CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/06/18 10:23 a.m.•3 views

Malicious code in build-react-wrapper (npm)

--- -= Per source details. Do not edit below this line.=-...

OSSF Malicious Packages•added 2025/06/18 10:3 a.m.•3 views

Malicious code in react-svg-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2a1717363aad3bb129687fc2526ded4d96a8d7e578862b6d400cf5864e1985 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

OSV•added 2025/06/18 10:3 a.m.•0 views

MAL-2025-5167 Malicious code in react-svg-plugin (npm)

OSV•added 2025/06/18 4:33 a.m.•1 views

MAL-2025-5234 Malicious code in plugin-react (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e88cbf7f87087cbc6dda9545bd987ae79997a0d8812613ac393f517941eb83e Any computer that has this package installed or running should be considered...

OSSF Malicious Packages•added 2025/06/18 4:33 a.m.•2 views

Malicious code in plugin-react (npm)

6.8AI score

OSSF Malicious Packages•added 2025/06/16 3:53 p.m.•3 views

Malicious code in kenzup-react-native-rsa-native (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32d4c1032d395b390f908592fd2d12e60419f92e0000d0ff3135829a3db19287 Any computer that has this package installed or running should be considered...

6.8AI score

OSV•added 2025/06/16 3:53 p.m.•1 views

MAL-2025-5036 Malicious code in kenzup-react-native-rsa-native (npm)

OSSF Malicious Packages•added 2025/06/13 1:59 p.m.•4 views

Malicious code in react-sdk-module-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c328baa339da0fb222b6ed839e9e024e3df2427f155e95d650451d9a7c0d49ce Any computer that has this package installed or running should be considered...

6.8AI score

OSV•added 2025/06/13 1:59 p.m.•2 views

MAL-2025-5053 Malicious code in react-sdk-module-api (npm)

OSV•added 2025/06/13 1:48 a.m.•2 views

MAL-2025-5052 Malicious code in react-redux-hydra (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score

OSSF Malicious Packages•added 2025/06/13 1:48 a.m.•4 views

Malicious code in react-redux-hydra (npm)

The package communicates with a domain associated with malicious activity...

OSV•added 2025/06/13 1:39 a.m.•1 views

MAL-2025-5050 Malicious code in react-card-security-code (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1ee206260c832fcc9736dc58bdd69c339579082e7216fd531b76689c04730e5 Any computer that has this package installed or running should be considered...

5.9AI score

OSSF Malicious Packages•added 2025/06/13 1:39 a.m.•2 views

Malicious code in react-card-security-code (npm)

OSV•added 2025/06/13 1:31 a.m.•3 views

MAL-2025-5051 Malicious code in react-expiry-date (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 744273ea7bca5335d9f20514a81c835c0cad1558b2b206721aed050a41f0acea Any computer that has this package installed or running should be considered...

5.9AI score

OSSF Malicious Packages•added 2025/06/13 1:31 a.m.•4 views

Malicious code in react-expiry-date (npm)

RedhatCVE•added 2025/06/11 12:6 a.m.•3 views

CVE-2025-45001

react-native-keys 0.7.11 is vulnerable to sensitive information disclosure remote as encryption cipher and Base64 chunks are stored as plaintext in the compiled native binary. Attackers can extract these secrets using basic static analysis tools...

7.5CVSS7.2AI score0.00105EPSS

Exploits1References1

vulnersOsv•added 2025/06/10 6:36 a.m.•5 views

@aemforms/af-react-native (>=1.0.1 <=1.0.31), @akalli/components (=0.0.1) +146 more potentially affected by unknown CVE via @react-native-aria/tabs (=0.2.13)

@react-native-aria/tabs NPM version =0.2.13 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/tabs and may be impacted: - @aemforms/af-react-native =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2, =1.2.0, =0.0.4, =4.0.2, =0.32.4, =0.32....

vulnersOsv•added 2025/06/10 6:36 a.m.•3 views

@aemforms/af-react-native (>=1.0.1 <=1.0.31), @akalli/components (=0.0.1) +146 more potentially affected by unknown CVE via @react-native-aria/combobox (=0.2.7)

@react-native-aria/combobox NPM version =0.2.7 is affected by a known vulnerability. The following packages have a transitive dependency on @react-native-aria/combobox and may be impacted: - @aemforms/af-react-native =1.0.1, =0.0.3, =0.1.21, =1.0.0, =0.1.0-alpha2, =1.2.0, =0.0.4, =4.0.2, =0.32.4,...

vulnersOsv•added 2025/06/10 6:36 a.m.•4 views

@admin-layout/gluestack-ui-mobile (>=6.5.1-alpha.0 <=12.2.4-alpha.49), @custom-lib/design-system (>=0.1.0 <=0.1.8) +36 more potentially affected by unknown CVE via @react-native-aria/menu (>=0.2.10 <=0.2.15)

@react-native-aria/menu NPM version =0.2.10, =6.5.1-alpha.0, =0.1.0, =0.0.1-alpha.1, =0.5.36, =0.2.0, =0.0.1-alpha.0, =0.1.0, =0.1.0, =0.1.0, =0.3.45, =0.0.1, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-4784...