Malicious code in react-native-at-internet-example (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6754 Malicious code in react-native-at-internet-example (npm)

The package communicates with a domain associated with malicious activity...

Malicious Package

Overview react-server-dom-turbopack-experimental is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...

Malicious Package

Overview react-server-dom-webpack-experimental is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

MAL-2025-6327 Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

Prototype Pollution

Overview linkify-react is a React element interface for linkifyjs Affected versions of this package are vulnerable to Prototype Pollution via the internal assign helper due to improper filtering of the proto property. An attacker can achieve Stored or Reflected XSS by injecting event handlers int...

@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +791 more potentially affected by CVE-2025-8101 via linkify-react (>=4.0.0-beta.4 <=4.3.1)

linkify-react NPM version =4.0.0-beta.4, =0.0.1, =0.1.0, =1.0.0, =0.1.8, =0.4.1, =0.4.7 and more Source cves: CVE-2025-8101 Source advisory: SNYK:JS-LINKIFYREACT-11502190...

MAL-2025-6305 Malicious code in react-server-dom-webpack-experimental (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2a08db68343b79c1eb43cde87320c0f9ebf1ad3ab6a4501cc1561d4bc247a94 Any computer that has this package installed or running should be considered...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850

CVE-2020-36850 affects Sitecore JSS React Sample Application versions 11.0.0 through 14.0.1, with an information-disclosure flaw that may cause page content intended for one user to be shown to another user. The connected sources consistently describe a cross-user data exposure but do not provide...

CVE-2020-36850 Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850 Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

MAL-2025-6247 Malicious code in vitejs-plugin-react-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1686bc018b42cf0146c11ecc1796ef7bad5ed0bb6b07eae4ceffd65b35f36255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in vitejs-plugin-react-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1686bc018b42cf0146c11ecc1796ef7bad5ed0bb6b07eae4ceffd65b35f36255 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Sitecore JSS React Sample Application 安全漏洞

Sitecore JSS React Sample Application is a sample program from Sitecore, Inc. A security vulnerability exists in Sitecore JSS React Sample Application versions 11.0.0 through 14.0.1, which stems from an information disclosure that could result in the cross-display of user data...

PT-2025-30883 · Sitecore · Sitecore Jss React Sample Application

Name of the Vulnerable Software and Affected Versions: Sitecore JSS React Sample Application versions 11.0.0 through 14.0.1 Description: An information disclosure issue exists that may allow page content intended for one user to be displayed to another user. Recommendations: Sitecore JSS React...

MAL-2025-6227 Malicious code in react-is-builtin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ec8b0c72c247f12884f7dd1d983f39af01544eaefed640dec15bd838e4b3473d The OpenSSF Package Analysis project identified 'react-is-builtin' @...

Malicious code in react-is-builtin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ec8b0c72c247f12884f7dd1d983f39af01544eaefed640dec15bd838e4b3473d The OpenSSF Package Analysis project identified 'react-is-builtin' @...