Malicious code in react-dom-experimental-builtin (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6303 Malicious code in react-dom-experimental-builtin (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in react-dom-builtin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ac7450c93d4fe9acd7455d948757158cfef0776508f78ee3544d4cad40dc18b2 The OpenSSF Package Analysis project identified 'react-dom-builtin' @...

MAL-2025-6226 Malicious code in react-dom-builtin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ac7450c93d4fe9acd7455d948757158cfef0776508f78ee3544d4cad40dc18b2 The OpenSSF Package Analysis project identified 'react-dom-builtin' @...

MAL-2025-6219 Malicious code in react-international-phone-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 55dc391aa3ec3a479f332033f4ed1c9804c98935cd8ec931e830a8f44a9b790f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-international-phone-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 55dc391aa3ec3a479f332033f4ed1c9804c98935cd8ec931e830a8f44a9b790f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6155 Malicious code in community-pass-react-native-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45d465e1a0ba3936c02d875635041ba0362e96dee19c7f7d727391a4bdcb5dc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6142 Malicious code in @verge-vcl-react/data-grid (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c4f54ea3248c3fdbfda6a6a07da73bfd9f07ecceb0e4104dae677ae6452aaae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Why You Should Use Geolocation in Your React App’s Authentication Process

Improve security in your React app with geolocation-based authentication, adding a strong layer beyond passwords to prevent unauthorised access...

Malicious code in react-hook-form-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7bbb033f9045b94810312d6c18ca8a53e34b6886863c10eaf2521f35349775c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6001 Malicious code in react-hook-form-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7bbb033f9045b94810312d6c18ca8a53e34b6886863c10eaf2521f35349775c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

10by10-react-app (=1.2.1), 192.168.0.172 (=4.6.1) +13992 more potentially affected by CVE-2025-7339 via on-headers (>=0.0.0 <=1.0.2)

on-headers NPM version =0.0.0, =1.0.2, =1.0.0, =0.30.0, =0.2.0, =0.0.28, =4.11.0, =4.11.46 and more Source cves: CVE-2025-7339 Source advisory: OSV:GHSA-76C9-3JPH-RJ3Q...

Reactor Netty HTTP is vulnerable to credential leaks during chained redirects

In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects...

Malicious code in modern-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 551ccc399991abf0310245b17e68d5526426644f1b0e41c7d7d6b1b1286a425f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5936 Malicious code in modern-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 551ccc399991abf0310245b17e68d5526426644f1b0e41c7d7d6b1b1286a425f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-redirect-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 438d7e49a15f42d9c8af314bc225c932e4531c3d028d8e602b578777e203300d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5952 Malicious code in react-redirect-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 438d7e49a15f42d9c8af314bc225c932e4531c3d028d8e602b578777e203300d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in appcenter-sampleapp-react-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8015d357cb8b89fe98c7076abd8ca3ea3146d43990de4f2410c5e2627a2fe970 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @happyfoxinc/react-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d35adaa5c8720836c739e2315328f940d5245dcc4590ffe7ac42b1e465b31388 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5797 Malicious code in supabase-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d99002d0e83f91ca297ecb91950c973f76ba284c9b63eba89946e9bfac2672de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...