44 matches found
link-chart (>=0.0.0 <=0.1.12) potentially affected by unknown CVE via @antv/ava-react (=3.3.2)
@antv/ava-react NPM version =3.3.2 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/ava-react and may be impacted: - link-chart =0.0.0, =0.1.12 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3854...
@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +20 more potentially affected by CVE-2026-23870 via react-server-dom-webpack (>=19.0.0 <=19.0.1)
react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...
Malicious Package
Overview @saferpay/react-library is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
CVE-2026-23864: React and Next.js Denial of Service via Memory Exhaustion
...
EUVD-2026-1839
Malicious code in secguest-react-lib npm...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Toolkit & Lab Educational Only Lightweight G...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198654
Malicious code in react-library-setup npm...
Malicious code in react-library-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd7f28e9ee69ccd4dc343423efa26fbdc798388c2d4abdb85588cc5a532dd2c3 The package react-library-setup was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190700 Malicious code in react-library-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd7f28e9ee69ccd4dc343423efa26fbdc798388c2d4abdb85588cc5a532dd2c3 The package react-library-setup was found to contain malicious code. Source: ghsa-malware...
MAL-2025-41351 Malicious code in @hpx-core-experiences/react-my-account-payments (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-13801 Malicious code in @zalastax/nolb-react-td (npm)
The package @zalastax/nolb-react-td was found to contain malicious code...
Malicious code in @zalastax/nolb-react-i (npm)
The package @zalastax/nolb-react-i was found to contain malicious code...
MAL-2025-16481 Malicious code in canalplus-react-library (npm)
The package canalplus-react-library was found to contain malicious code...
MAL-2025-13694 Malicious code in @zalastax/nolb-react-il (npm)
The package @zalastax/nolb-react-il was found to contain malicious code...
MAL-2025-13708 Malicious code in @zalastax/nolb-react-p5 (npm)
The package @zalastax/nolb-react-p5 was found to contain malicious code...
Malicious code in @zalastax/nolb-react-rp (npm)
The package @zalastax/nolb-react-rp was found to contain malicious code...
MAL-2025-13842 Malicious code in @zalastax/nolb-react-uu (npm)
The package @zalastax/nolb-react-uu was found to contain malicious code...
MAL-2025-13741 Malicious code in @zalastax/nolb-react-rl (npm)
The package @zalastax/nolb-react-rl was found to contain malicious code...
MAL-2025-13699 Malicious code in @zalastax/nolb-react-ir (npm)
The package @zalastax/nolb-react-ir was found to contain malicious code...