81885 matches found
Malicious code in @stlm/common-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 524e7ff666da99814e99aa71977173170ff4d7d51c5730a30bf0375665f89582 The package @stlm/common-ui was found to contain malicious code. Source: ghsa-malware 2d6d7ee043c22bf0b8caf216d27b99ca30f22667d60e5d1d0c76178c5808ae5...
Malicious code in sparkling-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a51b8dc4e5a69bd2a09d2bb1c705963de6b9513ff871237d21a5f6641abc0ac The package sparkling-sdk was found to contain malicious code. Source: ghsa-malware b0457cea0504e91fd51a3802d694a20e91fab0bf48731ae4a18c484eab349202...
MAL-2026-2995 Malicious code in color-studio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d197fd4183100bf9c61d06d5f63aea39f8b61429628f3a13522d8b511a0482bb The package color-studio was found to contain malicious code. Source: ghsa-malware 3ea22c97ba975ced2d26e899fe9ac900d3e1df68314536f95416cf2b03b65472 A...
CVE-2026-31489
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
Malicious code in @openwebconcept/design-tokens (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2993 Malicious code in @openwebconcept/design-tokens (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e6761494cb35b1f5bc9024f23f67a6e896a857233d68bb56e75c683a1893391 The package @openwebconcept/design-tokens was found to contain malicious code. Source: ghsa-malware...
Malicious code in @openwebconcept/theme-owc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ba9da7f58491c9c4715c34da32da8f4a9d1519075412a9be534d19e6e07466e2 The package @openwebconcept/theme-owc was found to contain malicious code. Source: ghsa-malware...
MAL-2026-2992 Malicious code in @automagik/genie (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6e7702eae0e8ff480f6f47624128cb3bf2ad5934d6c6a9a5481f3ac424db40 The package @automagik/genie was found to contain malicious code. Source: ghsa-malware 00207299cc0b9ee634f5850f194f399c6164fd4621989a43f8e5f9353d3707...
CVE-2026-31489 spi: meson-spicc: Fix double-put in remove path
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path mesonspiccprobe registers the controller with devmspiregistercontroller, so teardown already drops the controller reference via devm cleanup. Calling spicontrollerput again in...
Malicious code in pgserve (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...
MAL-2026-2991 Malicious code in pgserve (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c48b943e993f7a62fe43ad9c5412ad1750fd3d5a8cd5214988b16caf78f4a06d The package pgserve was found to contain malicious code. Source: ghsa-malware 3eb07d42183ec3a63a62edc4353d8dbaa85afd8c1830fa5b6ef2617fb5a2b3e0 Any...
K000160944: Axios NPM supply chain attack MAL-2026-2306 GHSA-fw8c-xr5c-95f9
Security Advisory Description Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer ma...
Malicious code in crypto-keccak-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32ccdef7e115ae439427bb2217083ad601c38f443bc895d50f788929634a37c3 The package crypto-keccak-js was found to contain malicious code. Source: ghsa-malware 60c3cf139a71aed81d8181d9c87451c86895953c7d34095bd06553c9e406cc...
MAL-2026-2976 Malicious code in gleb-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1195db21d930574e3f893e03ace1f465579fc9a50f319979b05f57a0a6d8e252 The package gleb-js was found to contain malicious code. Source: ghsa-malware 24151762712a7288d42bf902b1d0d205f13c6f76668490e7043fe846a8fd241f Any...
Malicious code in gleb-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1195db21d930574e3f893e03ace1f465579fc9a50f319979b05f57a0a6d8e252 The package gleb-js was found to contain malicious code. Source: ghsa-malware 24151762712a7288d42bf902b1d0d205f13c6f76668490e7043fe846a8fd241f Any...
MAL-2026-2977 Malicious code in ts-utils-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8a1476a3763d6093218666ee76d28124242e541f10e98fea5e396de93e97e85 The package ts-utils-dev was found to contain malicious code. Source: ghsa-malware 780475532d255944bb4846b6f84becadf429014e623c83b5ca508b6f97e39a9a A...
Malicious code in claudcode-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f4d319ca32cad5bc9a2f83d4b1b64c39f2d1e75f2fed26cc1172d480891b69 The package claudcode-mcp was found to contain malicious code. Source: ghsa-malware 65a350de7c4fa0545fcd3fa1439e9ea34afa50e5237688032de7bcafeb071ab0...
Malicious code in claudcode-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1de8369f09912bb8724607f94c599ad3fcecfa78fa46e76985acbc600ad8791 The package claudcode-cli was found to contain malicious code. Source: ghsa-malware 6bdf49fafb69e5edbe0ee4aecb34c6d65f28e0dd917b228142fd71e6db486971...
MAL-2026-2974 Malicious code in claudcode-mcp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88f4d319ca32cad5bc9a2f83d4b1b64c39f2d1e75f2fed26cc1172d480891b69 The package claudcode-mcp was found to contain malicious code. Source: ghsa-malware 65a350de7c4fa0545fcd3fa1439e9ea34afa50e5237688032de7bcafeb071ab0...
MAL-2026-2971 Malicious code in @usealloy/typegen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8ddfd4e6bd17172e7327ebed027c76dc8d062700a513a745cf15955c52e043c The package @usealloy/typegen was found to contain malicious code. Source: ghsa-malware...