CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in remark-shelljs-phoenix-sedna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f4e1017c23cd53607be3402508b6ffbe4c1cd96616b24e3103727f4e6ff2d7b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-115000

Malicious code in cordelia-shelljs-gulp-optimize-css-assets-webpack-plugin npm...

MAL-2025-149193 Malicious code in vortex-vulcan-commitlint-config-angular-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 488fcc3bef6ab42a047caf3a6e9d707eefc126e0dd734eaaaaa3ea53b5b917f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-147927 Malicious code in shelljs-sagitta-forever-iota (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8520a636888d2b5c6bf4dc6d1cfb48b131a6cb2490a7d3d5ada301ab554f0e6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•4 views

EUVD-2025-123352

Malicious code in process-shelljs-neptune-taurus npm...

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-115822

Malicious code in cache-shelljs-europa-kinetic npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in shelljs-ursa-fornax-luna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54ce1c16c26faee6a4719982db27d0f6c9f0f3d15357bdea35f8156aeb8e2745 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

MAL-2025-147928 Malicious code in shelljs-sedna-kaus-callback (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6bd92185d5df059e6ea16e930861c0940b5e505fc65388e18f02aa9ea6e53dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-140120 Malicious code in bootstrap-shelljs-enif-cassini (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5d6bce3ea521ea3b8fa5d1f0d8d3c503d7a97fd2f7dc25e2a87d579491600c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-140425 Malicious code in carina-rocket-shelljs-rimraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca87fececdbfe1c01f7b543ecf0508dc2cdcadff80d76f5c99691cfd4d27abfa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-143644 Malicious code in inquirer-cosmos-sqlite-shelljs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62bc7f48dbc1cbcc3b88ab693e3d514765eb32df9b7bd5a8c673dbe9e7371df5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-113817

Malicious code in europa-start-shelljs-chromedriver npm...

MAL-2025-147930 Malicious code in shelljs-ultra-venus-stop (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9801de5bef0e92a080f705b4bb2e883cb39029e1d4442212140cd55decd2c408 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141109 Malicious code in cordelia-shelljs-gulp-optimize-css-assets-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7027c32eb0a3ba723ebe11ca4df1274d19f003ef78d0984d760230a9baaef860 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-145379 Malicious code in neptune-shelljs-mysql-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d160095b072fe5c1f1c68de0e9a0cb000ff18e829d29172c19bac0398cc3cdd5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...