3 matches found
@zapier/zapier-sdk-cli (>=0.0.2 <=0.15.14), @zapier/zapier-sdk-mcp (>=0.3.7 <=0.3.39) potentially affected by unknown CVE via @zapier/zapier-sdk (>=0.0.2 <=0.15.4)
@zapier/zapier-sdk NPM version =0.0.2, =0.0.2, =0.3.7, =0.3.39 Source cves: unknown CVE Source advisory: SNYK:JS-ZAPIERZAPIERSDK-14103241...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-198646
Malicious code in @zapier/zapier-sdk npm...