489 matches found
PT-2026-43158
A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument plugin version results in os command injection. The attack may be launched...
Malicious code in index-chi-grep-nu-wind (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 946e14211b226c9fbfa8034384b11c7e0a59c7788f474de387a9830d62d259bb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-190479 Malicious code in zeta-lambda-abstract-eta-secure (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b820d228c75228585ef00e24bee4183f5a0dff3ec86ddc4b9cc4727395b97ed5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in socket-mock-java-rho-spy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c73783490d318eb38b0f589f800124ffffafbe09192fd2fb01fc5ce1f82b4195 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in superagent-planckscale-prettier-transform (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fca005387f6cae31e007b8f9b1d5e146cfcca77b5b5758630e77c134eed57fc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eslint-plugin-semantic-release-chalk-fusion (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7f76b381638ad18356b8c8d18b10785d541bf3b50f7d3ed0032bd37f205212b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in exoplanet-genomics-thermosphere-phoebe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c3eb6aa62f0ef2efdeb2e5a6edc6dd0fc792ad8dd18cec6011451d9b9b53b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in filament-axios-node-config-jasmine (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01b4ca708c825886f59edaa9b7603233077a52e4be38ca0410b533b306826913 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kronos-buffer-titan-zephyr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 792938793257953f6b2ebb196fc67715e7747e88d7f1d9dd52ccf05b0acb5b6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lambda-transpile-gamma-omicron-resolve (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f99f0348d7e173dc7912d39e05ba519748d07e0d15a2ed0eb9e7b1a0fef1428 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in paleomagnetism-process-rigel-ariel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 806c222b404c6835419bb2dc3e3292a0bfea544dc0e55b7579ef348d91329803 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in void-exoplanet-ganymede-geodynamo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c9a2c790225f2e208964e0a25bd71c0f64b5307be9ad53a6361c7098f046d5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rain-theta-thread-star-simulate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3986a9a02494b35678a795f640466720c5fe1b0abe17f68d5b83e94604660e84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in scale-compress-minify-wind-interface (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74cf00479e7cd2290e4a0ccc2c84047c9a059d424a668bd7c886f48e901c9c1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in scripts-duplex-innercore-mongoose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 795b605e61cc15d48e6db76692728e9b0cf00f022d125f102ddb7cde83246cb5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185893 Malicious code in bootstrap-solis-bulma-zooarchaeology (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd3c4b90b728e10c24b350f3bbaa8da21ea46f25f548e1c3a7dbb67672704c24 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185424 Malicious code in aldebaran-thuban-gacrux-apex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89edf3df3532bb49c2c76748f619d106892eaa539e1416145739aa8a307a1f0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186369 Malicious code in cressida-jwt-loglevel-fetch (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9c579391a28b717cc3bab01d83cefe0a9573ccb0c4b8dee4c27e98fcb9b1adac This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186696 Malicious code in elara-magnetar-asteroid-cosmicray (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c52e755b198c774dd97904304558c2b73ba5f1ae10822199222a1172fa1840d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189901 Malicious code in testcafe-scripts-phoebe-nconf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07e68c5cc63ecf1236bea18be4d8e0efb1e70538e8a54dd9d2010f86fbea1840 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...