Malicious code in react-device-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 113702b97f378bfde6af287d00821b1e3ebec6cfa164e3d263f57632210869c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@tnf-dev/js (>=1.0.1 <=1.0.1-24), @tnf-dev/react (>=1.0.1 <=1.0.1-24) potentially affected by unknown CVE via @tnf-dev/core (>=1.0.1-10 <=1.0.1)

@tnf-dev/core NPM version =1.0.1-10, =1.0.1, =1.0.1, =1.0.1-24 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47285...

Malicious code in @tnf-dev/react (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da4d6867e6189f0175e6f56e18ff4291470344b5f188c83b62ca56759287e142 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47331 Malicious code in mstate-react (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997c10662d47fa55ca8cd4db612274bf4d589c7d82d079b48fae3261bb5c65a7 Any computer that has this package installed or running should be considered fully compromised. All...

@tnf-dev/react (>=1.0.1 <=1.0.1-24) potentially affected by unknown CVE via @tnf-dev/js (>=1.0.1-10 <=1.0.1)

@tnf-dev/js NPM version =1.0.1-10, =1.0.1, =1.0.1-24 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47286...

MAL-2025-47330 Malicious code in mstate-dev-react (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 014addfef55f28c8297c28c565e3a13e01c74ef273175eb8c2389b4e41921e0a Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in mstate-dev-react (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 014addfef55f28c8297c28c565e3a13e01c74ef273175eb8c2389b4e41921e0a Any computer that has this package installed or running should be considered fully compromised. All...

open-vector-editor (>=0.1.1 <=2.0.43), teselagen-react-components (>=3.0.16 <=18.1.18) potentially affected by unknown CVE via teselagen-interval-tree (=1.1.1)

teselagen-interval-tree NPM version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on teselagen-interval-tree and may be impacted: - open-vector-editor =0.1.1, =3.0.16, =18.1.18 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47349...

@crowdstrike/alloy-react (>=0.0.2 <=0.0.5) potentially affected by unknown CVE via @crowdstrike/foundry-js (=0.17.1)

@crowdstrike/foundry-js NPM version =0.17.1 is affected by a known vulnerability. The following packages have a transitive dependency on @crowdstrike/foundry-js and may be impacted: - @crowdstrike/alloy-react =0.0.2, =0.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47234...

Malicious code in thangved-react-grid (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb6134bdc146e263c03b7d3570bbacb8e08229e146913f1c48c206423f98b2eb Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47353 Malicious code in thangved-react-grid (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eb6134bdc146e263c03b7d3570bbacb8e08229e146913f1c48c206423f98b2eb Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @teselagen/react-table (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35f0735aa86d1091b1512a81fb01bb052f137bb071faaadd8c7e0713abac239b Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47278 Malicious code in @teselagen/react-table (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 35f0735aa86d1091b1512a81fb01bb052f137bb071faaadd8c7e0713abac239b Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in @teselagen/react-list (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5eae9e0260589e145031f17078f10e631996b6420cb9494ed5c5e4f378b01c94 Any computer that has this package installed or running should be considered fully compromised. All...

MAL-2025-47277 Malicious code in @teselagen/react-list (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5eae9e0260589e145031f17078f10e631996b6420cb9494ed5c5e4f378b01c94 Any computer that has this package installed or running should be considered fully compromised. All...

@teselagen/ove (>=0.0.18 <=0.7.27), @teselagen/ui (>=0.0.23 <=0.7.27) +3 more potentially affected by unknown CVE via @teselagen/bounce-loader (>=0.0.12 <=0.3.11)

@teselagen/bounce-loader NPM version =0.0.12, =0.0.18, =0.0.23, =15.0.0, =17.0.12 - ove-electron =1.2.8 - teselagen-react-components =30.15.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47272...

-tompan-reacttemplate (>=1.0.1 <=1.1.0), 007-nodejs (>=2.5.0 <=2.5.3) +46459 more potentially affected by CVE-2024-29415 +1 more via ip (>=0.0.1 <=2.0.1)

ip NPM version =0.0.1, =1.0.1, =2.5.0, =2.5.3 - 0726react =0.1.1 - 0me.sh =0.1.15 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 -...

MAL-2025-47343 Malicious code in react-jsonschema-form-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a348a6e6add3a526378c82c718c9589edc804b3a2c90e291c0abc25798ba1047 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47344 Malicious code in react-jsonschema-rxnt-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e29ae9593362f6ccecd21ee9abaabfe0baf7da78be18ebeeef87277d03b1f56 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-jsonschema-rxnt-extras (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8e29ae9593362f6ccecd21ee9abaabfe0baf7da78be18ebeeef87277d03b1f56 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...