📄 Discord Language Sloth Bot Directory Traversal Scanner / Payload Generator

The Language Sloth Discord bot contains a critical directory traversal vulnerability allowing attackers to read arbitrary files on the server hosting the bot through improperly sanitized user input in file path operations. This is an automated scanner with payload generation...

EUVD-2025-117260

Malicious code in local-aqua-sloth npm...

Malicious code in local-aqua-sloth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78d45c913bbc73a37fd3cba872c5b0b747074cd3806fb01b2ea687136384857c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-117284

Malicious code in juicy-aquamarine-sloth npm...

Malicious code in concerned_sloth_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 417da7a6b09ddedfe30ad9fed31cc93beaa2a290c8f66ee1f39c53a43814054f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-104078

Malicious code in livingslothz3n npm...

EUVD-2025-100076

Malicious code in detailedslothz3n npm...

Malicious code in horrible_sloth_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83868d2e596126ede29aac8bcab553d135ed9d90666d1b457bff77e88dd296ec This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in condemned_sloth_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55c37a00283ae5aeb8e74f56d33f3bd3b8309ee246dec5c996cc0f08a0e9426f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-106043

Malicious code in colouredslothz3n npm...

EUVD-2025-95789

Malicious code in physicalslothz3n npm...

Malicious code in proper_sloth_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 010f2a1af8f6eb7acfc43ec1852e8f27c62eadaa46963b0901e99e1746440bdb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-89416

Malicious code in properslothz3n npm...

EUVD-2025-74097

Malicious code in vividslothorange-15 npm...

EUVD-2025-74076

Malicious code in worldwideslothorange-96 npm...

Malicious code in additional_sloth-appteadev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3abbed89ecd3b20eb1115acc58bce0ec3353226f1d0d9f3f8acae7ebc93715f2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-75750

Malicious code in saltysloth-silentdev npm...

Malicious code in yappy_sloth_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73cd2e263c87f40bbb3f3f223117d507c3b811c1a3673a82e7b2159144dde96a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-78564

Malicious code in prettyslothz3n npm...

EUVD-2025-78107

Malicious code in theoreticalslothz3n npm...