Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.3 views

Malicious code in cors-carpo-webdriver-mocha-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e76adbe54ed0e722d8d3f209b3befd182623d2d08f49aaebfd39cfb56e2a177 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.3 views

EUVD-2025-111424

Malicious code in markdown-pdf-frontend-rimraf-start npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-43922 Malicious code in cygnus-uninstall-prettier-stylelint-start (npm)

The package cygnus-uninstall-prettier-stylelint-start was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-31296 Malicious code in quick-start (npm)

The package quick-start was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/28 4:0 p.m.3 views

Malicious code in material-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc52f979cd49a98ecface27ce64a898eb95dad649bd6d9ffac7c11ce434a9697 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/02/28 4:0 p.m.2 views

MAL-2025-1608 Malicious code in material-start (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc52f979cd49a98ecface27ce64a898eb95dad649bd6d9ffac7c11ce434a9697 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2021/02/05 8:43 p.m.8 views

docpress (>=0.1.0 <=0.5.5), metalsmith-start (>=0.6.0 <=1.3.4) +1 more potentially affected by CVE-2021-3189 via slashify (>=0.1.0 <=1.0.0)

slashify NPM version =0.1.0, =0.1.0, =0.6.0, =0.13.3, =1.2.3 Source cves: CVE-2021-3189 Source advisory: OSV:GHSA-F4HQ-453J-P95F...

6.1CVSS6.3AI score0.00526EPSS
Exploits1
Rows per page
Query Builder