233 matches found
EUVD-2025-60015
Malicious code in dono-teh59-sluey npm...
EUVD-2025-46063
Malicious code in obligedshrewz3n npm...
EUVD-2025-45828
Malicious code in patria-toge18-sukiwir npm...
MAL-2025-59341 Malicious code in vina-miebogor27-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a75e2a47d4cd25ec9bc548fb7920539e91e87de0841cf271b94640ef3888bf77 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-48432
Malicious code in cici-kue63-sukiwir npm...
MAL-2025-57825 Malicious code in nina-mangut55-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4b0f91457c1007b8577ec54f2357d82e5e7f0bf7af2c7728e4eee9508d267fcd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in joko-takokak71-pore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5242f4bad2527fcdd593e09e1516143c385b4b8f7b5ac369f9a4f4a1093800de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-41573
Malicious code in bella-gepuk73-riris npm...
MAL-2025-49541 Malicious code in zul-keripik16-apidev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 327007e434ebbc070e76832bdbf0c269d6e92ccc5f8bf95b05b50a1f18327509 The package zul-keripik16-apidev was found to contain malicious code...
EUVD-2025-34231
Mailgen has HTML Injection and XSS Filter Bypass in Plaintext Emails...
CVE-2025-62366
mailgen is a Node.js package that generates responsive HTML e-mails for sending transactional mail. Mailgen versions through 2.0.30 contain an HTML injection vulnerability in plaintext emails produced by the generatePlaintext method when user‑generated content is supplied. The function attempts t...
Malicious code in redirect-j8m62u (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2a45464226511d36e1577cefa67e4d6eeabc65682d19be60c094416acaeb3d94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 007-nodejs (>=2.5.0 <=2.5.3) +46459 more potentially affected by CVE-2024-29415 +1 more via ip (>=0.0.1 <=2.0.1)
ip NPM version =0.0.1, =1.0.1, =2.5.0, =2.5.3 - 0726react =0.1.1 - 0me.sh =0.1.15 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...
GHSA-GCF6-VGCR-474F vulnerabilities
Vulnerabilities for packages: nodejs...
Malicious code in kssd-vol2-rev (npm)
The package kssd-vol2-rev was found to contain malicious code...
MAL-2025-43676 Malicious code in bulma-nodejs-achernar-farout (npm)
The package bulma-nodejs-achernar-farout was found to contain malicious code...
MAL-2025-46278 Malicious code in test-mlw2-borde-reest-lazed-cocas (npm)
The package test-mlw2-borde-reest-lazed-cocas was found to contain malicious code...
MAL-2025-42186 Malicious code in @amiga-fwk-nodejs/metrics (npm)
The package @amiga-fwk-nodejs/metrics was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2021-42740
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The shell-quote package before 1.7.3 for Node.js allows command injection. An attacker can inject unescaped shell metacharacters through a regex designed to...
MAL-2025-12779 Malicious code in @zalastax/nolb-nodejsw (npm)
The package @zalastax/nolb-nodejsw was found to contain malicious code...