Malicious code in @solana-labs/spl-toke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 490ce5d7e43d8a79aa85bbd24e7140ed074eee472f375092ab9b4cd650ce41f8 Package name @solana-labs/spl-toke is a one-character omission of the legitimate @solana-labs/spl-token package, abusing the official Solana Labs...

Malicious Package

Overview spl-token-py is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @solana-labs/spl-toke is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in spl-token-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...

MAL-2026-5339 Malicious code in spl-token-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e05ba3043dc87365ee0b1dc44cc58243b34b6cdccdf258c5bb9218a06a65d336 On import spltokenpy, the package's init.py collects sensitive files from the installer's machine — /.config/solana/id.json Solana wallet key,...

EUVD-2015-6767

Malware in sbrugna...

EUVD-2014-4592

Malware in sbrugna...

EUVD-2023-43602

Malicious code in bioql PyPI...

EUVD-2022-46561

Malicious code in bioql PyPI...

EUVD-2022-46559

Malicious code in bioql PyPI...

EUVD-2024-51916

Malicious code in bioql PyPI...

EUVD-2025-8427

Malicious code in bioql PyPI...

EUVD-2023-45152

Malicious code in bioql PyPI...

Malicious code in solana-spl-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in spl-transpiler (PyPI)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-6593 Malicious code in spl-transpiler (PyPI)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in spl-token-v2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...

MAL-2025-6127 Malicious code in spl-token-v2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...

CLSA-2025-1752087242 Update of ca-certificates

update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking" - Certificate "AffirmTrust Premium" - Certificate...

CVE-2023-39902

A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...