Lucene search
+L

24 matches found

veracode
veracode
added 2025/10/22 3:18 a.m.11 views

Malware Injection

prebid-universal-creative is vulnerable to malware injection. The vulnerability is due to the inclusion of crypto-related malicious code and the latest release, which allows an attacker to execute unauthorized cryptocurrency-related operations on affected systems...

9.3CVSS7.5AI score0.00312EPSS
Exploits0References4Affected Software1
euvd
euvd
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-27597

Malicious code in bioql PyPI...

9.3CVSS6.4AI score0.00312EPSS
Exploits0References3
redhatcve
redhatcve
added 2025/09/11 11:24 p.m.16 views

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS6.8AI score0.00312EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/09/11 10:23 p.m.3 views

CVE-2025-59038

Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 may have been briefly compromised by a malware campaign. The malicious code attempts to redirect crypto transactions on the site to the attackers' wallet. Version 10.10.0 fix...

8.6CVSS7.1AI score0.00324EPSS
Exploits0References1
snyk
snyk
added 2025/09/11 2:24 p.m.1 views

Embedded Malicious Code

Overview prebid-universal-creative is a javascript api to render multiple formats. This file is inserted into the prebid creative as a placeholder for the winning prebid creative. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious...

9.8CVSS6.8AI score0.00312EPSS
Exploits0References2
osv
osv
added 2025/09/11 2:24 p.m.80 views

GHSA-M662-56RJ-8FMM Prebid-universal-creative latest on npm briefly compromised

Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular jsdelivr hosting of this file. Patches We unpublished the version on npm. Workarounds This has already been unpublished. See Prebid.js ...

9.3CVSS6.8AI score0.00312EPSS
Exploits0References4
github
github
added 2025/09/11 2:24 p.m.10 views

Prebid-universal-creative latest on npm briefly compromised

Impact Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware detailed in the blog post below. This includes the extremely popular jsdelivr hosting of this file. Patches We unpublished the version on npm. Workarounds This has already been unpublished. See Prebid.js ...

9.3CVSS6.8AI score0.00312EPSS
Exploits0References4Affected Software1
ossf
ossf
added 2025/09/11 3:58 a.m.4 views

Malicious code in prebid-universal-creative (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28a458913f2a945444606a3dd030b993b23a6388274a01a2ecdea26478e1b1d9 This package was compromised and malicious code added as part of a phishing campaign...

7.2AI score
Exploits0References3
osv
osv
added 2025/09/11 3:58 a.m.5 views

MAL-2025-47026 Malicious code in prebid (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 14e7380eb0ee7e6be1b7896f1a961c6f7282199fcce42017c4003fc73695ee52 This package was compromised and malicious code added as part of a phishing campaign...

7.2AI score
Exploits0References5
osv
osv
added 2025/09/11 3:58 a.m.2 views

MAL-2025-47027 Malicious code in prebid-universal-creative (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28a458913f2a945444606a3dd030b993b23a6388274a01a2ecdea26478e1b1d9 This package was compromised and malicious code added as part of a phishing campaign...

7.2AI score
Exploits0References3
ossf
ossf
added 2025/09/11 3:58 a.m.4 views

Malicious code in prebid (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 14e7380eb0ee7e6be1b7896f1a961c6f7282199fcce42017c4003fc73695ee52 This package was compromised and malicious code added as part of a phishing campaign...

7.2AI score
Exploits0References5
nvd
nvd
added 2025/09/09 11:15 p.m.64 views

CVE-2025-59039

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS0.00312EPSS
Exploits0References2
osv
osv
added 2025/09/09 10:23 p.m.16 views

CVE-2025-59039 Prebid Universal Creative on npm briefly compromised

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS6.8AI score0.00312EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2025/09/09 10:23 p.m.2 views

CVE-2025-59039 Prebid Universal Creative on npm briefly compromised

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS6.2AI score0.00312EPSS
Exploits0References2
cve
cve
added 2025/09/09 10:23 p.m.39 views

CVE-2025-59039

The CVE-2025-59039 incident concerns Prebid Universal Creative (PUC), a JavaScript API used to render multiple formats. NPM users of PUC 1.17.3 or the latest release were briefly affected by crypto-related malware, including via the popular jsDelivr hosting of the PUC file. In response, maintaine...

9.3CVSS6.4AI score0.00312EPSS
Exploits0References2
cvelist
cvelist
added 2025/09/09 10:23 p.m.59 views

CVE-2025-59039 Prebid Universal Creative on npm briefly compromised

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS0.00312EPSS
Exploits0References2
osv
osv
added 2025/09/09 10:17 p.m.4 views

CVE-2025-59038 Prebid.js NPM package briefly compromised

Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 may have been briefly compromised by a malware campaign. The malicious code attempts to redirect crypto transactions on the site to the attackers' wallet. Version 10.10.0 fix...

8.6CVSS7.1AI score0.00324EPSS
Exploits0References4
cnnvd
cnnvd
added 2025/09/09 12:0 a.m.5 views

Prebid Universal Creative 安全漏洞

Prebid Universal Creative is an interface software from Prebid Open Source. A security vulnerability exists in Prebid Universal Creative version 1.17.3, which stems from malicious code being planted in npm packages that could interfere with cryptocurrency transactions...

9.3CVSS6.7AI score0.00312EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/09/09 12:0 a.m.11 views

PT-2025-36996

Name of the Vulnerable Software and Affected Versions: Prebid Universal Creative PUC versions 1.17.3 and latest Description: Prebid Universal Creative PUC is a JavaScript API used to render multiple formats. Npm users of PUC were briefly affected by crypto-related malware. Recommendations:...

9.3CVSS6.5AI score0.00312EPSS
Exploits0References6
snyk
snyk
added 2025/09/08 2:26 p.m.3 views

Embedded Malicious Code

Overview prebid-universal-creative is a javascript api to render multiple formats. This file is inserted into the prebid creative as a placeholder for the winning prebid creative. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious...

9.8CVSS7.1AI score
Exploits0References2
Rows per page
Query Builder