EUVD-2025-36747

Malicious code in transform-merge-sibling-variables npm...

MAL-2025-49048 Malicious code in transform-merge-sibling-variables (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d380989059db5a476085e3c65f461f844bd193d30a4f2558f711086525e20ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36746

Malicious code in transform-react-jsx-source npm...

MAL-2025-49050 Malicious code in transform-react-jsx-source (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd1c3c75a248290b6685831711ef1fa1ec32244ea7ab218a36c42a6b5163e560 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview transform-react-jsx-source is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in transform-react-jsx-source (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fd1c3c75a248290b6685831711ef1fa1ec32244ea7ab218a36c42a6b5163e560 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-49047 Malicious code in transform-es2015-modules-commonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b2ad9d3d189297373f163d4e6bba02fc712b67f335bc6a6bab2ebfcf16cba487 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36759

Malicious code in transform-es2015-modules-commonjs npm...

MAL-2025-49052 Malicious code in transform-strict-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b1eba84b6c8867605a410bc60af12768528aecb23257d4925bc3376c2ca8b85 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36764

Malicious code in transform-strict-mode npm...

Malicious Package

Overview transform-strict-mode is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in transform-strict-mode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b1eba84b6c8867605a410bc60af12768528aecb23257d4925bc3376c2ca8b85 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in transform-react-remove-prop-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38145745ad3f626f3b5d35e2d923d4eec412bed8c0e4d5532dadbc5d53e5ff49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36816

Malicious code in transform-react-remove-prop-types npm...

MAL-2025-49051 Malicious code in transform-react-remove-prop-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38145745ad3f626f3b5d35e2d923d4eec412bed8c0e4d5532dadbc5d53e5ff49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview transform-react-constant-elements is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

Malicious code in transform-react-constant-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d582d56f1f42a97702c2557fbfdcc90613da53d18adf5494b4f18c555c04398 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36853

Malicious code in transform-react-constant-elements npm...

CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2022-50569 xfrm: Update ipcomp_scratches with NULL when freed

In the Linux kernel, the following vulnerability has been resolved: xfrm: Update ipcompscratches with NULL when freed Currently if ipcompallocscratches fails to allocate memory ipcompscratches holds obsolete address. So when we try to free the percpu scratches using ipcompfreescratches it tries t...