OSV - Open Source Vulnerabilities

MAL-2025-47456

npm/regex-validator-pro

Malicious code in regex-validator-pro (npm)

3 hours ago

No fix available

MAL-2025-47457

npm/validator-utils-pro

Malicious code in validator-utils-pro (npm)

3 hours ago

No fix available

GHSA-m79r-r765-5f9j

npm/@lobehub/chat

Lobe Chat Desktop vulnerable to Remote Code Execution via XSS in Chat Messages

8 hours ago

Fix available
Severity - 6.8 (Medium)

MAL-2025-47455

npm/@rxap/ngx-bootstrap

Malicious code in @rxap/ngx-bootstrap (npm)

12 hours ago

No fix available

MAL-2025-47450

npm/hello-shai

Malicious code in hello-shai (npm)

23 hours ago

No fix available

MAL-2025-47449

npm/another-shai

Malicious code in another-shai (npm)

yesterday

No fix available

MAL-2025-47426

npm/playground_root

Malicious code in playground_root (npm)

yesterday

No fix available

MAL-2025-47425

npm/storj-satellite

Malicious code in storj-satellite (npm)

yesterday

No fix available

GHSA-9pw5-wx67-q964

npm/@sequa-ai/sequa-mcp

@sequa-ai/sequa-mcp has Command Injection vulnerability

yesterday

Fix available
Severity - 2.1 (Low)

GHSA-qm9p-f9j5-w83w

npm/@parcel/reporter-dev-server

Parcel has an Origin Validation Error vulnerability

yesterday

No fix available
Severity - 6.5 (Medium)

MAL-2025-47428

npm/@bonk-sdk/ipfs

Malicious code in @bonk-sdk/ipfs (npm)

yesterday

No fix available

MAL-2025-47429

npm/@bonk-sdk/sha256

Malicious code in @bonk-sdk/sha256 (npm)

yesterday

No fix available

MAL-2025-47430

npm/@jupiter-sdk/trade

Malicious code in @jupiter-sdk/trade (npm)

yesterday

No fix available

MAL-2025-47431

npm/ansi-styl

Malicious code in ansi-styl (npm)

yesterday

No fix available

MAL-2025-47432

npm/axois-helper

Malicious code in axois-helper (npm)

yesterday

No fix available

MAL-2025-47433

npm/epc-help-widget

Malicious code in epc-help-widget (npm)

yesterday

No fix available