH backdoor implantation, credential and crypto wallet theft --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ff31ee3bf86e4aecefc3ed40ae1647028f7fd482df4c617731ebfd75cad027 The package bjs-lint-builders was found to contain maliciou...
Malicious code in chai-as-refined (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc7bd5b01fccd5ef5cc96d9a4eecf5801c6b34a062718a2131d2b2abb7a93191 The package chai-as-refined was found to contain malicious code. Source: ghsa-malware 5a69e4e0dbfe130a3d5da8413eb7ad9a490dc1874ee69ef385156479b365da4...
Malicious code in okfe-serverless-conf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74a72b0853bd9a530292e0f2f74d820ea396dd35650bb3537cf4b2d8705e0dc The package okfe-serverless-conf was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2642 Malicious code in chatbotloader (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78643cb5d37687c0eac0935734bac95f23c01b64ded6bb2f2f090542324042ac The package chatbotloader was found to contain malicious code. Source: ghsa-malware 88ccdb3c34d69b2e53f62caa6b7e61f32e7868fa5893d6fd6d09662189d10b34...
Malicious code in okx-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f537a0896e3975393a32700cc7c402b5b84baade9d30694090e625ef37a8a09 The package okx-data was found to contain malicious code. Source: ghsa-malware 41edc2d01a36c24d285496e1d882419e277f6ac2ded1e21f9d6eb4fd13cada75 Any...