MAL-2025-48850 Malicious code in ketcher-react-app (npm)

--- -= Per source details. Do not edit below this line.=-...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in react-pdf-5.0.0.tgz

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in react-pdf-5.0.0.tgz Vulnerability Details CVEID:CVE-2024-34342 DESCRIPTION: react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with...

Malicious code in react-medias (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b5575c56531df502495b31c4b90170d35d991772b25b712d15dc9fdac0e33df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-35308

Malicious code in react-medias npm...

Malicious Package

Overview react-medias is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-48551 Malicious code in react-medias (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b5575c56531df502495b31c4b90170d35d991772b25b712d15dc9fdac0e33df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-prop-types-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3226e349f00c076cedb138b9c993caebe82069eceb0cfd079c66e79cfde00310 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview react-prop-types-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

MAL-2025-48545 Malicious code in react-prop-types-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3226e349f00c076cedb138b9c993caebe82069eceb0cfd079c66e79cfde00310 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview hyperion-react-native is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-48515 Malicious code in web-palette-react (npm)

The package web-palette-react was found to contain malicious code...

Malicious code in web-palette-react (npm)

The package web-palette-react was found to contain malicious code...

EUVD-2025-34853

Malicious code in deere-ui-svg-to-react npm...

MAL-2025-48447 Malicious code in deere-ui-svg-to-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 229dbd48954859b2ccfde1edb98abf497a0d03d9e6d0c82d863cc2aea74ac1f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in deere-ui-svg-to-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 229dbd48954859b2ccfde1edb98abf497a0d03d9e6d0c82d863cc2aea74ac1f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview react-dnd-html5-backend-14 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview eslint-plugin-react-purify is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview tailwind-react-mui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview react-hook-eslint is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview react-context-stylizer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...