attr (>=0.0.0 <=0.0.1), door (>=0.0.5 <=0.0.6) +6 more potentially affected by unknown CVE via new-pubsub (>=0.0.3 <=2.0.0)

new-pubsub NPM version =0.0.3, =0.0.0, =0.0.5, =0.0.7, =0.0.0, =0.0.0, =0.0.0, =0.0.2 - watch-array =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27366...

Malicious code in watch-array (npm)

The package watch-array was found to contain malicious code...

watch-array (>=0.0.0 <=0.0.4) potentially affected by unknown CVE via new-list (>=0.0.5 <=2.0.0)

new-list NPM version =0.0.5, =0.0.0, =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27362...

MAL-2025-38802 Malicious code in watch-array (npm)

The package watch-array was found to contain malicious code...