Lucene search
K

834 matches found

OSV
OSV
added 2026/06/24 11:4 p.m.8 views

MAL-2026-6435 Malicious code in serverless-leo (npm)

The serverless-leo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.13 views

MAL-2026-6419 Malicious code in leo-cache (npm)

The leo-cache npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.4AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.8 views

MAL-2026-6424 Malicious code in leo-connector-mongo (npm)

The leo-connector-mongo npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/24 11:4 p.m.9 views

MAL-2026-6430 Malicious code in leo-sdk (npm)

The leo-sdk npm package was compromised as part of the Miasma worm campaign targeting the LeoPlatform npm ecosystem. On June 24, 2026, 20 LeoPlatform packages were published within a 3-second window by a threat actor who had taken over the npm account czirker belonging to the LeoPlatform...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 3:32 p.m.7 views

Malicious code in mjs-eslint-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f7e95cb81c6a1238d751c013def46001948b388083e0d91f7baa5077091ae006 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 11:8 a.m.7 views

MAL-2026-6054 Malicious code in @mastra/node-audio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/17 5:6 a.m.6 views

MAL-2026-6039 Malicious code in @mastra/temporal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214be711b41a8883e3252f0e9e41bc902d62da7650334b2efdc7424194989101 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:56 a.m.11 views

Malicious code in @mastra/nestjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cce4b38ce42c23095f722a3fd011dcd5070230e430bd5ef2be73c0eb943f79d The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 3:12 a.m.10 views

MAL-2026-5943 Malicious code in @mastra/datadog (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6becf49ea70ecc24e313fe6cd9f7a232df9465f3417b14de0f0002fcc170ab42 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/16 12:5 a.m.13 views

MAL-2026-5853 Malicious code in sp-api-dev-assistant-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18b5b59005300a7a8612a3bf36d3707df573ac722e94e52a3854844345d63745 Package contains only package.json and README.md, with the README explicitly stating it is a proof-of-concept squatting an unclaimed npm name that wa...

6.4AI score
Exploits0References2
OSV
OSV
added 2026/06/06 6:13 a.m.18 views

MAL-2026-5298 Malicious code in executor-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fee580000475783e657a2e66ca6a4a4bd4369aa0bc9f87152b003dca6f34848 executor-engine 0.3.4 ships a malicious site-packages.pth file executorengine-setup.pth that Python's site initialization auto-executes on every...

5.9AI score
Exploits0References7
OSV
OSV
added 2026/06/06 6:13 a.m.14 views

MAL-2026-5277 Malicious code in pantheon-toolsets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a3f2d24843d0caf23a36f07f7bd7b3adb7163463404856654f1745c7e75017be The wheel installs pantheontoolsets-setup.pth, which Python automatically executes at every interpreter startup before any user import. The.pth...

5.6AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in executable-stories-formatters (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector abf4dee9166e156fd18cdc223be5d4da38eaa0eda8b28f6fde07190bc5244fd0 No concrete installer-harm indicators were identified in this version of the package. No lifecycle hooks, hardcoded network destinations, credential...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in awaitly-mongo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f476f15bad689e2500c24cf2f416567759e5182689cc2cc301912ddfde02b1c4 No concrete installer-harm signals were identified in this package version. The package name suggests a MongoDB-related async helper, but no specific...

6.1AI score
Exploits0References27
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in @ethlete/core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 580c72aa7afc42653ec3679eeaa96ac10d9c389434355415542ac48a36c39b45 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.14 views

Malicious code in autotel-sentry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84599539075d0dc6b022b261b65d1926f5772707f817dbc50178b5538220e2aa The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in mountly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a392e66eff4da37e5adbd5288c1bb8da03c5348cfafacfa54aa113321e81dec5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-adapters (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e39e600baede93e3a5b493d603c5fe392c561544c95611960149ac4e7b99f98 No concrete installer-harm evidence was identified for [email protected]. No lifecycle-script droppers, hardcoded exfiltration endpoints,...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in @ethlete/theming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75c7098701bc178c6dfbb1ecd8b91772b728d73c29805f74775b6f2636b2d01d The package was found to contain malicious code or consuming dependency that contains malicious code Source: google-open-source-security...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.18 views

Malicious code in awaitly-libsql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b990b0b3ddf0eb2fbfe64fc70090459960085e3268df5cbdd1a86f958f69448e No concrete installer-harm signals were identified in this package version. The package name combines 'awaitly' and 'libsql' a well-known SQLite-fork...

6.1AI score
Exploits0References26
Rows per page
Query Builder