234745 matches found
Malicious Package
Overview @xvortexsockets/baileys is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Software Supply Chain Smells: Lightweight Analysis for Secure Dependency Management
Modern software systems heavily rely on third-party dependencies, making software supply chain security a critical concern. We introduce the concept of software supply chain smells as structural indicators that signal potential security risks. We design and evaluate Dirty-Waters, a novel tool for...
PT-2026-27783
Name of the Vulnerable Software and Affected Versions pdf-image versions through 2.0.0 Description The pdf-image npm package versions through 2.0.0 allows for OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions utilize...
Exploit for CVE-2026-26830
CVE-2026-26830: OS command injection in pdf-image Summary...
MAL-2026-2398 Malicious code in xrpl-hooks-ide (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cba4a53598147b0ea4a05d573906166d018f6026d4b245512f651c235c2bae3 The package xrpl-hooks-ide was found to contain malicious code...
MAL-2026-2397 Malicious code in wraith-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e01edc3106b7a83dd7050b7ade8ef141a38fac23b8829ed8d2f4e1f1402829b The package wraith-module was found to contain malicious code...
Malicious code in voodoo-internal-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a66c21f000ea33496a8cd95744872d47bbd617d4a4cabdae400ae0361cf0faf3 The package voodoo-internal-api was found to contain malicious code...
MAL-2026-2396 Malicious code in voodoo-internal-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a66c21f000ea33496a8cd95744872d47bbd617d4a4cabdae400ae0361cf0faf3 The package voodoo-internal-api was found to contain malicious code...
Malicious code in uuidvalidatorarabis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 980bd443f5ff6b9b9a38a084ed533ef47f42bf5867df5d6281df19515171a6a9 The package uuidvalidatorarabis was found to contain malicious code...
MAL-2026-2395 Malicious code in uuidvalidatorarabis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 980bd443f5ff6b9b9a38a084ed533ef47f42bf5867df5d6281df19515171a6a9 The package uuidvalidatorarabis was found to contain malicious code...
Malicious code in typescript-mock-data (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1a51f9143ac378f3ef81840f6858a902bd37449fa9b93b0999e021321ddafac The package typescript-mock-data was found to contain malicious code...
Malicious code in this-is-my-test-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d72a917ddcec635fc210d8767a9c289b6d43128c589de76fe7c0548da33878d2 The package this-is-my-test-package was found to contain malicious code...
Malicious code in stormbreaker-shade (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c845d690b6091601683bf61bdd858e5579c2fd4d33b770806b1bb113e9533f1 The package stormbreaker-shade was found to contain malicious code...
Malicious code in ssr-catalogue-sfcc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ffd2663232d7c5508f63c063736d09a7c1fdfefe9783f5941c9214f687df7fb The package ssr-catalogue-sfcc was found to contain malicious code...
MAL-2026-2391 Malicious code in ssr-catalogue-sfcc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ffd2663232d7c5508f63c063736d09a7c1fdfefe9783f5941c9214f687df7fb The package ssr-catalogue-sfcc was found to contain malicious code...
Malicious code in ssh-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d42bf2b2b77d94173694ed6e952fc5efb2d0de3b04f237f15ffa9470809a321e The package ssh-common was found to contain malicious code...
MAL-2026-2390 Malicious code in ssh-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d42bf2b2b77d94173694ed6e952fc5efb2d0de3b04f237f15ffa9470809a321e The package ssh-common was found to contain malicious code...
MAL-2026-2389 Malicious code in spectral-module (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b458f8a3676b73711c711d763768712cc0bf1f7fb7233a87fb8b5817b7c509c The package spectral-module was found to contain malicious code...
Malicious code in spectral-engine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6d45c9e6ca6d123deeb7d3bfb326dc818f76fb83f256dca70e650842b7cf7620 The package spectral-engine was found to contain malicious code...
Malicious code in securefiles-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e6eb158a4a31560fd7d020c4644db9f8795bf0049b5e15a5ab5cccea05e68ee The package securefiles-common was found to contain malicious code...