Malicious code in vite-svgr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a22a309bc488d107fc2734705e05bb4032432bb9b54391e8ee2325d980b2cdf5 Package name vite-svgr impersonates the popular vite-plugin-svgr, but the shipped code is a fork of tsconfig-paths package.json description: 'Load no...

Malicious code in vite-tsconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88e76d2cfe72140b4419a881bd3271d2fb1f246444a8418f6decfd81a76dd17c Package impersonates the popular tsconfig-paths library description: 'Load node modules according to tsconfig paths' but ships a hidden...

MAL-2026-5576 Malicious code in vite-tsconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 88e76d2cfe72140b4419a881bd3271d2fb1f246444a8418f6decfd81a76dd17c Package impersonates the popular tsconfig-paths library description: 'Load node modules according to tsconfig paths' but ships a hidden...

MAL-2026-4705 Malicious code in vite-json-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7c9683fed8b8696938eb7ad88e158f70a075851b0dd511af991ecd69a4d0fd The package presents itself as a vite/tsconfig path helper and clones the public API of tsconfig-paths createMatchPath, matchFromAbsolutePaths,...

Malicious code in vite-json-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7c9683fed8b8696938eb7ad88e158f70a075851b0dd511af991ecd69a4d0fd The package presents itself as a vite/tsconfig path helper and clones the public API of tsconfig-paths createMatchPath, matchFromAbsolutePaths,...

Malicious code in hedwig-tsconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a650b67b76184573f147a7b286249b1de734cfa85647aea9a9bea3284e155f8 The OpenSSF Package Analysis project identified 'hedwig-tsconfig' @ 99.8.1 npm as malicious. It is considered malicious because: - The package...

MAL-2026-3592 Malicious code in hedwig-tsconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a650b67b76184573f147a7b286249b1de734cfa85647aea9a9bea3284e155f8 The OpenSSF Package Analysis project identified 'hedwig-tsconfig' @ 99.8.1 npm as malicious. It is considered malicious because: - The package...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: core: A NULL dereference was prevented in generichwtstampioctllower. The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampge...

Malicious Package

Overview tsconfig-stitch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in tsconfig-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 604460d36ae1ce56e73af1b1e087dca00ef2117ca7c22a6556637effff2750c9 The package tsconfig-stitch was found to contain malicious code. Source: ghsa-malware 16b55e32e715af39ca0c84de2ae4b33de360bdbe4f7448a6eb78385de90fdb9...

MAL-2026-695 Malicious code in tsconfig-stitch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 604460d36ae1ce56e73af1b1e087dca00ef2117ca7c22a6556637effff2750c9 The package tsconfig-stitch was found to contain malicious code. Source: ghsa-malware 16b55e32e715af39ca0c84de2ae4b33de360bdbe4f7448a6eb78385de90fdb9...

SUSE CVE-2025-40255

In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generichwtstampioctllower The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampget -...

UBUNTU-CVE-2025-40255

In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generichwtstampioctllower The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampget -...

CVE-2025-40255 net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower()

In the Linux kernel, the following vulnerability has been resolved: net: core: prevent NULL deref in generichwtstampioctllower The ethtool tsconfig Netlink path can trigger a null pointer dereference. A call chain such as: tsconfigpreparedata - devgethwtstampphylib - vlanhwtstampget -...

PT-2025-49085

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s networking subsystem related to hardware timestamping. Specifically, a null pointer dereference can occur within the generic hwtstamp ioctl lower...

EUVD-2025-199382

Malicious code in @voiceflow/tsconfig-paths npm...

Malicious code in @voiceflow/tsconfig-paths (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fb7c02b11afed895db4edc03c6318bb09005f30253dcea72d4d1b0876478212 The package @voiceflow/tsconfig-paths was found to contain malicious code. Source: google-open-source-security...

Malicious code in @voiceflow/tsconfig (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efbd7f8570f0ab8bcfa431a779045675f5f34e240bf2de966c5cd6b468f5a107 The package @voiceflow/tsconfig was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-199383

Malicious code in @voiceflow/tsconfig npm...

MAL-2025-191380 Malicious code in @voiceflow/tsconfig-paths (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fb7c02b11afed895db4edc03c6318bb09005f30253dcea72d4d1b0876478212 The package @voiceflow/tsconfig-paths was found to contain malicious code. Source: google-open-source-security...