Malicious code in @vietmoney/react-native-tags-input (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eaba1a91c6cb85d46db01b9c4e96157cdeb905c8c7d1b0d6b3dbd507a58f402 The package @vietmoney/react-native-tags-input was found to contain malicious code. Source: ghsa-malware...

@vietmoney/react-native-smart-gallery (=1.2.2) potentially affected by unknown CVE via @vietmoney/react-native-smart-page (=1.1.2)

@vietmoney/react-native-smart-page NPM version =1.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on @vietmoney/react-native-smart-page and may be impacted: - @vietmoney/react-native-smart-gallery =1.2.2 Source cves: unknown CVE Source advisory:...

Malicious Package

Overview @vietmoney/react-native-vnpay-merchant is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

EUVD-2025-205933

Malicious code in @vietmoney/react-native-smart-page npm...

EUVD-2025-205932

Malicious code in @vietmoney/react-native-tags-input npm...

EUVD-2025-205927

Malicious code in @vietmoney/react-native-vnpay-merchant npm...

EUVD-2025-205931

Malicious code in @vietmoney/react-native-true-id npm...

EUVD-2025-205929

Malicious code in @vietmoney/react-big-calendar npm...

Malicious code in @vietmoney/react-big-calendar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38aebebed4a38e2464d8abb76fbda4a16d4cf03b372124ec3d069c63f6e79f2 The package @vietmoney/react-big-calendar was found to contain malicious code. Source: ghsa-malware...

Malicious code in @vietmoney/react-native-action-button (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector df1a9f2c1ef7c8dd8ece133048315f8ab738a4d5d8bf1a11dbe5f932d39e2eca The package @vietmoney/react-native-action-button was found to contain malicious code. Source: ghsa-malware...

Exploit for Deserialization of Untrusted Data in Facebook React

Agentic Vulnerability Monitor POC An AI-powered, automated vu...

Malicious code in react-dom-bindings (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3c021e2818d17945e50bcb89d19d34a8750ca14078220d113dc8b4c5f0c1392 The package react-dom-bindings was found to contain malicious code. Source: ghsa-malware...

Malicious code in react-devtools-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c07bb5eb2fa7f96705fece940955413b3976968c5a79e13bdd85ce00ec485e4 The package react-devtools-extensions was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview react-devtools-extensions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview react-devtools-shared is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in shopify-app-react-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d58b68abe183faeee5b24e4b524d982d1c78881c8d0c48dd847411bf8fc087e6 The package shopify-app-react-router was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-205792

Malicious code in react-devtools-shared npm...

Malicious Package

Overview react-dom-bindings is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-192971 Malicious code in react-devtools-extensions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c07bb5eb2fa7f96705fece940955413b3976968c5a79e13bdd85ce00ec485e4 The package react-devtools-extensions was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-205793

Malicious code in react-devtools-extensions npm...