MAL-2025-142845 Malicious code in gatsby-miranda-iota-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddb652e8edd6e45f3edc03a5a3cdc6e3175c55ad095fa5a223aaf9e27be71c84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-38224

Malicious code in xss-payload-all npm...

@ainsleydev/payload-helper (>=0.0.3 <=0.0.32), @anjy7/navbar-cms (=0.0.5) +19 more potentially affected by CVE-2025-4643 via payload (>=3.0.0-alpha.46 <=3.35.1)

payload NPM version =3.0.0-alpha.46, =0.0.3, =0.1.0, =1.0.0, =1.0.0, =0.2.0, =3.1.1, =0.1.4, =1.0.0, =0.0.5, =0.0.1, =0.0.9-alpha.5, =0.0.5, =1.0.3 and more Source cves: CVE-2025-4643 Source advisory: SNYK:JS-PAYLOAD-12239898...

CVE-2025-4644

A Session Fixation vulnerability existed in Payload's SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token JWT, and then delete the account, which did not invalidate the JWT. As a result, the next newly created us...

CVE-2025-4643

Payload uses JSON Web Tokens JWT for authentication. After log out JWT is not invalidated, which allows an attacker who has stolen or intercepted token to freely reuse it until expiration date which is by default set to 2 hours, but can be changed. This issue has been fixed in version 3.44.0 of...

CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary e.g., frwlsvc.exe bypasses firewall filters...