Lucene search
K

2665 matches found

OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4920 Malicious code in @cloudplatform-single-spa/evocs (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.18 views

MAL-2026-4923 Malicious code in @cloudplatform-single-spa/iam (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-4985 Malicious code in @cloudplatform-single-spa/svp-lbaas (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.8 views

MAL-2026-4928 Malicious code in @cloudplatform-single-spa/magic-router (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.13 views

MAL-2026-4933 Malicious code in @cloudplatform-single-spa/ml-ai-agents-agent (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/28 12:0 a.m.9 views

MAL-2026-4973 Malicious code in @cloudplatform-single-spa/static-page (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/28 12:0 a.m.20 views

Malicious code in @cloudplatform-single-spa/ml-foundation-models (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-5009 Malicious code in @fb-deposit/form-savings-account (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.9 views

MAL-2026-4960 Malicious code in @cloudplatform-single-spa/postgre (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4864 Malicious code in @car-loans/application-aff (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.7 views

MAL-2026-4909 Malicious code in @cloudplatform-single-spa/dataplatform-metastore (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-4989 Malicious code in @cloudplatform-single-spa/svp-tags (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.7 views

MAL-2026-4936 Malicious code in @cloudplatform-single-spa/ml-ai-agents-ide (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.13 views

MAL-2026-4867 Malicious code in @car-loans/deal-aff (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4993 Malicious code in @cloudplatform-single-spa/timescale-db (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-5005 Malicious code in @debit-ib/mobile-debit-ib-additional-card-form (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4898 Malicious code in @cloudplatform-single-spa/cnapp-ui (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/28 12:0 a.m.12 views

MAL-2026-4875 Malicious code in @car-loans/online-sign-aff (npm)

Part of a dependency confusion attack campaign targeting the @car-loans, @fb-deposit, and @debit-ib npm scopes. The attacker npm user pik-libs published 25 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version resolution,...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.10 views

MAL-2026-4883 Malicious code in @cloudplatform-single-spa/advanced (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/28 12:0 a.m.11 views

MAL-2026-4925 Malicious code in @cloudplatform-single-spa/key-manager (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

5.8AI score
Exploits0References1
Rows per page
Query Builder