689 matches found
MAL-2025-6755 Malicious code in react-native-gainsight-px (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in react-native-gainsight-px (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6727 Malicious code in hyperion-react-native-testapp (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in hyperion-react-native-testapp (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in react-native-at-internet-example (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6754 Malicious code in react-native-at-internet-example (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6155 Malicious code in community-pass-react-native-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45d465e1a0ba3936c02d875635041ba0362e96dee19c7f7d727391a4bdcb5dc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in appcenter-sampleapp-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8015d357cb8b89fe98c7076abd8ca3ea3146d43990de4f2410c5e2627a2fe970 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5251 Malicious code in aws-sdk-react-native-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 626365c8daf9243d0d8281fa741a8537d284b73f873547122f9bdab75513d280 Any computer that has this package installed or running should be considered...
Malicious code in aws-sdk-react-native-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 626365c8daf9243d0d8281fa741a8537d284b73f873547122f9bdab75513d280 Any computer that has this package installed or running should be considered...
Malicious code in kenzup-react-native-rsa-native (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32d4c1032d395b390f908592fd2d12e60419f92e0000d0ff3135829a3db19287 Any computer that has this package installed or running should be considered...
MAL-2025-5036 Malicious code in kenzup-react-native-rsa-native (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32d4c1032d395b390f908592fd2d12e60419f92e0000d0ff3135829a3db19287 Any computer that has this package installed or running should be considered...
CVE-2025-45001
react-native-keys 0.7.11 is vulnerable to sensitive information disclosure remote as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools...
@admin-layout/gluestack-ui-mobile (>=6.5.1-alpha.0 <=12.2.4-alpha.49), @custom-lib/design-system (>=0.1.0 <=0.1.8) +36 more potentially affected by unknown CVE via @react-native-aria/menu (>=0.2.10 <=0.2.15)
@react-native-aria/menu NPM version =0.2.10, =6.5.1-alpha.0, =0.1.0, =0.0.1-alpha.1, =0.5.36, =0.2.0, =0.0.1-alpha.0, =0.1.0, =0.1.0, =0.1.0, =0.3.45, =0.0.1, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-4784...
@aemforms/af-react-native (>=1.0.1 <=1.0.31), @akalli/components (=0.0.1) +146 more potentially affected by unknown CVE via @react-native-aria/combobox (=0.2.7)
@react-native-aria/combobox NPM version =0.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/combobox and may be impacted: - @aemforms/af-react-native =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2, =1.2.0, =0.0.4, =4.0.2, =0.32.4,...
@aemforms/af-react-native (>=1.0.1 <=1.0.31), @akalli/components (=0.0.1) +146 more potentially affected by unknown CVE via @react-native-aria/tabs (=0.2.13)
@react-native-aria/tabs NPM version =0.2.13 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/tabs and may be impacted: - @aemforms/af-react-native =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2, =1.2.0, =0.0.4, =4.0.2, =0.32.4, =0.32....
Malicious code in @gluestack-ui/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 17982e09dcf1a69caf714afad49b310371d80fe7260bf21fcad08da2a07df00c React Native ARIA and @gluestack-ui/utils had unauthorized new versions published that contained malicious code via a public access token...
@adaptui/react-native-tailwind (>=1.0.0-alpha.0 <=1.0.0-alpha.12), @admin-layout/gluestack-ui-mobile (>=6.5.1-alpha.0 <=12.2.4-alpha.49) +195 more potentially affected by unknown CVE via @react-native-aria/toggle (=0.2.11)
@react-native-aria/toggle NPM version =0.2.11 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/toggle and may be impacted: - @adaptui/react-native-tailwind =1.0.0-alpha.0, =6.5.1-alpha.0, =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2...
@malberee/heroui-native (>=1.1.11 <=1.1.12), @malberee/nextui-native (>=1.0.0 <=1.1.10) +3 more potentially affected by unknown CVE via @react-native-aria/switch (=0.2.4)
@react-native-aria/switch NPM version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/switch and may be impacted: - @malberee/heroui-native =1.1.11, =1.0.0, =1.1.13, =3.0.0-next.23, =0.2.2, =0.2.3 Source cves: unknown CVE Sour...
@8sistemas/design-system (>=0.6.0 <=0.7.0), @adaptui/react-native-tailwind (>=1.0.0 <=1.0.0-alpha.13) +275 more potentially affected by unknown CVE via @react-native-aria/utils (>=0.2.10 <=0.2.12)
@react-native-aria/utils NPM version =0.2.10, =0.6.0, =1.0.0, =6.5.1-alpha.0, =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.5.0-alpha.2, =0.1.0-alpha2, =1.2.0, =0.0.1-alpha.1, =0.0.1-alpha.1, =0.0.1-beta.8 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-4792...