MAL-2026-4079 Malicious code in @antv/s2-react-components (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@lingxiteam/editor (>=3.5.1-alpha.3 <=3.5.1-alpha.5), @nokecy/qc-ui (>=0.0.3 <=0.3.24) +11 more potentially affected by unknown CVE via @antv/x6-react-components (>=2.0.8 <=2.0.9)

@antv/x6-react-components NPM version =2.0.8, =3.5.1-alpha.3, =0.0.3, =0.0.3, =0.0.9, =3.5.3, =0.0.1, =1.0.0, =0.0.3, =1.0.0, =0.2.3, =0.3.5 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4113...

@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +8 more potentially affected by CVE-2026-25535 via jspdf (>=4.0.0 <=4.1.0)

jspdf NPM version =4.0.0, =0.0.23, =0.1.2, =1.4.0, =0.111.0-7, =7.11.3, =0.111.0-7, =0.111.0-7, =4.4.0, =4.4.1 - svgedit =7.4.1 Source cves: CVE-2026-25535 Source advisory: SNYK:JS-JSPDF-15322681...

@armco/armory-react-components (>=0.0.23 <=0.0.43), @armco/svg-canvas (>=0.1.2 <=0.1.3) +5 more potentially affected by CVE-2026-24737 via jspdf (=4.0.0)

jspdf NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jspdf and may be impacted: - @armco/armory-react-components =0.0.23, =0.1.2, =1.4.0, =7.11.3, =4.4.0, =4.4.1 - svgedit =7.4.1 Source cves: CVE-2026-24737 Source advisory:...

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 A proof-of-concept exploit demon...

EUVD-2022-1099

Malicious code in bioql PyPI...

open-vector-editor (>=0.1.1 <=2.0.43), teselagen-react-components (>=3.0.16 <=18.1.18) potentially affected by unknown CVE via teselagen-interval-tree (=1.1.1)

teselagen-interval-tree NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on teselagen-interval-tree and may be impacted: - open-vector-editor =0.1.1, =3.0.16, =18.1.18 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47349...

@teselagen/ove (>=0.0.18 <=0.7.27), @teselagen/ui (>=0.0.23 <=0.7.27) +3 more potentially affected by unknown CVE via @teselagen/bounce-loader (>=0.0.12 <=0.3.11)

@teselagen/bounce-loader NPM version =0.0.12, =0.0.18, =0.0.23, =15.0.0, =17.0.12 - ove-electron =1.2.8 - teselagen-react-components =30.15.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47272...

@opencloning/opencloning-elabftw (>=1.6.0 <=1.7.3), @opencloning/ui (>=1.0.1 <=1.7.3) +8 more potentially affected by unknown CVE via @teselagen/react-list (>=0.8.16 <=0.8.18)

@teselagen/react-list NPM version =0.8.16, =1.6.0, =1.0.1, =0.0.15, =6.10.1, =0.0.14, =0.5.7, =10.1.14, =18.3.6, =28.0.0, =30.15.8 Source cves: unknown CVE Source advisory: SNYK:JS-TESELAGENREACTLIST-12744522...

open-vector-editor (>=10.1.61 <=18.3.6), ove-electron (=1.2.8) +2 more potentially affected by unknown CVE via tg-client-query-builder (=2.14.3)

tg-client-query-builder NPM version =2.14.3 is affected by a known vulnerability. The following packages have a transitive dependency on tg-client-query-builder and may be impacted: - open-vector-editor =10.1.61, =18.3.6, =29.0.7, =30.15.8 Source cves: unknown CVE Source advisory:...

Malicious code in @azl-react-components/atoms (npm)

The package @azl-react-components/atoms was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Malicious code in acme-react-components (npm)

The package acme-react-components was found to contain malicious code...

Malicious code in f34th3r-react-components (npm)

The package f34th3r-react-components was found to contain malicious code...

MAL-2025-36970 Malicious code in titan-react-components (npm)

The package titan-react-components was found to contain malicious code...

Malicious code in @fmcc-web-platform/react-components (npm)

The package @fmcc-web-platform/react-components was found to contain malicious code...

MAL-2025-9143 Malicious code in @omisepayments/keycloak-react-components (npm)

The package @omisepayments/keycloak-react-components was found to contain malicious code...

MAL-2025-13981 Malicious code in accounts-react-components (npm)

The package accounts-react-components was found to contain malicious code...

Malicious code in titan-react-components (npm)

The package titan-react-components was found to contain malicious code...

Malicious code in @azl-react-components/molecules (npm)

The package @azl-react-components/molecules was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

Malicious code in accounts-react-components (npm)

The package accounts-react-components was found to contain malicious code...