Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/24 3:58 a.m.11 views

Malicious code in rollup-runtime-polyfill-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...

6.3AI score
Exploits0References4
OSV
OSV
added 2026/06/24 3:58 a.m.20 views

MAL-2026-6372 Malicious code in rollup-runtime-polyfill-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90dc8536f81ef2ffbd391877bbe1eefbefc900081ef6eaa9848548177c233167 Package name mimics the legitimate rollup-plugin-polyfill-node and copies its source the repository field in package.json points to...

6.3AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 4:37 p.m.12 views

Malicious code in quirky-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b263413912feb72882ee0b52e7025c636ed98472ba90e6db4714b3b111b4e2e8 The package is advertised as an SVG sanitizer but exposes an undocumented getPlugin export whose returned function fetches JSON from...

6AI score
Exploits0References4
OSV
OSV
added 2026/06/17 4:37 p.m.9 views

MAL-2026-6066 Malicious code in quirky-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b263413912feb72882ee0b52e7025c636ed98472ba90e6db4714b3b111b4e2e8 The package is advertised as an SVG sanitizer but exposes an undocumented getPlugin export whose returned function fetches JSON from...

6AI score
Exploits0References4
Rows per page
Query Builder