78 matches found
PT-2026-46233
Name of the Vulnerable Software and Affected Versions API Platform Core versions 2.6.0 through 4.1.28 API Platform Core versions 4.2.0 through 4.2.25 API Platform Core versions 4.3.0 through 4.3.11 Description A missing isCacheKeySafe gate in the JSON:API and HAL item normalizers leads to a...
EUVD-2025-117291
Malicious code in interesting-tan-roadrunner npm...
Malicious code in clumsy-coffee-roadrunner (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97bff92247a9e6cb083fc07fcfdedf3b1a9ca205d45cc4370d9a15f7c874727d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-117298
Malicious code in innovative-lavender-roadrunner npm...
EUVD-2025-117489
Malicious code in clumsy-coffee-roadrunner npm...
MAL-2025-137337 Malicious code in tiny_roadrunner_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c87d68629467a2238085832f14aaa5c9bcf22f20b11648d6b592ae380150d7c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in distinguished_roadrunner_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef98458c4aee9e633911a6dec37fe72522cd0bc6729a2d673e0049a7a66b864a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-99759
Malicious code in distinguishedroadrunnerz3n npm...
EUVD-2025-102974
Malicious code in promisingroadrunnerz3n npm...
EUVD-2025-102136
Malicious code in softroadrunnerz3n npm...
EUVD-2025-93953
Malicious code in worthwhileroadrunnerz3n npm...
EUVD-2025-95746
Malicious code in priorroadrunnerz3n npm...
MAL-2025-122554 Malicious code in prior_roadrunner_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20cea532cb294460f572dfdf7fe6b761b6ea303723a026af0f1fed38859c9ae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-88480
Malicious code in thunderingroadrunnerz3n npm...
EUVD-2025-74881
Malicious code in ashamedroadrunnersilver-71 npm...
MAL-2025-111880 Malicious code in expensive_roadrunner_silver-30 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e991d53d4efff9d9edae384576b10e1e8aa3db22c1084c57dfe6b6e173543cf0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-75265
Malicious code in visualroadrunner-gooddev npm...
EUVD-2025-76889
Malicious code in extraordinaryroadrunner-excellentdev npm...
EUVD-2025-77309
Malicious code in colossalroadrunner-appteadev npm...
EUVD-2025-76322
Malicious code in maximumroadrunner-biggestdev npm...