@3w5h/knowledge_query (=1.0.30), @3w5h/utils (>=1.0.0 <=1.0.7) +574 more potentially affected by CVE-2026-23965 via sm-crypto (>=0.0.9 <=0.3.8)

sm-crypto NPM version =0.0.9, =1.0.0, =0.1.0, =4.4.42, =0.0.2, =2.2.6, =2.2.6, =2.2.6, =2.3.10, =2.1.4, =2.2.6, =2.2.6, =2.2.6, =2.1.15, =2.3.9 and more Source cves: CVE-2026-23965 Source advisory: OSV:GHSA-HPWG-XG7M-3P6M...

Malicious code in zohocrm-nodejs-sdk-3.0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8667273dd1820eda9a1a67abda3359d484492251a23ee3bb7acb310721b92ed5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in jdevice-nodejs-sdk (npm)

The package jdevice-nodejs-sdk was found to contain malicious code...

Malicious code in marvin-nodejs-sdk (npm)

The package marvin-nodejs-sdk was found to contain malicious code...

MAL-2025-25978 Malicious code in marvin-nodejs-sdk (npm)

The package marvin-nodejs-sdk was found to contain malicious code...

MAL-2025-23718 Malicious code in jdevice-nodejs-sdk (npm)

The package jdevice-nodejs-sdk was found to contain malicious code...