20 matches found
MAL-2026-424 Malicious code in plugin-react-swc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197cedd065670a6a39b4401d52b2a636d5ff18f26c378b571770286a807ec467 The package plugin-react-swc was found to contain malicious code. Source: ghsa-malware cba9afea98505469e9b9f36095ab566e5cd857b54255290d9defa67c40c62a...
EUVD-2026-3724
Malicious code in plugin-react-swc npm...
Malicious code in plugin-react-swc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 197cedd065670a6a39b4401d52b2a636d5ff18f26c378b571770286a807ec467 The package plugin-react-swc was found to contain malicious code. Source: ghsa-malware cba9afea98505469e9b9f36095ab566e5cd857b54255290d9defa67c40c62a...
Malicious Package
Overview plugin-react-swc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2025-68155
creationtimestamp| type| source ---|---|--- 2025-12-16 09:11:25+00:00| published-proof-of-concept| https://github.com/vitejs/vite-plugin-react/security/advisories/GHSA-g239-q96q-x4qm...
Vite Plugin React 安全漏洞
Vite Plugin React is an open source plugin for Vite. A security vulnerability exists in Vite Plugin React versions prior to 0.5.8 that stems from an arbitrary file read vulnerability in the /viterscfindSourceMapURL endpoint...
EUVD-2025-203104
Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components...
GHSA-C6M7-Q6PR-C64R Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components
Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...
Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components
Impact @vitejs/plugin-rsc vendors react-server-dom-webpack, which contained a vulnerability in versions prior to 19.2.3. See details in React repository's advisory https://github.com/facebook/react/security/advisories/GHSA-925w-6v3x-g4j4 Patches Upgrade immediately to @vitejs/[email protected] or...
EUVD-2025-203105
Vite Plugin React has a Denial of Service Vulnerability in React Server Components...
Vite Plugin React 代码注入漏洞
Vite Plugin React is an open source plugin for Vite. A code injection vulnerability exists in Vite Plugin React 0.5.5 and earlier versions, which stems from an insecure dynamic import in the Server Functions API that could lead to remote code execution...
MAL-2025-38715 Malicious code in vvite-plugin-react-ping (npm)
The package vvite-plugin-react-ping was found to contain malicious code...
MAL-2025-6247 Malicious code in vitejs-plugin-react-refresh (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1686bc018b42cf0146c11ecc1796ef7bad5ed0bb6b07eae4ceffd65b35f36255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @shadowmonarchx/eslint_plugin_react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68a575ed67cd813fc81aec32ae29e2e8672e85158eebc9e3a07face9ed576247 Any computer that has this package installed or running should be considered...
Malicious code in bugsnag-plugin-react (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-5805 Malicious code in bugsnag-plugin-react (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-5234 Malicious code in plugin-react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e88cbf7f87087cbc6dda9545bd987ae79997a0d8812613ac393f517941eb83e Any computer that has this package installed or running should be considered...
Malicious code in plugin-react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e88cbf7f87087cbc6dda9545bd987ae79997a0d8812613ac393f517941eb83e Any computer that has this package installed or running should be considered...
Malicious code in plugin-react-hooks (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious Package
Overview plugin-react-hooks is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packag...