@0xwork/connect (>=0.1.0 <=0.1.7), @agentholdings/agent-passport (>=0.1.0 <=0.1.5) +21 more potentially affected by CVE-2026-42431 via openclaw (>=2026.3.22 <=2026.4.5)

openclaw NPM version =2026.3.22, =0.1.0, =0.1.0, =0.8.3, =0.1.0, =2026.3.25, =0.0.0, =27.2.5, =1.1.0, =2.1.3, =2026.3.24-3, =0.14.39, =0.1.0, =0.1.1, =0.2.18 and more Source cves: CVE-2026-42431 Source advisory: SNYK:JS-OPENCLAW-15989075...

-temp-electron-manager-somiibo (=0.0.200), 1ib (>=1.0.9 <=1.0.11) +12042 more potentially affected by CVE-2026-34601 via @xmldom/xmldom (>=0.9.0 <=0.9.8)

@xmldom/xmldom NPM version =0.9.0, =1.0.9, =0.1.2, =1.2.7, =0.2.0, =1.0.8, =0.0.1, =0.0.2, =0.1.3, =0.15.0-beta, =1.0.5, =0.3.31, =0.3.33 and more Source cves: CVE-2026-34601 Source advisory: SNYK:JS-XMLDOMXMLDOM-15869636...

@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +10 more potentially affected by CVE-2026-41299 via openclaw (>=2026.3.22 <=2026.3.24)

openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.15.0 Source cves: CVE-2026-41299 Source advisory: SNYK:JS-OPENCLAW-15865258...

2mxdev-gql-gateway (=1.0.0), 4m-node-server (>=0.0.1 <=0.0.8) +3174 more potentially affected by unknown CVE via apollo-server-core (>=1.3.2 <=3.13.0)

apollo-server-core NPM version =1.3.2, =0.0.1, =1.0.2, =0.0.80, =3.10.1, =1.2.0-pre.24, =1.0.1, =1.0.0, =1.0.0, =0.5.0, =1.0.0, =0.1.3, =0.1.0, =0.4.52, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-9Q82-XGWF-VJ6H...

4itech-schematics (>=11.3.0 <=11.7.0-5), @4itech/schematics (=11.7.0) +72 more potentially affected by CVE-2026-33671 via picomatch (=3.0.1)

picomatch NPM version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on picomatch and may be impacted: - 4itech-schematics =11.3.0, =10.0.0-alpha.1, =10.0.0-alpha.1, =10.0.0-alpha.1, =0.1700.0, =0.1700.0, =17.0.0, =0.1700.0, =17.0.0, =17.0.0,...

@0xgraph/cli (>=0.0.1 <=0.2.1), @7speck/logger (>=1.0.2 <=1.0.3) +792 more potentially affected by CVE-2026-33532 via yaml (>=1.0.0 <=1.10.2)

yaml NPM version =1.0.0, =0.0.1, =1.0.2, =1.0.1, =0.0.1, =0.0.0-nightly-20240619-f62ef04, =1.8.29, =1.0.0, =10.1.0, =8.0.4, =7.4.0, =1.0.0, =0.0.10, =4.1.16, =1.0.3, =0.6.6, =0.12.8 and more Source cves: CVE-2026-33532 Source advisory: OSV:GHSA-48C2-RRV3-QJMP...

@01.software/cli (>=0.1.1 <=0.2.0-dev.260310.cf511cb), @01.software/sdk (>=0.0.1-251008.90016 <=0.3.0) +384 more potentially affected by CVE-2026-1528 via undici (>=7.0.0 <=7.22.0)

undici NPM version =7.0.0, =0.1.1, =0.0.1-251008.90016, =0.0.6, =0.0.2, =0.0.33, =0.0.1, =1.0.0, =21.0.0, =21.0.0, =0.5.0, =1.0.1, =12.6.9, =13.0.0-alpha.4 and more Source cves: CVE-2026-1528 Source advisory: OSV:GHSA-F269-VFMQ-VJVJ...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 02_add_lodash (=1.0.0) +18536 more potentially affected by CVE-2026-32141 via flatted (>=0.2.3 <=3.3.4)

flatted NPM version =0.2.3, =1.0.1, =1.0.0, =0.1.0, =1.0.1, =0.1.0, =0.1.2, =0.0.2, =0.0.36 - 6o-vsamaru =1.0.0 and more Source cves: CVE-2026-32141 Source advisory: OSV:GHSA-25H7-PFQ9-P65F...

02strich-markdown (>=1.0.0 <=1.0.2), @0xintuition/slang-cli (>=0.0.1 <=0.0.8) +1948 more potentially affected by CVE-2026-27903 via minimatch (>=4.1.1 <=4.2.4)

minimatch NPM version =4.1.1, =1.0.0, =0.0.1, =0.5.2, =5.0.2, =2.2.0, =1.1.4, =1.3.1, =1.0.0, =0.0.2-alpha-20220914223128-d706aab, =0.0.2-alpha-20220915073207-1bb0680, =0.0.2-alpha-20220914223128-d706aab, =1.1.8, =1.0.0, =1.5.0 and more Source cves: CVE-2026-27903 Source advisory:...

@10xsai/cloudflare-router-nx-plugin (=1.0.0), @24hr/content-next (>=1.0.0 <=3.0.17) +1048 more potentially affected by CVE-2026-27959 via koa (>=2.0.0-alpha.3 <=2.16.3)

koa NPM version =2.0.0-alpha.3, =1.0.0, =0.0.4, =3.10.1, =3.7.0, =0.0.1, =0.2.9, =4.25.19-patch.1, =0.0.1, =0.0.1, =0.0.50, =0.0.7, =0.0.94 - @asmv/koa =0.1.0-draft and more Source cves: CVE-2026-27959 Source advisory: SNYK:JS-KOA-15353398...

@activeboxes/piece-sftp (=0.2.6), @activepieces/piece-apify (=0.2.1) +184 more potentially affected by CVE-2026-27699 via basic-ftp (>=2.16.0 <=5.1.0)

basic-ftp NPM version =2.16.0, =0.2.6, =0.2.0, =0.7.0, =0.3.0, =3.0.0, =1.0.0, =1.1.0, =2.0.0, =1.0.0, =1.1.0, =1.0.0, =1.5.1 - @digitranslab/piece-sftp =0.2.6 and more Source cves: CVE-2026-27699 Source advisory: OSV:GHSA-5RQ4-664W-9X2C...

@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.8), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +1101 more potentially affected by CVE-2026-26278 via fast-xml-parser (>=5.0.1 <=5.3.5)

fast-xml-parser NPM version =5.0.1, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.6.22 and more Source cves: CVE-2026-26278 Source advisory: OSV:GHSA-JMR7-XGP7-CMFJ...

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @agimon-ai/browse-tool (>=0.2.0 <=0.5.5) +152 more potentially affected by CVE-2026-24771 via hono (>=4.0.0 <=4.11.6)

hono NPM version =4.0.0, =0.1.8-fix.3, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.0.1, =1.7.2, =1.7.1, =0.2.1, =0.6.1, =0.5.2, =1.0.1-beta.0, =1.0.2, =1.0.0, =1.0.1 and more Source cves: CVE-2026-24771 Source advisory: SNYK:JS-HONO-15123927...

@3onedata/alsatian (>=0.1.8-fix.3 <=0.1.8-fix.5), @abyedev/hono-dotenv (=1.0.0) +441 more potentially affected by CVE-2026-24398 via hono (>=0.5.10 <=4.11.6)

hono NPM version =0.5.10, =0.1.8-fix.3, =5.0.0, =0.2.0, =0.2.0, =0.4.0, =0.2.0, =0.1.1, =0.0.1, =0.0.2-a, =0.1.22, =1.1.1, =0.0.1, =1.7.2, =1.7.1, =1.8.0 and more Source cves: CVE-2026-24398 Source advisory: OSV:GHSA-R354-F388-2FHH...

@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @node-wot/cli (=0.9.2) +12 more potentially affected by CVE-2026-22709 via vm2 (>=3.0.0 <=3.10.1)

vm2 NPM version =3.0.0, =0.1.0, =0.1.64, =0.1.61, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.66.16, =1.68.8 Source cves: CVE-2026-22709 Source advisory: SNYK:JS-VM2-15116160...

@astrojs/cloudflare (=0.4.0), @cfpreview/pages-e2e-test-runner-cli (>=0.0.1 <=0.0.8) +20 more potentially affected by CVE-2026-0933 via wrangler (>=2.0.23 <=3.114.1)

wrangler NPM version =2.0.23, =0.0.1, =1.0.387, =0.5.41, =2.1.0, =0.0.0-next-20230221055802, =1.0.0, =0.0.3, =0.0.47, =1.0.0, =1.0.0, =0.1.1, =0.1.106 and more Source cves: CVE-2026-0933 Source advisory: SNYK:JS-WRANGLER-15046269...

0utmailauth (=1.0.0), 0xsodium (>=0.2.0 <=0.14.0) +13689 more potentially affected by CVE-2026-22036 via undici (>=0.3.3 <=6.22.0)

undici NPM version =0.3.3, =0.2.0, =1.0.0, =0.2.0, =0.1.0, =0.0.1, =1.0.21, =1.0.1, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-22036 Source advisory: OSV:GHSA-G9MF-H72J-4RW9...

Discord Controlled NodeCordRAT Steals Chrome Data via NPM Packages

Zscaler ThreatLabz identifies three malicious NPM packages mimicking Bitcoin libraries. The NodeCordRAT virus uses Discord commands to exfiltrate MetaMask data and Chrome passwords...

@voiceflow/alexa-types (>=1.1.3 <=1.49.0), @voiceflow/api-sdk (>=1.0.0 <=1.31.6) +6 more potentially affected by unknown CVE via @voiceflow/pino-pretty (>=4.3.0 <=4.4.0)

@voiceflow/pino-pretty NPM version =4.3.0, =1.1.3, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =1.4.2, =1.10.2, =1.0.0, =1.17.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191365...

MAL-2025-191273 Malicious code in @oku-ui/separator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56b737a01a45b68e312a6864869538663927b97e9662c9e4e885d24a464fff51 The package @oku-ui/separator was found to contain malicious code. Source: google-open-source-security...