Lucene search
K

16 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/18 12:25 p.m.7 views

Malicious code in @emerald-react/chat-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/18 12:25 p.m.4 views

MAL-2026-1602 Malicious code in @emerald-react/chat-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d0a6cbe19a31d336779d3e0975557852cb92372627904ed87950dfe35b67410 The package @emerald-react/chat-bot was found to contain malicious code...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.8 views

Malicious code in @voiceflow/react-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7450440b7c3368ef719fcfa9511d7984fc38ed8b5279f4e49f414f588446915e The package @voiceflow/react-chat was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/25 12:16 a.m.4 views

EUVD-2025-199395

Malicious code in @voiceflow/react-chat npm...

6.6AI score
Exploits0References3
OSV
OSV
added 2025/11/25 12:16 a.m.4 views

MAL-2025-191367 Malicious code in @voiceflow/react-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7450440b7c3368ef719fcfa9511d7984fc38ed8b5279f4e49f414f588446915e The package @voiceflow/react-chat was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.7 views

@voiceflow/react-chat (>=1.0.0 <=2.62.4) potentially affected by unknown CVE via @voiceflow/sdk-runtime (>=1.10.0 <=1.3.4)

@voiceflow/sdk-runtime NPM version =1.10.0, =1.0.0, =2.62.4 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWSDKRUNTIME-14103432...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.6 views

@voiceflow/react-chat (>=1.0.3 <=2.62.4), @voiceflow/widget (>=1.0.3 <=1.7.13) potentially affected by unknown CVE via @voiceflow/slate-serializer (>=1.1.6 <=1.5.5)

@voiceflow/slate-serializer NPM version =1.1.6, =1.0.3, =1.0.3, =1.7.13 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWSLATESERIALIZER-14103436...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.10 views

@voiceflow/alexa-types (>=2.14.43 <=2.15.62), @voiceflow/google-dfes-types (>=2.0.0 <=2.17.14) +3 more potentially affected by unknown CVE via @voiceflow/voiceflow-types (>=3.20.20 <=3.32.44)

@voiceflow/voiceflow-types NPM version =3.20.20, =2.14.43, =2.0.0, =2.20.44, =1.27.1, =1.0.5, =1.7.13 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWVOICEFLOWTYPES-14103448...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.6 views

@voiceflow/react-chat (>=1.59.4 <=1.65.2) potentially affected by unknown CVE via @voiceflow/stitches-react (=2.3.1)

@voiceflow/stitches-react NPM version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on @voiceflow/stitches-react and may be impacted: - @voiceflow/react-chat =1.59.4, =1.65.2 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.7 views

@voiceflow/react-chat (>=1.59.4 <=2.62.4), @voiceflow/sdk-runtime (>=1.18.1 <=1.29.0-alpha.1) potentially affected by unknown CVE via @voiceflow/dtos-interact (>=1.10.0 <=1.26.0)

@voiceflow/dtos-interact NPM version =1.10.0, =1.59.4, =1.18.1, =1.29.0-alpha.1 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWDTOSINTERACT-14103405...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.8 views

@voiceflow/alexa-types (>=2.15.0 <=2.15.62), @voiceflow/google-dfes-types (>=2.17.0 <=2.17.7) +3 more potentially affected by unknown CVE via @voiceflow/voice-types (>=2.10.0 <=2.10.57)

@voiceflow/voice-types NPM version =2.10.0, =2.15.0, =2.17.0, =2.21.0, =1.60.2, =3.30.0, =3.32.47 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWVOICETYPES-14103447...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.7 views

@voiceflow/alexa-types (>=2.14.43 <=2.15.62), @voiceflow/api-sdk (>=3.27.18 <=3.28.60) +7 more potentially affected by unknown CVE via @voiceflow/base-types (>=2.100.1 <=2.136.1)

@voiceflow/base-types NPM version =2.100.1, =2.14.43, =3.27.18, =2.13.92, =2.0.0, =2.20.44, =1.60.0, =1.8.0, =2.9.71, =3.26.33, =3.32.47 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWBASETYPES-14103397...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.8 views

@voiceflow/widget (>=1.0.3 <=1.7.13) potentially affected by unknown CVE via @voiceflow/react-chat (>=1.0.3 <=1.47.4)

@voiceflow/react-chat NPM version =1.0.3, =1.0.3, =1.7.13 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWREACTCHAT-14103429...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/15 12:58 p.m.4 views

Malicious code in old-react-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0ae29d9cb582d5c0be810adbab5c88a3409a65d0d94034301910bb1c735e2c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/05/15 12:58 p.m.3 views

MAL-2025-3847 Malicious code in old-react-chat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d0ae29d9cb582d5c0be810adbab5c88a3409a65d0d94034301910bb1c735e2c6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2021/12/01 6:29 p.m.3 views

react-chat-widget-all-dream (>=2.1.6 <=2.3.1) potentially affected by CVE-2021-43785 via @joeattardi/emoji-button (=2.12.1)

@joeattardi/emoji-button NPM version =2.12.1 is affected by a known vulnerability. The following packages have a transitive dependency on @joeattardi/emoji-button and may be impacted: - react-chat-widget-all-dream =2.1.6, =2.3.1 Source cves: CVE-2021-43785 Source advisory: OSV:GHSA-F34M-X9PJ-62VQ...

7.6CVSS6.7AI score0.01014EPSS
Exploits0
Rows per page
Query Builder