MAL-2026-5510 Malicious code in npmjs_web3-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b691e4c1a13cf8174fdf8653d757594f18057650310bc89e376caa806602d3b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in web3-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e42f568897d9af194eb75275059455c99b369456b0c8e0ffe13e7f32be839e6 The OpenSSF Package Analysis project identified 'web3-common' @ 1.0.0 npm as malicious. It is considered malicious because: - The package execut...

MAL-2026-3718 Malicious code in web3-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e42f568897d9af194eb75275059455c99b369456b0c8e0ffe13e7f32be839e6 The OpenSSF Package Analysis project identified 'web3-common' @ 1.0.0 npm as malicious. It is considered malicious because: - The package execut...

@debridge-finance/solana-grpc (>=1.1.2 <=1.1.3), @mochi-web3/connect-wallet-widget (>=0.0.7 <=0.2.10) +2 more potentially affected by CVE-2024-30253 via @solana/web3.js (=1.74.0)

@solana/web3.js NPM version =1.74.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @debridge-finance/solana-grpc =1.1.2, =0.0.7, =0.2.2, =1.194.0, =1.261.0 Source cves: CVE-2024-30253 Source advisory:...