4309 matches found
EUVD-2025-137901
Malicious code in flights-lutuiog-adifagilo npm...
EUVD-2025-133471
Malicious code in teate-thy-sonic-bupha npm...
EUVD-2025-142808
Malicious code in buta-fs0boiuna-gaif npm...
MAL-2025-171991 Malicious code in walidcroissant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197384360f80de5c6b9028b5ea2a025db1f27c49811cf6b23300bd4edc3ee9de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
AZL-76323 CVE-2025-13042 affecting package nodejs24 24.13.0-3
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2025-123389
Malicious code in private-halley-nodejs-subscription npm...
EUVD-2025-114101
Malicious code in eleventy-nodejs-luna-adonis npm...
EUVD-2025-111831
Malicious code in leda-nodejs-nextjs-sirius npm...
EUVD-2025-111140
Malicious code in mini-css-extract-plugin-graphql-karma-nodejs npm...
EUVD-2025-121208
Malicious code in toml-nodejs-spinner-uglify-js npm...
Malicious code in aether-cygnus-nodejs-got (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 651479aa3db2b298e19b1bf6bdb357570bc6913f883187b5579d826660d52d9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122704
Malicious code in release-it-chai-framework-nodejs npm...
EUVD-2025-120278
Malicious code in xenon-nodejs-tethys-husky npm...
EUVD-2025-116050
Malicious code in blitz-nodejs-postcss-umbra npm...
EUVD-2025-124363
Malicious code in nodejs-cosmiconfig-mysql-xo npm...
Malicious code in testcafe-xenon-chakra-ui-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e267c663a12b26a567a3e6b07f7a2e36b7ae20b41b5d94b5f4b655fd5f09d444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122273
Malicious code in sails-javascript-nodejs-achernar npm...
EUVD-2025-121090
Malicious code in typeorm-bulma-optimize-css-assets-webpack-plugin-nodejs npm...
EUVD-2025-124359
Malicious code in nodejs-elektra-perseus-apollo npm...
EUVD-2025-115844
Malicious code in cache-aquarius-nodejs-middleware npm...