372 matches found
MAL-2025-55622 Malicious code in citra-gembus97-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3fcba9f36a8ccb6f6f1872f5169fc51c5a65e09a1baf83180b0d4a58ff209f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in oktafian-keraktelor38-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10d827b973a0cee0f05c217951b4c14a975c6238e695a26c26d865a103db66c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in grateful_peafowl_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78870209986b52236edc99fa805f9006037af6ef7eeeda9bf1c71ac7d2ba2995 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in galih-miemee90-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beeb56020ad01e91fbe3c83f29bce37fdb39d54dfaec73518122fdbd58aea21b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-56090 Malicious code in erick-mangut18-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6fd1ed683a3ea22a4d9ce5a8ebfbc6bd2bd49687d6c362b7844563acc5e5187 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-55556 Malicious code in cici-otak-otak100-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae647ffa7b698620adbce9113aeba2ebb0fbae4493f74a23f480c54a93aefd01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sinta-rujaksoto91-devapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f62ec5bbd79a959b29dd9073053acf589d26ca135772f82d773cb796f261ef1d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53686 Malicious code in indah-ongol-ongol37-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector adc30a59fcc3fccc6c494f30626c9be52d5f61872fef546971d436e034279d86 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putri-gandul1-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50d0890c0b5dc9505095f578f9e6c3c3bf77e73859f06babc56fbd0626338537 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nina-rendang60-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db594dc0f939031a17cf13279710f58374556dc5c127b351cb32088e3b837eb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53330 Malicious code in maman-miebogor80-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff1be64b8b14ddc709b0d8f07cf4270b36bfe06f8c9d1ba425d6632f0a375e61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nurul-rujak88-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 56536927b83d6ff91f0cf726611de33f9f7a145f8941c88d9bfc94f89de260e9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vida-kue97-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2185edf3e8d964d7d8f128eee361f7a144c501732f5215e760a0539dadb2a5c0 The package vida-kue97-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded np...
Malicious code in erwin-naget66-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f7bddfbeb6ada84129621e80ddf5a440132535fa54510eee1216f799b612603 The package erwin-naget66-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that floode...
Malicious code in tania-soto59-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6828026fab009ccf0b987622dd904b8be46338791f4dd351b8d243ed9d250384 The package tania-soto59-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...
EUVD-2025-37318
When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...
EUVD-2025-34501
Not used...
CVE-2025-61775 Vickey's unexpired email confirmation link can be reused to send repeated confirmation emails
Vickey is a Misskey-based microblogging platform. A vulnerability exists in Vickey prior to version 2025.10.0 where unexpired email confirmation links can be reused multiple times to send repeated confirmation emails to a verified email address. Under certain conditions, a verified email address...
EUVD-2018-18097
Malware in sbrugna...
RLSA-2025:7049 Moderate: python-requests security update
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...