Lucene search
K

5 matches found

OSV
OSV
added 2026/06/23 4:7 p.m.16 views

MAL-2026-6316 Malicious code in ts-biginteger-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8059a1d2db2edb7231b017023f82f6a651585c0ee7120aaebe882cb6407b9e3 Package is published as 'ts-biginteger-lib' but its metadata, README, and source are a wholesale copy of big.js by MikeMcl author set to 'Michael...

6.4AI score
Exploits0References2
OSV
OSV
added 2026/06/11 7:38 a.m.24 views

MAL-2026-5619 Malicious code in tailwind-typography-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29345b97ddc8c5fe985d1a69d53db15e4126052929267a584b463e94f43b0bc3 [email protected] impersonates the legitimate @tailwindcss/typography Tailwind CSS plugin confusable name, copied plugin export shape,...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:38 a.m.24 views

Malicious code in tailwind-typography-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29345b97ddc8c5fe985d1a69d53db15e4126052929267a584b463e94f43b0bc3 [email protected] impersonates the legitimate @tailwindcss/typography Tailwind CSS plugin confusable name, copied plugin export shape,...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/05/20 7:31 p.m.9 views

MAL-2026-4448 Malicious code in @tailwind-core/oxide-linux-x64-gnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a107a0746f2f5159d661e4d332eac53f871b9d22f80caf5863bdd713e252ae00 The package name '@tailwind-core/oxide-linux-x64-gnu' impersonates the legitimate Tailwind CSS v4 oxide engine package...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:24 p.m.17 views

Malicious code in env-threads (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfb511e0bf06367ec0341939aa68ee55859344c6ca6cb8d9f55f7e62cdcc8656 Package env-threads impersonates the legitimate dotenv package: its README, repository URL git://github.com/motdotla/dotenv.git, homepage, descriptio...

6.3AI score
Exploits0References1
Rows per page
Query Builder