CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Malicious Package

Overview @solana-labs/web3-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Snyk•added 2026/06/11 9:0 p.m.•5 views

Malicious Package

Overview solana-web3-lts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview solana-web3-community is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview solana-web3-v1 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview solana-web3-stable is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview solana-web3-fork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview solana-web3-py is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Snyk•added 2026/06/11 9:0 p.m.•3 views

Malicious Package

Overview solana-web3 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

OSSF Malicious Packages•added 2026/06/11 2:58 a.m.•6 views

Malicious code in solana-web3-community (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 202fa4daf22c4ecace931dfbdbeee6821fe42c14956d35c763c55051528dee12 Package masquerades as the official @solana/web3.js SDK name solana-web3-community, author 'Solana Labs Maintainers ', repository...

5.5AI score

OSV•added 2026/06/11 2:58 a.m.•9 views

MAL-2026-5560 Malicious code in solana-web3-community (npm)

5.5AI score

OSSF Malicious Packages•added 2026/06/08 10:22 p.m.•8 views

Malicious code in solana-web3-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af1a2f1a7c7e3bddb9c8d2fcb8a4c86a6755763c94b95b1eddb81f382318c432 Malicious typosquat impersonating the legitimate Solana Python SDK solana / solana-py and the JS @solana/web3.js. The package ships no SDK...

OSV•added 2026/06/08 10:22 p.m.•7 views

MAL-2026-5338 Malicious code in solana-web3-py (PyPI)

OSSF Malicious Packages•added 2026/06/08 10:20 p.m.•6 views

Malicious code in solana-web3 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4967ebad2d1f4f5802ef50f1d399c05c4dfab94a208079695570b15ffef0fdd2 On import, solana-web3/init.py executes a credential-stealer payload. After a sandbox-evasion gate checks for 12-hex Docker hostname, /.dockerenv, an...

OSV•added 2026/06/08 10:20 p.m.•5 views

MAL-2026-5337 Malicious code in solana-web3 (PyPI)

OSSF Malicious Packages•added 2026/05/18 8:26 p.m.•8 views

Malicious code in solana-web3-alt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3846bb2c80cb984e05f37cddc24548b73067be9aaca692e401a06f7c323e7b9 In specific environments, the package triggers silent code execution during installation. The code to execute is not included in the package. --- Category:...

6.3AI score

OSV•added 2026/05/18 8:26 p.m.•8 views

MAL-2026-3835 Malicious code in solana-web3-alt (PyPI)

6.3AI score

OSSF Malicious Packages•added 2025/06/18 5:37 a.m.•6 views

Malicious code in solana-web3-adapter (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12e75c393c8da1b623873b652c0e4024a25d635513e641c2c50d5899421160ec Any computer that has this package installed or running should be considered...

6.8AI score

RedhatCVE•added 2025/05/23 8:12 a.m.•8 views

CVE-2024-54134

A publish-access account was compromised for @solana/web3.js, a JavaScript library that is commonly used by Solana dapps. This allowed an attacker to publish unauthorized and malicious packages that were modified, allowing them to steal private key material and drain funds from dapps, like bots,...

8.3CVSS6.4AI score0.00423EPSS

OSSF Malicious Packages•added 2025/05/16 5:50 a.m.•4 views

Malicious code in solana-web3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87dd8c18d15d4abbb750627cb9dfec4be3cd3fa1e2ae9d2ac8113cc0597f43d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

OSV•added 2025/05/16 5:50 a.m.•5 views

MAL-2025-3918 Malicious code in solana-web3 (npm)

7AI score