Lucene search
+L

9 matches found

Snyk
Snyk
added 2026/03/14 10:0 p.m.4 views

Malicious Package

Overview @aifabrix/miso-client is a malicious package. This package was affected by the 'GlassWorm' supply chain attack. It includes a hidden malicious payload embedded with invisible Unicode characters. These characters hide a decoder that retrieves and executes a concealed payload through eval...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.10 views

Malicious code in @voiceflow/encryption (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13e58f7cdcdf3b87f5bbf111e42e13a1151626e495e15be73fc579109e397800 The package @voiceflow/encryption was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.5 views

Malicious code in @voiceflow/natural-language-commander (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcffcb39c546d02117506c26844a1fddcedc61f18cd934b27642817c62189437 The package @voiceflow/natural-language-commander was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/25 12:16 a.m.5 views

MAL-2025-191376 Malicious code in @voiceflow/storybook-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8dad09f9af7bcfdd86347fd6e8c490939feed1f44cb5632ca2098db24ddbe7b The package @voiceflow/storybook-config was found to contain malicious code. Source: google-open-source-security...

6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.8 views

Malicious code in @oku-ui/motion-nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f92b87caa59206174882fe75cd77964bc3f31b824958a07a22210e50eeb21ac9 The package @oku-ui/motion-nuxt was found to contain malicious code. Source: google-open-source-security...

6.9AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 8:33 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Snyk
Snyk
added 2025/11/24 4:24 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/15 11:51 p.m.6 views

Malicious code in @ctrl/qbittorrent (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af92aa639259dc9a287445d9fdbb2ec61beeb5adf71ff13a6e8f9bceb79971a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
Rows per page
Query Builder