Malicious code in react-devtools-raycast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 389c48f69049121e3e54751b68803d75bb5d571de2c8caf9c5e5d21f970612f0 The package react-devtools-raycast was found to contain malicious code. Source: ossf-package-analysis...

MAL-2026-1039 Malicious code in react-devtools-raycast (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 389c48f69049121e3e54751b68803d75bb5d571de2c8caf9c5e5d21f970612f0 The package react-devtools-raycast was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in react-devtools-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c07bb5eb2fa7f96705fece940955413b3976968c5a79e13bdd85ce00ec485e4 The package react-devtools-extensions was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview react-devtools-extensions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview react-devtools-shared is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

EUVD-2025-205792

Malicious code in react-devtools-shared npm...

MAL-2025-192971 Malicious code in react-devtools-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c07bb5eb2fa7f96705fece940955413b3976968c5a79e13bdd85ce00ec485e4 The package react-devtools-extensions was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-205793

Malicious code in react-devtools-extensions npm...

Malicious code in react-devtools-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd222e067bee8f9d675a2d56e5e8eb63a00a76038df2d777aae7f5659bf3b0c6 The package react-devtools-shared was found to contain malicious code. Source: ghsa-malware...

MAL-2025-192972 Malicious code in react-devtools-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd222e067bee8f9d675a2d56e5e8eb63a00a76038df2d777aae7f5659bf3b0c6 The package react-devtools-shared was found to contain malicious code. Source: ghsa-malware...

MAL-2024-7418 Malicious code in react-devtools-fusebox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 023ce7599294ef47cf0b24d7424bada9cfa75c0c3ac1f94d0a2a23e0e4f55d6b The OpenSSF Package Analysis project identified 'react-devtools-fusebox' @ 2.1.1 npm as malicious. It is considered malicious because: - The...

Malicious code in react-devtools-fusebox (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 023ce7599294ef47cf0b24d7424bada9cfa75c0c3ac1f94d0a2a23e0e4f55d6b The OpenSSF Package Analysis project identified 'react-devtools-fusebox' @ 2.1.1 npm as malicious. It is considered malicious because: - The...

4help-app-shared (>=1.0.21 <=1.0.26), 4help-shared (>=1.0.2 <=1.0.20) +3208 more potentially affected by CVE-2023-5654 via react-devtools-core (>=1.0.6 <=4.28.0)

react-devtools-core NPM version =1.0.6, =1.0.21, =1.0.2, =0.0.1, =1.0.0, =0.0.1, =0.0.1, =1.0.22, =0.0.12, =1.2.0, =1.0.4, =0.0.1, =0.0.6 and more Source cves: CVE-2023-5654 Source advisory: OSV:GHSA-RXRC-RGV4-JPVX...

MAL-2022-5638 Malicious code in react-devtools-timeline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f936607acfd3e526f1082c6d7f275e07935ef8e0e9f91e3c3e26d5263dabe9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5637 Malicious code in react-devtools-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a20fff80622880fc52448f19e2310e8e1780625674ea89a44939dc9e1f08b2db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-devtools-shell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a20fff80622880fc52448f19e2310e8e1780625674ea89a44939dc9e1f08b2db Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-devtools-timeline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f936607acfd3e526f1082c6d7f275e07935ef8e0e9f91e3c3e26d5263dabe9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5636 Malicious code in react-devtools-release-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ea7f251efb5b52e9221271c637b06b4d48a22a5c0e762a8723498050b5adf80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-devtools-release-script (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ea7f251efb5b52e9221271c637b06b4d48a22a5c0e762a8723498050b5adf80 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...