EUVD-2025-140655

Malicious code in ksai-kaisom-olo npm...

EUVD-2025-140611

Malicious code in ksaki-kaisoim-olo npm...

MAL-2025-175653 Malicious code in ksaki-kaisoim-olo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7d735e5d22f9c03270a63e6b2200d84dd6c5f2620a73e466007bf761daff20f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious Package

Overview suncorp-olo-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

Upserve : OLO Total price manipulation using negative quantities

Manipulating an order request JSON object, containing an additional item with a negative quantity directly manipulates the total amount of the order. In the following JSON request, an order is submitted for 2 ChickenBurgers $12 each, as well as -1 BreadPuddings $9 each. The total price after tax...