2 matches found
MAL-2026-3384 Malicious code in web3-connect (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1395358346670699250fafa1cb824e59ce1d8265d21b6c80c5033f572349265f Code pretends to be a crypto utility but exfiltrates given private key / seed --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
@debridge-finance/solana-grpc (>=1.1.2 <=1.1.3), @mochi-web3/connect-wallet-widget (>=0.0.7 <=0.2.10) +2 more potentially affected by CVE-2024-30253 via @solana/web3.js (=1.74.0)
@solana/web3.js NPM version =1.74.0 is affected by a known vulnerability. The following packages have a transitive dependency on @solana/web3.js and may be impacted: - @debridge-finance/solana-grpc =1.1.2, =0.0.7, =0.2.2, =1.194.0, =1.261.0 Source cves: CVE-2024-30253 Source advisory:...