33 matches found
Malicious code in create-react-app-lambda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dce198bea6270ee06edafb853bcde3e517778beca89073512ee6d6cf1da2304 The package create-react-app-lambda was found to contain malicious code. Source: ghsa-malware...
MAL-2026-132 Malicious code in create-react-app-lambda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8dce198bea6270ee06edafb853bcde3e517778beca89073512ee6d6cf1da2304 The package create-react-app-lambda was found to contain malicious code. Source: ghsa-malware...
ExploitForge
Getting Started with Create React App This project was bootst...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
MAL-2025-190702 Malicious code in trigo-react-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b342d6dbb3287df2002c455ce23553f3aa118b46e447741fa840397425741076 The package trigo-react-app was found to contain malicious code. Source: ghsa-malware 11f63c9b322a04a69d7c2c875302dfe971081157a6ea2c3360e65c5e4f9f5a9...
EUVD-2025-198665
Malicious code in trigo-react-app npm...
Malicious code in trigo-react-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b342d6dbb3287df2002c455ce23553f3aa118b46e447741fa840397425741076 The package trigo-react-app was found to contain malicious code. Source: ghsa-malware 11f63c9b322a04a69d7c2c875302dfe971081157a6ea2c3360e65c5e4f9f5a9...
Malicious code in ketcher-react-app (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in spark-webpack-react-app (npm)
The package spark-webpack-react-app was found to contain malicious code...
MAL-2025-46117 Malicious code in spark-webpack-react-app (npm)
The package spark-webpack-react-app was found to contain malicious code...
Malicious code in @viihdeonline/react-app (npm)
The package @viihdeonline/react-app was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
MAL-2025-14091 Malicious code in adform-react-app-core (npm)
The package adform-react-app-core was found to contain malicious code...
MAL-2025-9593 Malicious code in @viihdeonline/react-app (npm)
The package @viihdeonline/react-app was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...
10by10-react-app (=1.2.1), 192.168.0.172 (=4.6.1) +13992 more potentially affected by CVE-2025-7339 via on-headers (>=0.0.0 <=1.0.2)
on-headers NPM version =0.0.0, =1.0.2, =1.0.0, =0.30.0, =0.2.0, =0.0.28, =4.11.0, =4.11.46 and more Source cves: CVE-2025-7339 Source advisory: OSV:GHSA-76C9-3JPH-RJ3Q...
MAL-2025-3706 Malicious code in @igain/react-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92a7ea271ab926399063ffd4583f6b66fab6f3350920ca611701719de8f9356e Any computer that has this package installed or running should be considered...
Malicious code in @igain/react-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92a7ea271ab926399063ffd4583f6b66fab6f3350920ca611701719de8f9356e Any computer that has this package installed or running should be considered...
Malicious code in bastion-react-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b653fe85132d2b38f6455a8b98a9d59deccd8982eaf7c9e13d97d1037dbc6a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2242 Malicious code in bastion-react-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b653fe85132d2b38f6455a8b98a9d59deccd8982eaf7c9e13d97d1037dbc6a4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1525 Malicious code in metamask-sdk-create-react-app (npm)
This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed98a81fafea025740493667412dfaf8dd28cd12988fabdf1118a1765a12733d Any computer that has this package install...
Malicious code in composed-react-app (npm)
--- -= Per source details. Do not edit below this line.=-...