Lucene search
K

4 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:22 p.m.12 views

Malicious code in @orion-design-system/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd5d007da2de0a07fc1a0d999cccbf71a748627c82c9b2000d161eb248a5a0f package.json declares a preinstall hook that runs an inline node -e script reading os.hostname and os.userInfo.username and transmitting them via HTT...

5.4AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 3:5 p.m.15 views

Malicious code in nepsnowplow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7e26395712f5003186b16919b17058dbc8d140aae9ab0dc20d5add9624cc35c6 The OpenSSF Package Analysis project identified 'nepsnowplow' @ 9999.0.0 npm as malicious. It is considered malicious because: - The package...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 12:31 a.m.13 views

Malicious code in @rocketreach/rr-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1c16148ad4c13ad5d5cbfe951d9ca934a0912ab5ad75c3b4afee19be86172fa On npm install, both preinstall and postinstall lifecycle hooks execute postinstall.js, which collects host identifiers hostname, platform, arch, OS...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/14 7:6 p.m.12 views

Malicious code in ckeditor5-minimap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f65f71fdee0224ec38d03c631d1df1a8454347b6d82cfda912b11d387052898c The package ckeditor5-minimap was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
Rows per page
Query Builder