@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +25 more potentially affected by CVE-2025-30208 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =19.1.5, =5.0.0-alpha.37, =19.1.0, =19.1.0, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.3.0-dev.12 and more Source cves: CVE-2025-30208 Source advisory:...

MAL-2025-2699 Malicious code in react-fiber-debugger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00a91ebc181430303bf3b5c3bc93cd1bf2a4b2727ab2767fa5998456f8602156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-fiber-debugger (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00a91ebc181430303bf3b5c3bc93cd1bf2a4b2727ab2767fa5998456f8602156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2691 Malicious code in mm-react-gpt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a777feae3d9f0ba145555d872c6749a18d3f877dd9617efe5a5856eb06a366e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in mm-react-gpt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a777feae3d9f0ba145555d872c6749a18d3f877dd9617efe5a5856eb06a366e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2700 Malicious code in react-script-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5fced45c5f4fd8509ee982e4bafe3f8e0a7c17c4a7470b28b33e38ec23824e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-script-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c5fced45c5f4fd8509ee982e4bafe3f8e0a7c17c4a7470b28b33e38ec23824e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in datahub-react-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1d82378a4b4eeb1355f9d5fbee783eb02ebfd625e5b7480f1ab594461b8d90d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2663 Malicious code in datahub-react-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1d82378a4b4eeb1355f9d5fbee783eb02ebfd625e5b7480f1ab594461b8d90d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in epic-react-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d43c90ef27f311e9b6bb49fb715a80a16f68e0adef519b5f389a00ceeb8bbf3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2617 Malicious code in epic-react-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d43c90ef27f311e9b6bb49fb715a80a16f68e0adef519b5f389a00ceeb8bbf3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-rekilog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 249b037c6c199bbd9807077e5d7c285f8cb8525f43754d5ddb10263cb35fae39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2405 Malicious code in react-rekilog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 249b037c6c199bbd9807077e5d7c285f8cb8525f43754d5ddb10263cb35fae39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hoist-non-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424865e2aee8385bd2b6cf103c939dc9a1d3d8784efeb6d8f197d71de928340b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2387 Malicious code in hoist-non-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 424865e2aee8385bd2b6cf103c939dc9a1d3d8784efeb6d8f197d71de928340b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @od-react/od-react-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2013a6f5bf71bb192bd9c077faf94f1b589b3fa4ca56d2f9038983e8fa35bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2350 Malicious code in @od-react/od-react-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af2013a6f5bf71bb192bd9c077faf94f1b589b3fa4ca56d2f9038983e8fa35bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2342 Malicious code in foundry-js-react-blueprint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 003370478f168f2d57cb08caf6214ba25adf57eaefa736fc7460dd4550ee09c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in foundry-js-react-blueprint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 003370478f168f2d57cb08caf6214ba25adf57eaefa736fc7460dd4550ee09c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-event-dependency (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7117f482ca3c7fec4102581d249b98a017fe0b05eb1dbc836070e0f0c8b245c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...