259 matches found
org.webjars.npm:browser-sync-ui (=2.27.11), org.webjars.npm:nestjs__platform-socket.io (=9.0.0-next.2) +3 more potentially affected by CVE-2026-33151 via org.webjars.npm:socket.io-parser (>=2.3.1 <=4.2.5)
org.webjars.npm:socket.io-parser MAVEN version =2.3.1, =0.3.1, =0.5.0 - org.webjars.npm:socket.io-client =4.8.3 Source cves: CVE-2026-33151 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15680279...
ROS-20260216-73-0004
Vulnerability in python-socketio related to a flaw in the deserialization mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
CVE-2020-24928
managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server port 3020 open to all origins, which allows attackers to obtain sensitive Discord user information...
ROOT-APP-NPM-CVE-2024-38355 CVE-2024-38355 in @rootio/socket.io - Patched by Root
Root has patched CVE-2024-38355 in the @rootio/socket.io package for Root:npm. Multiple fixed versions available...
EUVD-2025-180288
Malicious code in astroinformatics-brane-firebase-socketio npm...
MAL-2025-186044 Malicious code in celeste-selenology-socketio-carpo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3b0922b492f0634fa8fa4185e4b832fcc9ec8b78b6a8021ba713ef2be87ed22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in socketio-spawn-pyxis-nestjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e9d1cf25a81466709ef959f4e99e76747753682450c3efeb51214af159a4a9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187238 Malicious code in gridsome-slides-pipe-socketio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d3041ecadbfa1b9ee20c448a9f21b65c9463e9e394b9f82d5a14402dab7ac41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178410
Malicious code in ini-mongodb-got-socketio npm...
Malicious code in yakutsk-blueshift-supervisor-socketio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8265e7cc3ce2aa13db6c24fbe72eef89e0b1aebe54afa3c2299c0f4527b734f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-179838
Malicious code in celeste-selenology-socketio-carpo npm...
Malicious code in cassini-socketio-concurrently-forever (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e912fdb2bf197c65c430a9c9fbd0f8051136d3e5aec231088a303a0882b680f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176297
Malicious code in socketio-elara-europa-dotenv npm...
MAL-2025-189577 Malicious code in socketio-cordelia-nightwatch-petrology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4209f9a2070f854d5309b6e36e08d1ae3e7f215e342ac56025d7be33d1cf16d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176296
Malicious code in socketio-polaris-restart-adonis npm...
Malicious code in vuepress-parallax-socketio-juno (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58bc0674a620983ea2af74aa10753189e4138f07b84db82b35cc3e0fc56b5611 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fornax-socketio-ganymede-boson (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbf81223eb44037f720c7f81236de5d3bf785a23ec6a4b48c754958e420b7afc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178072
Malicious code in lint-nuxtjs-babel-socketio npm...
Malicious code in lint-nuxtjs-babel-socketio (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a8611eb2223c19e3229ffc9e93992299b19a837631cc58ec018759f33681b70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-178845
Malicious code in fornax-socketio-ganymede-boson npm...