Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in autotel-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9012c3503081f1a635cdffe1f65697c6df9181cedcd9e72c01338101f9f8e4c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.9 views

MAL-2026-5267 Malicious code in wrangler-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/16 5:0 a.m.7 views

CVE-2025-4759

Versions of the package lockfile-lint-api before 5.9.2 are vulnerable to Incorrect Behavior Order: Early Validation via the resolved attribute of the package URL validation which can be bypassed by extending the package name allowing an attacker to install other npm packages than the intended one...

8.3CVSS8.3AI score0.00352EPSS
Exploits1References5
OSV
OSV
added 2024/08/28 1:6 a.m.8 views

MAL-2024-8055 Malicious code in @point-frontend-library/oc-skeleton (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 867fa30cf4c4d1d98af1738636c8a44201455009519d75ee02045676d69c74ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder