26517 matches found
@mpticketsmodule/common (>=1.0.4 <=1.0.13), @o.yilmaz/shared (>=1.0.0 <=1.0.28) +1 more potentially affected by unknown CVE via epxress (=0.0.1-security)
epxress NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on epxress and may be impacted: - @mpticketsmodule/common =1.0.4, =1.0.0, =1.0.28 - @wikietickets/common =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-1972...
h1-cli-device-node (>=1.0.1-alpha.0 <=1.0.1-alpha.1) potentially affected by unknown CVE via h1-cli-ext-root-auth (=1.0.1-alpha.1)
h1-cli-ext-root-auth NPM version =1.0.1-alpha.1 is affected by a known vulnerability. The following packages have a transitive dependency on h1-cli-ext-root-auth and may be impacted: - h1-cli-device-node =1.0.1-alpha.0, =1.0.1-alpha.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-22080...
@alu0101350158/constant-folding (>=1.0.0 <=1.3.9), @mp-next/build (>=0.0.1-alpha.27 <=0.0.1-alpha.34) +9 more potentially affected by unknown CVE via commmander (=0.0.1-security)
commmander NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commmander and may be impacted: - @alu0101350158/constant-folding =1.0.0, =0.0.1-alpha.27, =1.0.0, =0.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.3 - zhoukang-cli =1.0.0 Sourc...
one (>=1.1.2 <=1.8.2), plv8x (>=0.3.1 <=0.3.2) potentially affected by unknown CVE via genpkg (=0.0.3)
genpkg NPM version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on genpkg and may be impacted: - one =1.1.2, =0.3.1, =0.3.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-21327...
ourtunes (>=0.0.0 <=1.1.0) potentially affected by unknown CVE via play-url (=0.0.5)
play-url NPM version =0.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on play-url and may be impacted: - ourtunes =0.0.0, =1.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-29381...
my-first-vue-project (=0.1.0), react-responsive-data-table (>=1.0.0 <=1.0.5) potentially affected by unknown CVE via bootstrap4 (=0.0.1-security)
bootstrap4 NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on bootstrap4 and may be impacted: - my-first-vue-project =0.1.0 - react-responsive-data-table =1.0.0, =1.0.5 Source cves: unknown CVE Source advisory: OSV:MAL-2025-159...
adaptive-fs (>=1.1.0 <=1.3.2), ajato (=0.0.1-wip) +1 more potentially affected by unknown CVE via mogoose (=0.0.1-security)
mogoose NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on mogoose and may be impacted: - adaptive-fs =1.1.0, =1.0.48, =1.1.26 Source cves: unknown CVE Source advisory: OSV:MAL-2025-26613...
6_0901 (=1.0.0), @alu0101227610/gh-repo-rename (>=1.2.0 <=1.2.1) +27 more potentially affected by unknown CVE via comander (=0.0.1-security)
comander NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on comander and may be impacted: - 60901 =1.0.0 - @alu0101227610/gh-repo-rename =1.2.0, =1.1.1, =1.2.0, =0.0.2, =1.0.0, =1.2.2, =1.0.1, =1.0.5 - hager1 =1.0.0 and more...
@etherio/database (>=0.0.1 <=0.0.13), @gridnt/ngplus (=1.0.3) +23 more potentially affected by unknown CVE via axois (=0.0.1-security)
axois NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on axois and may be impacted: - @etherio/database =0.0.1, =0.5.6, =3.10.2, =0.0.27, =0.0.27, =1.0.0, =1.0.2, =0.1.0, =1.0.1, =1.0.10 and more Source cves: unknown CVE Source...
delegate-dom (>=0.0.0 <=0.0.1), dom-delegation-stream (=0.0.0) +2 more potentially affected by unknown CVE via matches-dom-selector (=0.0.0)
matches-dom-selector NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on matches-dom-selector and may be impacted: - delegate-dom =0.0.0, =1.0.0, =1.0.0, =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25996...
@deck/app (>=1.0.1 <=1.4.11), octophant (=0.1.0) potentially affected by unknown CVE via rimraf-glob (=0.0.0)
rimraf-glob NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on rimraf-glob and may be impacted: - @deck/app =1.0.1, =1.4.11 - octophant =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-32233...
@akaiv/core (>=1.2.6 <=1.8.3), @akaiv/discord-client (>=1.0.0 <=1.4.1) +3 more potentially affected by unknown CVE via minimst (=0.0.1-security)
minimst NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on minimst and may be impacted: - @akaiv/core =1.2.6, =1.0.0, =0.1.0, =0.4.0 - @akaiv/kakao-client =2.0.1 - netlify-minutes =0.1.0 Source cves: unknown CVE Source advisory...
@cnbritain/merlin-www-build-tools (=0.1.2), auto_cep (>=1.0.0 <=1.0.2) +5 more potentially affected by unknown CVE via browsersync (=0.0.1-security)
browsersync NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on browsersync and may be impacted: - @cnbritain/merlin-www-build-tools =0.1.2 - autocep =1.0.0, =1.0.114, =1.0.0, =1.0.0, =1.0.0, =1.0.2 Source cves: unknown CVE Sour...
s-collection.js (=1.0.0) potentially affected by unknown CVE via lodash.js (=0.0.1-security)
lodash.js NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on lodash.js and may be impacted: - s-collection.js =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25506...
declarative-js (>=0.0.0 <=0.0.2) potentially affected by unknown CVE via andthen (=0.0.2)
andthen NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on andthen and may be impacted: - declarative-js =0.0.0, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-14514...
react-calendar1 (>=0.1.0 <=1.1.4) potentially affected by unknown CVE via react-google-calendar-events (=0.0.1-security)
react-google-calendar-events NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on react-google-calendar-events and may be impacted: - react-calendar1 =0.1.0, =1.1.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-31791...
shell-jobs (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via next-time (>=0.0.0 <=0.0.1)
next-time NPM version =0.0.0, =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27399...
jones-mysql (=1.0.0), jones-ndb (=1.0.0) potentially affected by unknown CVE via database-jones (=1.2.8)
database-jones NPM version =1.2.8 is affected by a known vulnerability. The following packages have a transitive dependency on database-jones and may be impacted: - jones-mysql =1.0.0 - jones-ndb =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17995...
brick (=0.0.0), brick-node (>=0.0.8 <=0.0.17) +20 more potentially affected by unknown CVE via default-debug (>=0.0.0 <=2.0.0)
default-debug NPM version =0.0.0, =0.0.8, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-18178...
bakpiabathok-3 (=1.1.6), bonteng-1 (=1.1.6) +1 more potentially affected by unknown CVE via bonteng (=0.0.1-security)
bonteng NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on bonteng and may be impacted: - bakpiabathok-3 =1.1.6 - bonteng-1 =1.1.6 - kolekcau-2 =1.1.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-15953...
brick-node (>=0.0.0 <=0.0.17), change-object (=0.0.0) +8 more potentially affected by unknown CVE via stream-format (=0.0.3)
stream-format NPM version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on stream-format and may be impacted: - brick-node =0.0.0, =1.16.0, =0.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-34079...
brick (=0.0.0), brick-browser (>=0.0.0 <=0.0.14) +11 more potentially affected by unknown CVE via methodify (>=0.0.2 <=0.0.3)
methodify NPM version =0.0.2, =0.0.0, =0.0.0, =0.5.0-alpha.2, =0.0.0, =2.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.1.0, =0.0.0, =2.0.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-26261...
cli-form (>=0.1.0 <=0.1.4), cli-qa (>=2.0.0 <=2.3.0) +1 more potentially affected by unknown CVE via comma-list (>=0.0.0 <=0.0.1)
comma-list NPM version =0.0.0, =0.1.0, =2.0.0, =0.0.0, =1.3.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17400...
common-media (=1.0.0), common-soundcloud (>=1.0.0 <=1.1.0) +14 more potentially affected by unknown CVE via require-sdk (>=0.0.0 <=0.0.2)
require-sdk NPM version =0.0.0, =1.0.0, =1.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.1, =0.0.4, =0.0.2, =0.0.3, =0.0.1, =0.0.1, =0.0.0, =0.1.0, =1.0.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-32119...
brick-browser (>=0.0.0 <=0.0.14), brick-node (>=0.0.0 <=0.0.17) +11 more potentially affected by unknown CVE via new-struct (>=0.0.4 <=0.1.1)
new-struct NPM version =0.0.4, =0.0.0, =0.0.0, =0.5.0-alpha.2, =0.0.0, =2.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.2, =0.0.0, =2.0.0, =2.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27369...
bismagul_project08_quiz (>=1.0.0 <=1.0.1), cli-advanture-game (=1.0.0) +5 more potentially affected by unknown CVE via calk (=0.0.1-security)
calk NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on calk and may be impacted: - bismagulproject08quiz =1.0.0, =1.0.0, =1.0.0, =1.0.1 - todoterminallist =1.0.0 - zhs-cli-advanture-game =1.0.0 Source cves: unknown CVE Source...
level-json-cache (=0.0.0), midibin-api (=0.0.0) +6 more potentially affected by unknown CVE via level-json (>=0.0.2 <=2.0.0)
level-json NPM version =0.0.2, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.2.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25199...
baluni (>=1.0.0 <=2.7.2), fast-publish (>=0.0.1 <=0.0.2-alpha.0) potentially affected by unknown CVE via chakl (=0.0.1-security)
chakl NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on chakl and may be impacted: - baluni =1.0.0, =0.0.1, =0.0.2-alpha.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-16766...
licensefile (=1.1.1), myprick (>=1.0.0 <=1.1.0) potentially affected by unknown CVE via prick (=0.0.1-security)
prick NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on prick and may be impacted: - licensefile =1.1.1 - myprick =1.0.0, =1.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-29641...
000tea (=1.4.5), 00tea (=1.4.4) +838 more potentially affected by unknown CVE via name (=0.0.2)
name NPM version =0.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on name and may be impacted: - 000tea =1.4.5 - 00tea =1.4.4 - 01q =1.5.1 - 032we =1.5.7 - 0tea =1.4.3 - 123qaz =1.1.1 - 12we =1.6.9 - 12wea =1.5.5 - 1qwe =1.4.6 - 1qwer =1.4.7 - 1qwer...
luis-reddit-cli (=1.0.0), md-links-larissadepaula (>=0.2.0 <=0.2.1) +1 more potentially affected by unknown CVE via node-fecth (=0.0.1-security)
node-fecth NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on node-fecth and may be impacted: - luis-reddit-cli =1.0.0 - md-links-larissadepaula =0.2.0, =0.0.37, =0.0.40 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27...
brick-node (>=0.0.0 <=0.0.17), change-object (=0.0.0) +9 more potentially affected by unknown CVE via pause-function (=0.0.1)
pause-function NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on pause-function and may be impacted: - brick-node =0.0.0, =1.16.0, =0.0.0, =1.0.1 - stream-format =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28923...
attr (>=0.0.0 <=0.0.1), door (>=0.0.5 <=0.0.6) +6 more potentially affected by unknown CVE via new-pubsub (>=0.0.3 <=2.0.0)
new-pubsub NPM version =0.0.3, =0.0.0, =0.0.5, =0.0.7, =0.0.0, =0.0.0, =0.0.0, =0.0.2 - watch-array =0.0.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-27366...
fd-dcc (>=1.0.0 <=2.1.4), test_sdk_aki (>=1.0.3 <=1.0.4) +1 more potentially affected by unknown CVE via axioss (=0.0.1-security)
axioss NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on axioss and may be impacted: - fd-dcc =1.0.0, =1.0.3, =1.0.0, =1.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-15242...
04-as-contact-numbers-menu-cli (=1.0.0), 10xanswers (>=1.0.11 <=1.0.36) +424 more potentially affected by unknown CVE via save-dev (=0.0.1-security)
save-dev NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on save-dev and may be impacted: - 04-as-contact-numbers-menu-cli =1.0.0 - 10xanswers =1.0.11, =3.0.2, =1.6.5, =1.9.1, =1.2.0, =1.1.6, =0.2.1, =1.0.0 - @andes/plex =8.0.1...
level-json (>=0.0.4 <=1.0.0), scrape-eksi (>=0.0.0 <=0.0.1) +2 more potentially affected by unknown CVE via level-client (>=0.0.1 <=1.0.0)
level-client NPM version =0.0.1, =0.0.4, =0.0.0, =0.2.0, =0.2.6 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25197...
fox (>=1.5.0 <=1.6.2), pomodoro-timer (>=0.0.4 <=0.0.5) +3 more potentially affected by unknown CVE via after-time (>=0.0.0 <=0.0.1)
after-time NPM version =0.0.0, =1.5.0, =0.0.4, =0.0.0, =0.0.0, =0.0.1 - tomato-timer =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-14147...
@aviationpast/niotest (>=1.0.1 <=1.0.17) potentially affected by unknown CVE via 4equest (=0.0.1-security)
4equest NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on 4equest and may be impacted: - @aviationpast/niotest =1.0.1, =1.0.17 Source cves: unknown CVE Source advisory: OSV:MAL-2025-7012...
jl-wechat-sdk (>=1.0.0 <=1.2.3) potentially affected by unknown CVE via crpyto-js (=0.0.1-security)
crpyto-js NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on crpyto-js and may be impacted: - jl-wechat-sdk =1.0.0, =1.2.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17718...
alert (>=0.0.0 <=0.0.1), background-image (=0.0.0) +40 more potentially affected by unknown CVE via new-format (>=0.0.1 <=2.0.0)
new-format NPM version =0.0.1, =0.0.0, =0.0.0, =0.0.0, =0.0.0, =0.3.0, =0.0.0, =0.0.10, =0.0.0, =0.0.0, =0.0.0, =0.0.13 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-27361...
@chumbas/common (>=1.0.3 <=1.0.4), @safnode/common (=1.0.3) potentially affected by unknown CVE via expess (=0.0.1-security)
expess NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on expess and may be impacted: - @chumbas/common =1.0.3, =1.0.4 - @safnode/common =1.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-20061...
brick-node (>=0.0.8 <=0.0.17), bud (=0.0.3) +18 more potentially affected by unknown CVE via new-command (>=0.0.0 <=2.0.0)
new-command NPM version =0.0.0, =0.0.8, =0.0.0, =0.0.0, =0.0.0, =0.0.3, =0.0.4, =0.0.5 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-27359...
brick (=0.0.0), brick-node (>=0.0.0 <=0.0.17) potentially affected by unknown CVE via mime-of (=0.1.0)
mime-of NPM version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on mime-of and may be impacted: - brick =0.0.0 - brick-node =0.0.0, =0.0.17 Source cves: unknown CVE Source advisory: OSV:MAL-2025-26376...
scraping-eksi (>=0.0.0 <=1.0.1) potentially affected by unknown CVE via limited-parallel-loop (=0.0.0)
limited-parallel-loop NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on limited-parallel-loop and may be impacted: - scraping-eksi =0.0.0, =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25373...
@luxiaodan/el-selection-tree-table (=1.0.3) potentially affected by unknown CVE via lodsah (=0.0.1-security)
lodsah NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on lodsah and may be impacted: - @luxiaodan/el-selection-tree-table =1.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-25516...
@toolspack/ttd-common (>=0.1.0 <=1.3.2), @toolspack/ttd-pdfjs (>=0.0.0 <=0.1.4) potentially affected by unknown CVE via babel-laoder (=0.0.1-security)
babel-laoder NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on babel-laoder and may be impacted: - @toolspack/ttd-common =0.1.0, =0.0.0, =0.1.4 Source cves: unknown CVE Source advisory: OSV:MAL-2025-15281...
very_good_package (>=1.0.8 <=1.0.12) potentially affected by unknown CVE via testing054dfas (=0.0.1-security)
testing054dfas NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on testing054dfas and may be impacted: - verygoodpackage =1.0.8, =1.0.12 Source cves: unknown CVE Source advisory: OSV:MAL-2025-36728...
@purplegate/chat-sdk (>=1.0.7 <=1.0.8), mock-json-response (=1.0.9) potentially affected by unknown CVE via rimraff (=0.0.1-security)
rimraff NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on rimraff and may be impacted: - @purplegate/chat-sdk =1.0.7, =1.0.8 - mock-json-response =1.0.9 Source cves: unknown CVE Source advisory: OSV:MAL-2025-32235...
clicommandcources (=1.0.1) potentially affected by unknown CVE via commandr (=0.0.1-security)
commandr NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on commandr and may be impacted: - clicommandcources =1.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-17409...
@baosight/xinrong (>=0.0.36 <=0.0.37), wypulldom (=1.0.0) potentially affected by unknown CVE via jqeury (=0.0.1-security)
jqeury NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on jqeury and may be impacted: - @baosight/xinrong =0.0.36, =0.0.37 - wypulldom =1.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-23891...