80 matches found
CVE-2026-2258
Affected software: aardappel lobster up to 2025.4. Vulnerable component: WaveFunctionCollapse function in library dev/src/lobster/wfc.h. Issue causes memory corruption via local manipulation. Exploit has been published and may be used. A patch is available (commit c2047a33e1ac2c42ab7e8704b33f7ea5...
EUVD-2025-177592
Malicious code in nightwatch-nashira-wavefunction-perturbation npm...
EUVD-2025-175590
Malicious code in webdriverio-wavefunction-publish-asteroid npm...
EUVD-2025-175624
Malicious code in wavefunction-prompts-webdriver-mocha-vuetify npm...
EUVD-2025-175672
Malicious code in vulcan-astrobiology-wavefunction-delphinus npm...
EUVD-2025-175586
Malicious code in webpack-less-heliophysics-wavefunction npm...
EUVD-2025-178370
Malicious code in interferometry-zephyr-procyon-wavefunction npm...
EUVD-2025-179128
Malicious code in enif-wavefunction-phoebe-kastra npm...
EUVD-2025-179692
Malicious code in cluster-wavefunction-subduction-transhumanism npm...
Malicious code in nightwatch-nashira-wavefunction-perturbation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c4b64c33f7412381a1d500dcafadddadb2f2c59a0d9bf14721c9e7e3ff107f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188290 Malicious code in nightwatch-nashira-wavefunction-perturbation (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6c4b64c33f7412381a1d500dcafadddadb2f2c59a0d9bf14721c9e7e3ff107f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189959 Malicious code in tool-wavefunction-ultra-gridsome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6440db217bbb9f167b1f6b7b229fe260c8138b56561aaeb8a50a4cfe2d6b38b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175625
Malicious code in wavefunction-procyon-archaeoastronomy-uranology npm...
Malicious code in wavefunction-prompts-webdriver-mocha-vuetify (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9133d1deb74b2792ed8706555c49fa13ce1ca719f838438eaefd5622916c5386 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in wavefunction-optimize-css-assets-webpack-plugin-development-ursa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25aeb382914a3761927c689bda3eefcfcfc97e0a1a8d7b2dfbecea0ce3f3077c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176862
Malicious code in quantumfoam-wavefunction-lacerta-singularity npm...
MAL-2025-187389 Malicious code in hugo-wavefunction-dotenv-parse-variables-parallax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ecf14a07cd348f4aef4bf71dd063f333aee890c7b9fffa4af049cac1d997ef9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-189267 Malicious code in rollup-nova-wavefunction-rimraf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a71178046d6bba4cd289f92d4a80c4b5b2938521d5c4be7a784b9de70d0b722 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-177794
Malicious code in mocha-eventhoriz-wavefunction-redshift npm...
EUVD-2025-176513
Malicious code in saturnology-equinox-cordelia-wavefunction npm...