Lucene search
K

12 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 10:20 p.m.8 views

Malicious code in vite-config-field (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8e5dabbc9cf746e153391fbe76f4dc54f9bccb9f7fd467d5b80d07c84ab1fb58 [email protected] impersonates the legitimate vite-plugin-pwa package README copies its banner/badges, funding field points at antfu's GitHub...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/06/15 8:5 p.m.25 views

GHSA-G8MR-85JM-7XHM Vitest Browser: Exposed Browser Mode API Can Proxy CDP and Overwrite Config Files, Leading to RCE

Summary Vitest Browser Mode exposes a cdp API that forwards raw Chrome DevTools Protocol CDP methods over the Vitest browser WebSocket RPC. CDP is not gated by browser.api.allowWrite, browser.api.allowExec, api.allowWrite, or api.allowExec. As a result, disabling Browser Mode write and exec...

9.8CVSS5.8AI score0.00089EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 3:4 a.m.18 views

Malicious code in vite-config-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1f9ee389e1023034a78a4c268db5d48e016565f37b7fb6c514bf095b2dec552 On require/import of the package, the entrypoint chain src/index.js → core/createConfig.js → features/plugins.js side-effect-imports...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/13 3:4 a.m.18 views

MAL-2026-5728 Malicious code in vite-config-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1f9ee389e1023034a78a4c268db5d48e016565f37b7fb6c514bf095b2dec552 On require/import of the package, the entrypoint chain src/index.js → core/createConfig.js → features/plugins.js side-effect-imports...

6.2AI score
Exploits0References2
OSV
OSV
added 2025/11/25 12:16 a.m.1 views

MAL-2025-191383 Malicious code in @voiceflow/vite-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e311606ae472f7551604c1c14cbf14f26fab216c76778f69086466466deac60c The package @voiceflow/vite-config was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/25 12:16 a.m.6 views

Malicious code in @voiceflow/vite-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e311606ae472f7551604c1c14cbf14f26fab216c76778f69086466466deac60c The package @voiceflow/vite-config was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/25 12:16 a.m.2 views

EUVD-2025-199379

Malicious code in @voiceflow/vite-config npm...

6.6AI score
Exploits0References3
Snyk
Snyk
added 2025/09/22 7:59 a.m.2 views

Malicious Package

Overview node-vite-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/22 7:59 a.m.1 views

Malicious code in node-vite-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c53bdee988880e8c288daeff8bb041022f69c78319375b597edab208129e0621 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/09/22 7:59 a.m.1 views

MAL-2025-47489 Malicious code in node-vite-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c53bdee988880e8c288daeff8bb041022f69c78319375b597edab208129e0621 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 5:9 a.m.3 views

Malicious code in vite-config-pretty-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a3f6b7466ad8fab94eb697f86931898faaaa7437f3361c93556cfae5f75f99f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/05/27 5:9 a.m.4 views

MAL-2025-4517 Malicious code in vite-config-pretty-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a3f6b7466ad8fab94eb697f86931898faaaa7437f3361c93556cfae5f75f99f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder