12 matches found
Malicious code in weavedb-console (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cb1233d729c7aefcbe9024196bb4af52f78854aa5ed7f46afb4fa9cd59918c1 package.json declares "preinstall": "./src/compiler/native", which auto-executes a 976 KB stripped Linux ELF binary on every npm install. The binary ...
Malicious code in weavedb-sdk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b4b0c5f79c0370a77c3b559b70389ffee591aa22c76ca15c4077fe95b5078e package.json declares "preinstall": "./bin/install-deps", pointing at a 976KB packed Linux x86-64 ELF binary shipped in the tarball sha256...
MAL-2026-4483 Malicious code in arnext-arkb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87f9eda6644870362103de6f3bf1877efb1039c4b2b771343bcf6c38f216ecc0 package.json declares "preinstall": "./bin/install-deps", which points at a 976,568-byte Linux x86-64 ELF executable shipped in the tarball with no...
Malicious code in arnext-arkb (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87f9eda6644870362103de6f3bf1877efb1039c4b2b771343bcf6c38f216ecc0 package.json declares "preinstall": "./bin/install-deps", which points at a 976,568-byte Linux x86-64 ELF executable shipped in the tarball with no...
MAL-2026-4482 Malicious code in arnext (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d689a27b5cc929562b684a7181549d3770de331a9f57120881d8060294b6e5f package.json declares "preinstall": "./vendor/setup", which runs a 976,568-byte Linux ELF binary on every npm install. The package's stated purpose i...
MAL-2026-4476 Malicious code in ai3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83540d952123c5d1199bbec1a72d0c4c49c428f309b9d68df45e307b852000a7 package.json declares "preinstall": "./.github/scripts/precheck", which points at a 976,568-byte precompiled Linux ELF x86-64 binary shipped inside t...
MAL-2026-4546 Malicious code in cwao-units (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f3ce7490e9a811444c5493ebb6d968f9dd7879d7695f330e101cf5b158fedf package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976,568-byte Linux x86-64 ELF binary shipped in the tarball...
MAL-2026-4713 Malicious code in wdb-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...
Malicious code in weavedb-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25ff456baf684075b65ecf808bbfe36cbf91811fb4b04b70c13a3dd9d8a9403 package.json declares "preinstall": "./tools/setup", where tools/setup is a 976KB stripped Linux x86-64 ELF binary sha256...
MAL-2026-4723 Malicious code in weavedb-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c25ff456baf684075b65ecf808bbfe36cbf91811fb4b04b70c13a3dd9d8a9403 package.json declares "preinstall": "./tools/setup", where tools/setup is a 976KB stripped Linux x86-64 ELF binary sha256...
Malicious code in weavedb-node-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d174728fc7469b023ece1980797185c35abd74c56e253bc1dc1b295a46a1dbd2 package.json declares "preinstall": "./tools/setup", unconditionally executing a 976KB UPX-packed, stripped Linux x86 ELF on every npm install. The...
Malicious code in weavedb-sdk-node (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e557cd0501bb17925a19c5d3525fdf18f286b21750a44c0164eb7e165f55d9 package.json declares "preinstall": "./dist/runtime.node", causing npm to execute a 976 KB packed binary on every install. The file uses the .node...