Malicious code in react-stylizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 812122411d8ab81ce837c1af7272056e2f1dd88b413f290021a615d5ad03524e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview react-stylizer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-6341 Malicious code in react-stylizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 812122411d8ab81ce837c1af7272056e2f1dd88b413f290021a615d5ad03524e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-6340 Malicious code in react-redux-stylizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a197696811f0bf0075aceaf1c780dc72528144a4fa028d9dabdc7f6999144f42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in hyperion-react-native-testapp (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6727 Malicious code in hyperion-react-native-testapp (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in react-native-at-internet-example (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6754 Malicious code in react-native-at-internet-example (npm)

The package communicates with a domain associated with malicious activity...

Malicious Package

Overview react-server-dom-webpack-experimental is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

Malicious Package

Overview react-server-dom-turbopack-experimental is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizatio...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

MAL-2025-6327 Malicious code in react-nodes (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8f859f678cb85445cc8d486c034c1a9de313c92e4485d8dc546bab5be2823b71 The OpenSSF Package Analysis project identified 'react-nodes' @ 4.0.1 npm as malicious. It is considered malicious because: - The package execut...

Prototype Pollution

Overview linkify-react is a React element interface for linkifyjs Affected versions of this package are vulnerable to Prototype Pollution via the internal assign helper due to improper filtering of the proto property. An attacker can achieve Stored or Reflected XSS by injecting event handlers int...

@a.agiir/cinny (>=0.0.1 <=0.0.2), @a1tan/plugin-azure-openai (=0.4.0) +790 more potentially affected by CVE-2025-8101 via linkify-react (>=4.0.0-beta.4 <=4.3.1)

linkify-react NPM version =4.0.0-beta.4, =0.0.1, =0.1.0, =0.1.0, =1.0.0, =0.1.8, =0.1.10 - @alithya-oss/backstage-plugin-rag-ai =1.2.7 - @alithya-oss/backstage-plugin-time-saver =1.4.5 and more Source cves: CVE-2025-8101 Source advisory: SNYK:JS-LINKIFYREACT-11502190...

MAL-2025-6305 Malicious code in react-server-dom-webpack-experimental (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2a08db68343b79c1eb43cde87320c0f9ebf1ad3ab6a4501cc1561d4bc247a94 Any computer that has this package installed or running should be considered...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850

CVE-2020-36850 affects Sitecore JSS React Sample Application versions 11.0.0 through 14.0.1, with an information-disclosure flaw that may cause page content intended for one user to be shown to another user. The connected sources consistently describe a cross-user data exposure but do not provide...

CVE-2020-36850 Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850 Sitecore JSS React Sample Application 11.0.0 - 14.0.1 Information Disclosure

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...