Lucene search
K

42 matches found

OSV
OSV
added 2026/05/26 1:1 a.m.11 views

MAL-2026-4716 Malicious code in weavedb-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.12 views

Malicious code in exxpress-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378e423b00c08a371fbae1c77360685d2277e502e9875caa53fb20f58a39f396 The package name exxpress-tool is a one-character edit of the widely-used express package. On npm install, the declared scripts.postinstall runs...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/05/14 7:25 p.m.11 views

MAL-2026-3762 Malicious code in exxpress-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 378e423b00c08a371fbae1c77360685d2277e502e9875caa53fb20f58a39f396 The package name exxpress-tool is a one-character edit of the widely-used express package. On npm install, the declared scripts.postinstall runs...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.10 views

Malicious code in joi-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ca38e3574ffcb0fabb105616e28108137c8256e2c70aeede59623bca5df496a The package declares a postinstall hook "postinstall": "node postinstall.js" in package.json that runs unconditionally on npm install. The script's o...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.13 views

Malicious code in exxpress-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfa81f7c144d5feeea9c49254fbeec68f8271460d4a51efd5757a62b251c05f2 The package declares scripts.postinstall pointing at postinstall.js, which runs automatically on npm install. The script performs three...

5.8AI score
Exploits0References4
OSV
OSV
added 2026/05/14 7:24 p.m.7 views

MAL-2026-3756 Malicious code in cheerio-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d51a2885f4eaff732d1ef7ab065b04d21c59263b1212d5b92b92c87914ef879 cheerio-tool typosquats the popular cheerio HTML parser README claims 'Cheerio Tool utility helpers', keywords are 'lodash','utilities', and index.js...

5.8AI score
Exploits0References3
Snyk
Snyk
added 2026/05/11 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...

9.8CVSS6AI score0.02342EPSS
Exploits3References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 8:0 a.m.9 views

Malicious code in apple-infra-network-v2 (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/04/29 8:0 a.m.8 views

MAL-2026-3156 Malicious code in apple-infra-ultimate-bypass (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 8:0 a.m.9 views

Malicious code in apple-infra-ultimate-bypass (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/29 8:0 a.m.4 views

MAL-2026-3155 Malicious code in apple-infra-network-v2 (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

5.9AI score
Exploits0References1
Snyk
Snyk
added 2026/03/20 10:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 10:0 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder