55 matches found
CVE-2026-55745
CVE-2026-55745 affects Cotonti 1.0.0 (master, commit f43f1fc3) in the Personal File Storage (PFS) module. The vulnerability arises in modules/pfs/inc/pfs.editfolder.php, where the folder update action (a=update) updates metadata (title, description, public/gallery flags) without calling cot_check...
Malicious code in kastra-oberon-spectroscopy-mocha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2e7279e1ca549eb0a3e63cb167e9feb16a51f1dedbbf158bf38ddbc2b169e23 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lobac-ub-jafgfbaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df8f2989bd2842c5d5b5f595da4d2352d495c7eb45e6f68a2d53a7519b9e7d15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in miands-nutayu-esnuru (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a20564bff3bce1aab4d4b3c72e7a7860221d435a56bf7e3ec7a11cb797c2a15d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tray-uozp-pesustr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1b28262066c56edaa307aa7a2bc6de11f88076674b1fa2a82b9cf085131fae9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-176669 Malicious code in nuilva-bavaim-madiaavo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce711a72e55145afd9763da28c1063e8958df6dcd5ce43da1caf2af6dd8c87ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-174762 Malicious code in hokage-26 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fa9f48421c4eec67b22b732ece1ea5af0a336ae90bbdc52a3c3f46d6a9e87d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kuinsu-lki-kopimi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfcdb4f79fbb338be1ca765d9d562356281c85f1a1d0c00113563177a260d29b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168509 Malicious code in tealove-nice30 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b2011c03c4bdd44b93af8e5c82200ebc2e267a7aa2d9f92aa94fe7245510b59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-163843 Malicious code in nudl-rae-naha (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 868d438a6a4fff0265310065e254eb81ea70082270819dbfc9ae83ca166d16ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-162573 Malicious code in nokire-genji8 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f68c204dcdc78ecf8f1cb934835846153e514929310c85a8681f29632490b4ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164722 Malicious code in rino-poke73 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5962d9332e4fa5a8b253ebe07ede19617c2a949aa20cb4df6da9d1a947807768 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-168418 Malicious code in tealove-nameka35 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e193639705257453b2f2fcbc6f6facbbb26edac11db43b1efe2f3abe14cdadc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-169931 Malicious code in uinsu-lost-dauku (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4d013f725492839ee5e7e57ea4f286f1dfae355aa14ae2e525646b7824f52a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-161913 Malicious code in nasrul-poke25 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e5ff90478af98dbce70c11c0dafb90c7e20f7de05daf43dfe362f9fc027e3130 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-166862 Malicious code in teagood-cuekin92 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 735ff2d7b82f0f0e6d53d362ae561ad6269ffc94207453fd930ee50cfc86e66e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-159236 Malicious code in makan-ioamoa-iuai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a19ab1a9b3be874e2b91633655f6c17299c518364bd421af85002d75ca00315 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-150523 Malicious code in @miptaa02/asdfzdy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caf73f336c1dd1acf4313987d10f1c94158e835135681909189fe38b66e33927 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-161708 Malicious code in nabuf-otomin-nosuadfaju (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9444bfcb11a4b1e462c58b37487dcebf1b3de3e4f3a0bc4694e3518e32a53b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-162666 Malicious code in nokire-kilua73 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e5162173c970d05e96a514355cfc149b89e86b56fd7a88d5d94249c2a59ea33 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...