CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/09/15 11:58 p.m.•3 views

GHSA-FRH7-2F84-V9MW [email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for is-arrayish was taken over after a phishing attack. Version 0.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's ow...

8.8CVSS6.7AI score0.00378EPSS

Exploits0References7

OSV•added 2025/09/15 11:58 p.m.•2 views

GHSA-6JP5-HH4C-8C5H [email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for error-ex was taken over after a phishing attack. Version 1.3.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.7AI score0.00378EPSS

Exploits0References7

Github Security Blog•added 2025/09/15 11:32 p.m.•9 views

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for color-convert was taken over after a phishing attack. Version 3.1.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's...

8.8CVSS6.6AI score0.00378EPSS

Github Security Blog•added 2025/09/15 10:3 p.m.•13 views

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, an npm publishing account for color-name was taken over after a phishing attack. Version 2.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.6AI score0.00433EPSS

Github Security Blog•added 2025/09/15 9:30 p.m.•14 views

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for debug was taken over after a phishing attack. Version 4.4.2 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.6AI score0.00378EPSS

Github Security Blog•added 2025/09/15 9:21 p.m.•5 views

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for backslash was taken over after a phishing attack. Version 0.2.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker's own...

8.8CVSS6.6AI score0.00378EPSS

CVE•added 2025/09/15 8:32 p.m.•23 views

CVE-2025-59145

The CVE-2025-59145 affects color-name (npm package) version 2.0.1 where a malware payload was introduced via an attacker‑compromised npm account, targeting browser contexts to redirect cryptocurrency transactions (e.g., MetaMask). Local/server/CLI environments are not affected. npm removed the co...

8.8CVSS6.3AI score0.00433EPSS

Snyk•added 2025/09/15 7:43 p.m.•1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...

Snyk•added 2025/09/15 7:43 p.m.•3 views

Embedded Malicious Code

Snyk•added 2025/09/15 7:43 p.m.•2 views

Embedded Malicious Code

Overview color-string is a Parser and generator for CSS color strings Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicio...

Snyk•added 2025/09/15 7:43 p.m.•2 views

Embedded Malicious Code

Overview backslash is a parse string escapes \n, \r, etc. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code...

CVE•added 2025/09/15 7:21 p.m.•18 views

CVE-2025-59331

CVE-2025-59331 concerns the npm package is-arrayish. Version 0.3.3 was published after an attacker gained control of a publishing account and inserted a malware payload intended to redirect cryptocurrency transactions in browser environments. Local/server/CLI contexts are not affected. The issue ...

8.8CVSS6.3AI score0.00378EPSS

Cvelist•added 2025/09/15 7:10 p.m.•5 views

CVE-2025-59144 [email protected] contains malware after npm account takeover

debug is a JavaScript debugging utility. On 8 September 2025, the npm publishing account for debug was taken over after a phishing attack. Version 4.4.2 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency...

8.8CVSS0.00378EPSS

OSV•added 2025/09/15 7:10 p.m.•3 views

CVE-2025-59143 [email protected] contains malware after npm account takeover

color is a Javascript color conversion and manipulation library. On 8 September 2025, the npm publishing account for color was taken over after a phishing attack. Version 5.0.1 was published, functionally identical to the previous patch version, but with a malware payload added attempting to...

8.8CVSS6.9AI score0.00378EPSS

Exploits0References7

Snyk•added 2025/09/11 2:22 p.m.•2 views

Embedded Malicious Code

Overview prebid.js is an open source software that is offered for free as a convenience. While it is designed to help companies address legal requirements associated with header bidding, we cannot and do not warrant that your use of Prebid.js will satisfy legal requirements. Affected versions of...

9.8CVSS6.8AI score0.00324EPSS

The Hacker News•added 2025/09/09 11:53 a.m.•5 views

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities

A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automat...

7AI score

Exploits0

Snyk•added 2025/09/08 2:26 p.m.•3 views

Embedded Malicious Code

Overview @duckdb/duckdb-wasm is an in-process analytical SQL database for the browser. It is powered by WebAssembly, speaks Arrow fluently, reads Parquet, CSV and JSON files backed by Filesystem APIs or HTTP requests and has been tested with Chrome, Firefox, Safari and Node.js. Affected versions ...

9.8CVSS7.6AI score

Snyk•added 2025/09/08 2:26 p.m.•3 views

Embedded Malicious Code

9.8CVSS7.1AI score

Snyk•added 2025/09/08 2:26 p.m.•2 views

Embedded Malicious Code

9.8CVSS7.1AI score