react

Cross-Site Scripting in react

Cross-site scripting in react-bootstrap-table

Malicious code in @tiaanduplessis/react-progressbar (npm)

Malicious code in @asyncapi/react-component (npm)

Malicious code in react-library-setup (npm)

Malicious code in react-native-datepicker-modal (npm)

Malicious code in react-native-retriable-fetch (npm)

Malicious code in @tinkoff-react-bui/checkbox-boxed (npm)

Malicious code in react-native-parallax-scroll-view-updated (npm)

Malicious code in yelp-react-component-photo-upload (npm)

Malicious code in pos-next-react-native (npm)

React Router vulnerable to XSS via Open Redirects

Malicious code in configs-web-react (npm)

Preact has JSON VNode Injection issue

React Router has Path Traversal in File Session Storage

React Router has XSS Vulnerability

Prototype pollution in matrix-react-sdk

Withdrawn Advisory: LikeC4 has RCE through vulnerable React and Next.js versions

Malicious code in lovable-react (npm)

Improper Authentication in react-adal

Malicious code in chakra-ui-2--react (npm)

Cross site scripting in @awsui/components-react

Downloads Resources over HTTP in react-native-baidu-voice-synthesizer

Malicious code in react-tailwindcss-style (npm)

OpenClaw's Telegram message_reaction authorization bypass allows unauthorized system-event injection

@webiny/react-rich-text-renderer vulnerable to insecure rendering of rich text content

react-pdf vulnerable to arbitrary JavaScript execution upon opening a malicious PDF with PDF.js

React Router SSR XSS in ScrollRestoration

Malicious code in @btransport/btui-react (npm)

Malicious code in react-qr-image (npm)

React Router has unexpected external redirect via untrusted paths

Malicious code in custom-pages-react-boilerplate (npm)

Malicious code in editor-sdk-react (npm)

Malicious code in eslint-config-vmware-react (npm)

Malicious code in realtime-react-ui (npm)

Malicious code in @monokera/react-components-storybook (npm)

React Server Components are Vulnerable to RCE

Malicious code in @vietmoney/react-native-true-id (npm)

Malicious code in @emerald-react/button (npm)

Malicious code in @emerald-react/core (npm)

Cross-Site Scripting in react-dom

react-dev-utils OS Command Injection in function `getProcessForPort`

Malicious code in auth0-react-03-calling-an-api (npm)

Malicious code in @fishingbooker/react-swiper (npm)

Malicious code in react-toast-cold (npm)

Cross-site Scripting in React Draft Wysiwyg

Malicious code in react-devtools-shared (npm)

Malicious code in adsk_react_axios (npm)

Malicious code in react-svg-anchor (npm)

Malicious code in niji-react-alert (npm)

Malicious code in bui-react-10 (npm)

Malicious code in commerce-sdk-react (npm)

Malicious code in @is24at/react-tracking (npm)

Credential leak in react-native-fast-image

Malicious code in helloreactnative (npm)

Malicious code in dd-sdk-reactnative-example (npm)

OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Malicious code in dreactbvotstrap (npm)

Regular expression denial of service in react-native

Denial of Service Vulnerability in React Server Components

Malicious code in msal-react-quickstart (npm)

Malicious code in @a4u/a4u-collection-react-spectrum-open-source-color-icons-release (npm)

Malicious code in react-native-camera-kit-example (npm)

Malicious code in babelpreetreact (npm)

Malicious code in test-task-react-client (npm)

matrix-react-sdk Prototype pollution vulnerability

Duplicate Advisory: OpenClaw's Signal reaction-only status events could, in limited cases, be enqueued before access checks

Malicious code in yahoo-react-popup-select (npm)

Malicious code in babelpsetreactapp (npm)

OpenClaw: Discord DM reaction ingress missed dmPolicy/allowFrom checks in restricted setups

Malicious code in nfe-kampanje-react (npm)

Malicious code in wf-react-day-picker (npm)

@react-native-community/cli has arbitrary OS command injection

Malicious code in @gs-ux-uitoolkit-react/theme (npm)

Malicious code in orion-react-native (npm)

Malicious code in kratos-nextjs-react-example (npm)

Malicious code in @tampmd/bth-react-components (npm)

React Router allows pre-render data spoofing on React-Router framework mode

Malicious code in react-pillbox (npm)

Malicious code in eslint-config-finance-web-react (npm)

Malicious code in reactlifecyclesycompat (npm)

Malicious code in react-screen-reader-announce (npm)

Malicious code in custom-banner-react (npm)

Malicious code in react-datepicker-docs (npm)

Malicious code in eslintcozfgreactapp (npm)

Malicious code in twilio-video-app-react (npm)

Malicious code in react-multer (npm)

Malicious code in pp-react-buttons (npm)

Malicious code in ali-react-table-monorepo (npm)

Malicious code in @tinkoff-react-bui/context-menu (npm)

React Native Sms User Consent Intent Redirection Vulnerability

Malicious code in @tinkoff-react-bui/highlighter (npm)

Malicious code in monday-react-quickstart-app (npm)

Malicious code in @bitsoex/react-design-system (npm)

Malicious code in react-bs4 (npm)

Malicious code in react-hook-form-7 (npm)

Malicious code in @uc-maps/tile-layers.react (npm)

Malicious code in experimental-entrevista-react-01 (npm)

Malicious code in @nexthink/kendo-react (npm)

Malicious code in @visma-spcs-registry/react-common-components (npm)

Malicious code in react-fatigue-dev (npm)

Malicious code in @actbase/react-native-less-transformer (npm)

Malicious code in react-devtools-timeline (npm)

Malicious code in react-dnd-examples-decorators (npm)

Malicious code in react-dom-router-old (npm)

Malicious code in reactroterre3dux (npm)

Malicious code in aem-core-react-components (npm)

Malicious code in @tr-digital/react-rehydrate (npm)

Malicious code in react-favic (npm)

Malicious code in @fishingbooker/react-pagination (npm)

Malicious code in @fishingbooker/react-raty (npm)

Malicious code in react-liveness (npm)

Malicious code in react-miscosoft-ui (npm)

Malicious code in react-miscrosoft-ui (npm)

Malicious code in @actbase/react-native-tiktok (npm)

Malicious code in @seung-ju/react-hooks (npm)

Malicious code in @actbase/react-native-kakao-channel (npm)

Malicious code in @actbase/react-native-simple-video (npm)

Malicious code in react-persian-calendar-date-picker222 (npm)

Malicious code in react-component-taggers (npm)

Malicious code in @ebay/ui-core-react (npm)

React Router has CSRF issue in Action/Server Action Request Processing

Malicious code in preact-cli-build (npm)

Malicious code in ssc-mobile-ui-react (npm)

Malicious code in legacyreact-aws-s3-typescript (npm)

Malicious code in wf-dbd-react-ui (npm)

Malicious code in react-dnd11 (npm)

Malicious code in react-is-16 (npm)

Malicious code in zohocomponents-react (npm)

react-native-keys insecurely stores encryption cipher and Base64 chunks

Malicious code in c3p-test-reactnative (npm)

Malicious code in testing-react-jsme (npm)

@vitejs/plugin-rsc has a Denial of Service with React Server Components

Malicious code in @strapbuild/react-native-perspective-image-cropper (npm)

Malicious code in esm-appdynamics-grafana-react-datasource (npm)

Malicious code in @voiceflow/stitches-react (npm)

Malicious code in react-element-prompt-inspector (npm)

Malicious code in react-native-transparent-video (npm)

Duplicate Advisory: OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress

Malicious code in react-rps-boilerplate (npm)

React Server Components have multiple Denial of Service Vulnerabilities

Malicious code in react-packery-component (npm)

Malicious code in react-tediter (npm)

Malicious code in @posthog/react-rrweb-player (npm)

Malicious code in react-svgs-helper (npm)

Malicious code in react-medias (npm)

Remix and React Router allow URL manipulation via Host / X-Forwarded-Host headers

Malicious code in react-tmedia (npm)

Source Code Exposure Vulnerability in React Server Components

Malicious code in ad-react-wrapper (npm)

Malicious code in react-animated-glow (npm)

Malicious code in @btransport/react-experimentation (npm)

Malicious code in brock-react-button (npm)

Malicious code in mintel-react-ui (npm)

Malicious code in wac-react (npm)

Malicious code in react-hook-form (npm)

Malicious code in react-resource-router-next (npm)

Malicious code in swplayer-react-sl (npm)

Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components

Malicious code in react-spa-shadcn (npm)

Malicious code in @asyncapi/generator-react-sdk (npm)

Vite Plugin React has a Denial of Service Vulnerability in React Server Components

Malicious code in @takamol/react-qiwa-core (npm)

Malicious code in react-icons-loader (npm)

Malicious code in wt-react (npm)

Malicious code in niji-react-select (npm)

Paperclip: Stored XSS via javascript: URLs in MarkdownBody — urlTransform override disables react-markdown sanitization

React Server Components are Vulnerable to RCE

Malicious code in react-dropzone-log (npm)

Malicious code in react-event-dependency (npm)

Malicious code in react-outcome-error-alert (npm)

Malicious code in @kui-react/button (npm)

Malicious code in react-native-dual-pedometer (npm)

Malicious code in esintpluginreacthooks (npm)

Malicious code in aem-react-editable-components (npm)

Malicious code in react-script-log (npm)

Malicious code in react-fast-utilsa (npm)

Malicious code in fk-react-lottie-player (npm)

Malicious code in mdb-react-sortable (npm)

React Editable Json Tree vulnerable to arbitrary code execution via function parsing

Malicious code in react-async-component-lifecycle-hooks (npm)

Malicious code in react-count-sync (npm)

Malicious code in react-vite-sync (npm)

SQL Injection when creating an application with Reactive SQL backend

OpenClaw: BlueBubbles Group Reactions Bypass requireMention and Still Enqueue Agent-Visible System Events

Malicious code in react-markdown-canvas (npm)

Malicious code in mailjet-react-components (npm)

Malicious code in react-you-might-not-need-an-effect (npm)

Malicious code in react-appfabric-shell (npm)

Malicious code in @emerald-react/chat-bot (npm)

Malicious code in @emerald-react/checkbox (npm)

Malicious code in babel-plugin-transform3react-remove-prop-t8pes (npm)

Malicious code in @bingads-webui-cc-react/edit-primary-contact (npm)

Malicious code in react-svg-helper-fast (npm)

Malicious code in react-native-forter (npm)

Malicious code in react-data-to-export (npm)

Malicious code in react-hook-form-js (npm)

Malicious code in react-server-dom-unbundled (npm)

OpenClaw's Slack reaction/pin sender-policy consistency issue in non-message ingress

Malicious code in react-svg-handler (npm)

Malicious code in plugin-gd-page-builder-react (npm)

Malicious code in wmreact-analytics (npm)

Malicious code in twilio-video-diagnostics-react-app (npm)

Malicious code in react-native-webview-forked (npm)

Malicious code in react-a11y-utils (npm)

Malicious code in bastion-react-app (npm)

Malicious code in react-nesting-example-legacy (npm)

OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists

Malicious code in react-html2pdf.js (npm)

Malicious code in @ensdomains/ensjs-react (npm)

Malicious code in social-media-icons-react (npm)

Malicious code in react-native-google-acm (npm)

Malicious code in @termly/react-components (npm)

Malicious code in ib-ai-react (npm)

Malicious code in paypal-react-donation (npm)

Malicious code in @bijie/react-bnb (npm)

Denial of Service Vulnerability in React Server Components

Malicious code in suspicious-react-scripts (npm)

Malicious code in ecko-dex-react (npm)

Malicious code in babelpugintransformreactjsx (npm)

Malicious code in charting-library-react-example (npm)

Malicious code in foundry-js-react-blueprint (npm)

Malicious code in qrcode-pretty-react (npm)

Malicious code in react-toast-ui (npm)

Malicious code in @sev-ui-verse/react-query-utils (npm)

Malicious code in boost-for-react-native (npm)

Malicious code in @hover-design/react (npm)

Malicious code in react-copack (npm)

Malicious code in hoistnonjreactstatics (npm)

Malicious code in kenzup-react-native-rsa-native (npm)

Malicious code in audible-react-assets (npm)

Malicious code in react-spa-npm (npm)

Malicious code in @tinkoff-react-bui/click-outside (npm)

Malicious code in teamcity-react (npm)

Malicious code in teamcity-react-demo (npm)

Malicious code in react-textfit-example (npm)

Malicious code in monday-ui-react-core-vibe (npm)

Malicious code in uitk-react-calendar (npm)

Malicious code in @nationalgeographicsociety/ngsui-addons-react (npm)

Malicious code in @nationalgeographicsociety/ngsui-core-react (npm)

matrix-react-sdk vulnerable to XSS in Export Chat feature

React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button

`chainId` may be outdated if user changes chains as part of connection in @web3-react

Malicious code in react-bootcamp (npm)

Malicious code in react-oxygen (npm)

Malicious code in @pb-shared/storybook-react-library (npm)

Malicious code in react_popper_old (npm)

Malicious code in reacta-ollo (npm)

Malicious code in posthog-react-native-session-replay (npm)

Malicious code in viewport-react (npm)

Malicious code in react-component-usage (npm)

Malicious code in react-adparser (npm)

taro-css-to-react-native Regular Expression Denial of Service vulnerability

Malicious code in @tinkoff-react-bui/button (npm)

Malicious code in @tinkoff-react-bui/dropdown (npm)

Malicious code in @tinkoff-react-bui/input (npm)

Malicious code in ppreact-lib (npm)

Malicious code in deere-ui-svg-to-react (npm)

Malicious code in typescript-react-sample (npm)

Malicious code in react-sdkk (npm)

Malicious code in reactt-sdkk (npm)

Malicious code in rreact-sdk (npm)

Malicious code in react-ldclient-default-values (npm)

Malicious code in react-monorail-next (npm)

Malicious code in reactnativeflipperexample (npm)

Malicious code in reactonclcikoutside (npm)

Malicious code in meteor-react-component (npm)

Malicious code in epic-react-store (npm)

Malicious code in reactify-utils (npm)

Malicious code in eslint-plugin-react-hooks-published (npm)

Malicious code in react-prop-types-helper (npm)

Malicious code in niji-react-input (npm)

Malicious code in @tinkoff-react-bui/input-amount-core (npm)

Malicious code in uitk-react-cards (npm)

Malicious code in uitk-react-icons (npm)

Malicious code in @tinkoff-react-bui/input-password (npm)

Malicious code in wfui-dbd-react-ui (npm)

Malicious code in @uc-maps/layer-select.react (npm)

Malicious code in yahoo-react-checkbox-group (npm)

Malicious code in @uc-maps/provider-google.react (npm)

Malicious code in garena-react-template-redux (npm)

Malicious code in @tinkoff-react-bui/animation (npm)

Malicious code in zzr-react-custom-widget (npm)

Malicious code in @tinkoff-react-bui/checkbox (npm)

Malicious code in test-react15 (npm)

Malicious code in @tinkoff-react-bui/input-amount (npm)

Malicious code in client-microsite-reactjs-controls (npm)

Malicious code in fluent-ui-react-latest (npm)

Malicious code in ual-reactjs-renderer-example (npm)

Malicious code in react-svg-plugin (npm)

Malicious code in uitk-react-rating (npm)

Malicious code in uitk-react-utils (npm)

Malicious code in @webview/react-skeletor (npm)

Malicious code in @uc-maps/maps.react (npm)

Malicious code in react-smooth-plugin (npm)

Malicious code in web3-react-core (npm)

Malicious code in react-plaid-sdk (npm)

Malicious code in @account-portal/ui-toolkit-react (npm)

Malicious code in checkout-sheet-kit-react-native (npm)

Malicious code in react-devtools-extensions (npm)

Malicious code in @vietmoney/react-big-calendar (npm)

Malicious code in @vietmoney/react-native-action-button (npm)

Malicious code in telia-front-react (npm)

Malicious code in atpw-reactive-form (npm)

Malicious code in cm-react-components (npm)

Malicious code in community-pass-react-native-wrapper (npm)

Malicious code in tslib-react (npm)

Malicious code in plaidreactnativedemo (npm)

Malicious code in @vietmoney/react-native-htmlview (npm)

Malicious code in yahoo-react-formsy-input (npm)

Malicious code in yahoo-react-multi-select-box (npm)

Malicious code in reactnativecreativekitdemoo (npm)

Malicious code in react-native-simpl (npm)

Malicious code in datahub-react-web (npm)

Malicious code in yahoo-react-input (npm)

Malicious code in yahoo-react-message-bar (npm)

Next.js is vulnerable to RCE in React flight protocol

Malicious code in yamoney-react-components (npm)

Malicious code in yarn-design-system-react-select (npm)

Malicious code in yelp-react-component-photo-box (npm)

Malicious code in yelp-react-component-ynra (npm)

Malicious code in @oec-settlement/react-router (npm)

Malicious code in @emerald-react/banner (npm)

Malicious code in eslint-plugin-fuel-react (npm)

next-mdx-remote affected by arbitrary code execution in React server-side rendering of untrusted MDX content

Malicious code in @emerald-react/input (npm)

Next.js HTTP request deserialization can lead to DoS when using insecure React Server Components

Malicious code in react-dropzone-truffle (npm)

Malicious code in babelplugintransfomreactremoveproptypes (npm)

OpenClaw: Feishu reaction events could bypass group authorization and mention gating

Malicious code in @evoja-web/react-login (npm)

Malicious code in snap-kit-react-native (npm)

Malicious code in cstar-react-primitives (npm)

Malicious code in trigo-react-app (npm)

Malicious code in @actbase/react-daum-postcode (npm)

Malicious code in @actbase/react-native-fast-image (npm)

Malicious code in gopro-web-react-components (npm)

Malicious code in @strapbuild/react-native-date-time-picker (npm)

Malicious code in react-native-email (npm)

Malicious code in accenture-react-scripts (npm)

Malicious code in @bingads-webui-react/primitive-utilities (npm)

Malicious code in activecore-react-ui-kit (npm)

Malicious code in react-native-expofp (npm)

Malicious code in react-native-fido-login-api (npm)

Malicious code in reactdncdhtml5backend (npm)

Malicious code in @qualys/react-web (npm)

Malicious code in @wf-ceo/react-test-helpers (npm)

Malicious code in poper-react-sdk (npm)

Malicious code in @tinkoff-react-bui/utils (npm)

Malicious code in react-navigation-core (npm)

Malicious code in niji-react-collapsible (npm)

Malicious code in talsec-react-native-security-plugin (npm)

Malicious code in @actbase/react-native-actionsheet (npm)

Malicious code in plugin-transform-react-jsx (npm)

Malicious code in @everreal/react-charts (npm)

Malicious code in @strapbuild/react-native-perspective-image-cropper-poojan31 (npm)

Malicious code in react-content-loader-fork (npm)

Malicious code in react-native-view-finder (npm)

Malicious code in @lessondesk/react-table-context (npm)

Malicious code in vite-react-chunker (npm)

Malicious code in plugin-react (npm)

Malicious code in react-alerts-template-basic (npm)

Malicious code in react-forget-runtime (npm)

Malicious code in @snapon/design-system-react (npm)

Malicious code in @amber-team/react-email (npm)

Malicious code in @amber-team/react-event-tracking (npm)

Malicious code in @amber-team/react-mobx-utils (npm)

Malicious code in @amber-team/react-utils (npm)

Malicious code in marionette-react-view (npm)

Malicious code in react-svg-bundler (npm)

Malicious code in react-svg-fill (npm)

Malicious code in @billing-info/react (npm)

Malicious code in apex-chart-react (npm)

Malicious code in @vietmoney/react-native-tags-input (npm)

Malicious code in @vietmoney/react-native-vnpay-merchant (npm)

Malicious code in @actbase/react-native-kakao-navi (npm)

Malicious code in stripe-terminal-react-native (npm)

Malicious code in react-autolink-text (npm)

Malicious code in react-keycloak-context (npm)

Malicious code in react-linear-loader (npm)

Malicious code in react-micromodal.js (npm)

Malicious code in zz-react-custom-widget (npm)

Malicious code in hardhat-ethers-react-ts-starter (npm)

Malicious code in @sempay/react (npm)

Malicious code in react-dropzone-legacy (npm)

Malicious code in react-dom-19 (npm)

Malicious code in intercom-react-native-example (npm)

Malicious code in intercom-react-native.podspec (npm)

Malicious code in lego-on-react (npm)

Malicious code in react-pro-components (npm)

Malicious code in ccs-react-lib (npm)

Malicious code in react-native-performance-monorepo (npm)

Malicious code in realtime-react (npm)

Malicious code in prism-reactjs (npm)

Malicious code in react-dnd-14 (npm)

Malicious code in react-video-canvas (npm)

Malicious code in wallet-adapter-react (npm)

Malicious code in @react-native-tscodegen/tslint-shared (npm)

Malicious code in react-addons-csgtransition-group (npm)

Malicious code in react-native-scrollpageviewtest (npm)

Malicious code in react-dts-codegen (npm)

Malicious code in react-nati0e-vecor-icons (npm)

Malicious code in react-erro-roevrlay (npm)

Malicious code in react-fe-bootstrap (npm)

Malicious code in react-nesting-example-modern (npm)

Malicious code in @lxo-blocks/react (npm)

Malicious code in react-pay-with-diem (npm)

Malicious code in wix-react-dealer-viewer (npm)

Malicious code in react-redux-4 (npm)

Malicious code in reactmbrkdown (npm)

Malicious code in reactrdeux (npm)

Malicious code in reacttapefentplugin (npm)

Malicious code in reacttrans8tiongroup (npm)

Malicious code in yahoo-react-pillbox (npm)

Malicious code in yahoo-react-select-box (npm)

Malicious code in @bingads-webui-campaign-react/labels-page (npm)

Malicious code in react-enhanced-glow (npm)

Malicious code in @calizahq/react-components (npm)

Malicious code in hyperion-react-native (npm)

Malicious code in react-query-persist (npm)

Malicious code in experience-template-renderer-react (npm)

Malicious code in mailjet-old-react-components (npm)

Malicious code in react-card-security-code (npm)

Malicious code in react-expiry-date (npm)

Malicious code in fronton-react (npm)

Malicious code in react-confetti-enhanced (npm)

Malicious code in react-flex-tools (npm)

Malicious code in react-resizable-text (npm)

Malicious code in stripe-identity-react-native (npm)

Malicious code in tdm-react (npm)

Malicious code in @verge-vcl-react/empty-state (npm)

Malicious code in @playgami/eslint-config-portal-react (npm)

Malicious code in @vietmoney/react-native-image-transformer (npm)

Malicious code in @vietmoney/react-native-smart-gallery (npm)

Malicious code in react-server-dom-turbopack-experimental (npm)

Malicious code in examplereactnative76 (npm)

Malicious code in meetingsdk-sample-react (npm)

Malicious code in tdd-react-store-locator (npm)

Malicious code in nlp-react-native (npm)

Malicious code in mt-react-theme-manager (npm)

Malicious code in nab-packages-react-utils-nab (npm)

Malicious code in sendbird-chat-sample-react (npm)

Malicious code in toolbox-react-components (npm)

Malicious code in react-native-use-modal (npm)

Malicious code in @emerald-react/app-header (npm)

Malicious code in @emerald-react/datepicker (npm)

Malicious code in @emerald-react/menu (npm)

Malicious code in @kui-react/table (npm)

Malicious code in ubank-react-components (npm)

Malicious code in react-advanced-breadcrumbs (npm)

Malicious code in react-native-jam-icons (npm)

Malicious code in react-sports (npm)

Malicious code in react-sports-utils (npm)

Malicious code in react-vuejs (npm)

Malicious code in secguest-react-lib (npm)

Malicious code in @vietmoney/react-native-smart-page (npm)

Malicious code in hoist-non-react (npm)

Malicious code in react-router-on-navigation (npm)

Malicious code in react-state-optimizer-core (npm)

Malicious code in wac-react-dom (npm)

Malicious code in babel-plugin-react-pure-component (npm)

Malicious code in react-leaflet-marker-layer (npm)

Malicious code in react-rekilog (npm)

Malicious code in react-fiber-debugger (npm)

Malicious code in oenzymeadapterreact16 (npm)

Malicious code in niji-react-icon (npm)

Malicious code in niji-react-prettybytes (npm)

Malicious code in @verge-vcl-react/data-grid (npm)

Malicious code in fantasy-android-react-native (npm)

Malicious code in fantasy-react-native (npm)

Malicious code in @evoja-web/create-react-project (npm)

Malicious code in react-morning (npm)

Malicious code in react-x-twitter (npm)

Malicious code in cache-react (npm)

Malicious code in transform-react-jsx (npm)

Malicious code in @igain/react-app (npm)

Malicious code in @emerald-react/data-table (npm)

Malicious code in @tsers/react (npm)

react-dev-utils on Windows vulnerable to Remote Code Execution

Malicious code in @porting-assistant/react (npm)

Malicious code in react-loggers (npm)

Malicious code in react-stitches (npm)

Malicious code in @qw-app/react (npm)

Malicious code in react-fixtures (npm)

Malicious code in shopee-ui-react (npm)

Malicious code in fe-fabric-react (npm)

Malicious code in vendor-react-dom (npm)

Malicious code in ot-react-jed (npm)

Malicious code in wmreact-spinner (npm)

Malicious code in frontend-components-react-transpiled (npm)

Malicious code in metamask-sdk-create-react-app (npm)

Malicious code in @tinkoff-react-bui/input-description (npm)

Malicious code in react-intlist (npm)

Malicious code in react-dom-16 (npm)

Malicious code in react-sdk-module-api (npm)

Malicious code in pp-react-content-loader (npm)

Malicious code in react-toolbox-docs (npm)

Malicious code in chakra-ui-2--react-utils (npm)

Malicious code in @bcs-bank-react-ui/swiper-slider (npm)

Malicious code in @bcs-react-ui/context-menu (npm)

Malicious code in @bcs-react-ui/select (npm)

Malicious code in create-react-app-lambda (npm)

Malicious code in @calizahq/react-hooks (npm)

Malicious code in @gs-ux-uitoolkit-react/core (npm)

Malicious code in pidl-react (npm)

Malicious code in react-native-blue-crypto (npm)

Malicious code in @seung-ju/react-native-action-sheet (npm)

Malicious code in @zapier/ai-actions-react (npm)

Malicious code in @gs-ux-uitoolkit-react/select (npm)

Malicious code in react-hook-form-persist (npm)

Malicious code in react-jam-icons (npm)

Malicious code in react-native-fetch (npm)

Malicious code in react-native-modest-storage (npm)

Malicious code in polaris-example-create-react-app (npm)

Malicious code in react-native-phone-call (npm)

Malicious code in yelp-react-component-badge (npm)

Malicious code in @gs-ux-uitoolkit-react/shared (npm)

Malicious code in ps-react-bootstrap (npm)

Malicious code in react-orange-ui (npm)

Malicious code in react-pop-tooltip (npm)

Malicious code in react-router-packages (npm)

Malicious code in react-address-entry-field (npm)

Malicious code in camera-kit-react-native-example (npm)

Malicious code in react-bank-api (npm)

Malicious code in react-cionx (npm)

Malicious code in isomsorphic-react-dom (npm)

Malicious code in react-devtools-release-script (npm)

Malicious code in ssc-ui-react (npm)

Malicious code in ssc-ui-react-next (npm)

Malicious code in ssc-upload-react (npm)

Malicious code in react-dnd-examples-hooks (npm)

Malicious code in react-dom-is (npm)

Malicious code in react-dom-router-compatibility (npm)

Malicious code in react-full-stack-starter-client (npm)

Malicious code in react-hackernews-bootcamp-one-v2 (npm)

Malicious code in react-instantsearch-hooks-dom (npm)

Malicious code in react-intl-next (npm)

Malicious code in react-jesting-library (npm)

Malicious code in react-js-buy (npm)

Malicious code in react-optimization (npm)

Malicious code in react-overlays-wrapper (npm)

Malicious code in react-paypal-js (npm)

Malicious code in react-pixi-racing-game (npm)

Malicious code in react-popper-latest (npm)

Malicious code in react-redux-7 (npm)

Malicious code in react-redux-next (npm)

Malicious code in react-select-v1-deprecated (npm)

Malicious code in react-server-dom-vite (npm)

Malicious code in react-solid (npm)

Malicious code in stripe-terminal-react-native-dev-app (npm)

Malicious code in react-swipeable-wrapper-example (npm)

Malicious code in react-transition-group-legacy (npm)

Malicious code in react-table-7 (npm)

Malicious code in react-table-next (npm)

Malicious code in icf-react-components (npm)

Malicious code in react-transition-group-community-version (npm)

Malicious code in react-trfq (npm)

Malicious code in react-dnd-legacy-html5-backend (npm)

Malicious code in react-video-live-demo (npm)

Malicious code in wfui-dsm-react-ui (npm)

Malicious code in react-yandex-favicon (npm)

Malicious code in react-responsive-carousel-v4 (npm)

Malicious code in react18 (npm)

Malicious code in reactnativecreativekitdemo (npm)

Malicious code in reactaddonscsstransitiong5rop (npm)

Malicious code in reactaddonsshllowcomarfe (npm)

Malicious code in reactidd (npm)

Malicious code in shopee-ui-react4 (npm)

Malicious code in journey-client-reactor (npm)

Malicious code in react-hook-form-latest (npm)

Malicious code in react-big-calendar2 (npm)

Malicious code in react-common-lib (npm)

Malicious code in react-dnd11-html5-backend (npm)

Malicious code in react-domain-components (npm)

Malicious code in react-is-17 (npm)

Malicious code in @bijie/react-bnb-biz (npm)

Malicious code in tinyquickstartreactnative (npm)

Malicious code in remote-pay-cloud-pos-react (npm)

Malicious code in react-scripts-win (npm)

Malicious code in eng-intern-assessment-react-native (npm)

Malicious code in react-native-wallet-sdk-demo-app (npm)

Malicious code in react-native-windows-repo (npm)

Malicious code in react-pro-components-next (npm)

Malicious code in gd-react-toolbox (npm)

Malicious code in mon-package-react-typescript (npm)

Malicious code in react-native-get-pixel-dimensions (npm)

Malicious code in react-native-google-maps-directions (npm)

Malicious code in react-native-log-level (npm)

Malicious code in react-native-modest-checkbox (npm)

Malicious code in react-native-websocket (npm)

Malicious code in okta-react-router-6 (npm)

Malicious code in @faq-component/react (npm)

Malicious code in @fishingbooker/react-loader (npm)

Malicious code in csp-react (npm)

Malicious code in hyperion-react-testapp (npm)

Malicious code in react-spring-latest (npm)

Malicious code in aem-react-spa (npm)

Malicious code in react-icon-updater (npm)

Malicious code in react-dom-bindings (npm)

Malicious code in shopify-app-react-router (npm)

Malicious code in uitk-react-date-selector (npm)

Malicious code in uitk-react-experimental-button-tabs (npm)

Malicious code in uitk-react-scrollable (npm)

Malicious code in @od-react/od-react-test (npm)

Malicious code in arno-react (npm)

Malicious code in shopify-demo-app-node-react (npm)

Malicious code in old-react-chat (npm)

Malicious code in react-navigation-area-view (npm)

Malicious code in @takamol/ets-react-components (npm)

Malicious code in replit-extensions-react (npm)

Malicious code in @trackstar/react-trackstar-link (npm)

Malicious code in @trackstar/react-trackstar-link-upgrade (npm)

Malicious code in @voiceflow/react-chat (npm)

react-native-reanimated vulnerable to ReDoS

Malicious code in toptal-react-bikes (npm)

Malicious code in paytm-blink-checkout-react-example (npm)

Malicious code in react-native-survicate (npm)

Malicious code in @actbase/react-native-naver-login (npm)

Malicious code in react-native-wix-engine-main (npm)

Malicious code in reacthotloaer (npm)

Malicious code in reactive-cashflow (npm)

Malicious code in reactjs-slick (npm)

Malicious code in @strapbuild/react-native-perspective-image-cropper-2 (npm)

Malicious code in react-mandes (npm)

Malicious code in ecko-wallet-react (npm)

Malicious code in reactbootstraps (npm)

Malicious code in penzpyme-adapter-2react-16 (npm)

React Server Components have a Denial of Service Vulnerability

Malicious code in mm-react-gpt (npm)

Malicious code in niji-react-utils (npm)

Malicious code in meraki-react-router (npm)

Malicious code in @tinkoff-react-bui/modal (npm)

Malicious code in react-modal-select (npm)

Malicious code in @uc-maps/api.react (npm)

Malicious code in react-international-phone-js (npm)

Malicious code in paypal-standard-integration-react-ib (npm)

Malicious code in stlintreact (npm)

Malicious code in typescript-react-query (npm)

Malicious code in add-react-displayname (npm)

Malicious code in @tinkoff-react-bui/svg-icon (npm)

Malicious code in @uc-maps/boundaries-core.react (npm)

Malicious code in @ensdomains/react-ens-address (npm)

Malicious code in @relxui/react (npm)

Malicious code in ccn-common-react-library (npm)

Malicious code in react-native-plugin-ms-adal (npm)

Improper file handling in matrix-react-sdk

Malicious code in safe-apps-react-sdk (npm)

Malicious code in ecpfs-react-build-scripts (npm)

Malicious code in ecpfs-react-data-driven-components (npm)

Malicious code in react-mount-point-unstable (npm)

Malicious code in react-hook-form-5 (npm)

Malicious code in oasis-os-react (npm)

Malicious code in react-youtube-dom (npm)

Malicious code in frontegg-react-sanity-check (npm)

Malicious code in react-devtools-shell (npm)

Malicious code in iva-react-web-ui (npm)

Malicious code in semanitco-i-react (npm)

Malicious code in ontology-starter-react-app (npm)

Malicious code in react-native-httpapi (npm)

Malicious code in @mse-entitlement-sdk/react (npm)

Malicious code in primereact-sass-theme (npm)

Malicious code in react-native-xaml-repo (npm)

Malicious code in react-scrambled-text (npm)

Malicious code in react-native-wm-barcode (npm)

Malicious code in react-native-wm-utils (npm)

Malicious code in build-react-wrapper (npm)

Malicious code in wac-react-relay (npm)

Malicious code in react-refresh-update (npm)

Malicious code in react-native-atob (npm)

Malicious code in react-native-android-library-simpl-sdk (npm)

Malicious code in tcm-app-migration-miles-react (npm)

Malicious code in @emerald-react/autocomplete (npm)

Malicious code in @emerald-react/avatar (npm)

Malicious code in @emerald-react/badge (npm)

Malicious code in @bingads-webui-react/with-site-map (npm)

Malicious code in vite-react-setting (npm)

Malicious code in ember-reactive-decorators (npm)

Malicious code in @riag-libs/pattern-library-react-hooks (npm)

Malicious code in @spx-delivery/react (npm)

Malicious code in react-ui-toast (npm)

Malicious code in @jes4l/react-pkg (npm)

Malicious code in andes-react-floater (npm)

Malicious code in microviewreact (npm)

Malicious code in react-server-dom-webpack-experimental (npm)

Malicious code in @actbase/css-to-react-native-transform (npm)

Malicious code in react-devtools-raycast (npm)

Malicious code in react-native-worklet-functions (npm)

Malicious code in @schedaero/react-core (npm)

Malicious code in tourney-sdk-react (npm)

Malicious code in @emerald-react/divider (npm)

Malicious code in @emerald-react/icon-button (npm)

Malicious code in safe-react-components (npm)

Malicious code in @actbase/react-absolute (npm)

Malicious code in @actbase/react-kakaosdk (npm)

Malicious code in @actbase/react-native-devtools (npm)

Malicious code in yelp-react-component-rating (npm)

Malicious code in posthog-react-native (npm)

Malicious code in react-blockchain-checker (npm)

Malicious code in react_code_format (npm)

Malicious code in react-svg-supporter (npm)

Malicious code in react-native-wm-weighingscale (npm)

Malicious code in reacts-gh (npm)

Malicious code in react-device-mockup-js (npm)

Malicious code in typescript-react-apollo (npm)

Malicious code in @sev-ui-verse/react-query-client (npm)

Malicious code in react-sitecore-library (npm)

Malicious code in reactotron-mobx (npm)

Malicious code in pear-apps-lib-ui-react-hooks (npm)

Malicious code in @emerald-react/dropdown (npm)

Malicious code in @emerald-react/ellis-ai-icon (npm)

Malicious code in @emerald-react/icon (npm)

Malicious code in @emerald-react/label (npm)

Malicious code in @emerald-react/list (npm)

Malicious code in niji-react-switch (npm)

Malicious code in niji-react-textarea (npm)

Malicious code in react-native-country-select (npm)

Malicious code in react-native-international-phone-number (npm)

Malicious code in react-leaflet-cluster-layer (npm)

Malicious code in react-leaflet-heatmap-layer (npm)

Malicious code in @eric-orderbuddyinfo/react-noval (npm)

Malicious code in mfe-react-bridge (npm)

Malicious code in react-native-kyc (npm)

Malicious code in react-server-dom-fb (npm)

Malicious code in tcp-app-activation-react (npm)

Malicious code in elabasia-mobileapp-react-native-ui (npm)

Malicious code in react-logs (npm)

Malicious code in react-performance-suite (npm)

Malicious code in react-query-core-utils (npm)

Malicious code in bve-react-ui-kit (npm)

Malicious code in transform-react-display-name (npm)

Malicious code in plugin-react-swc (npm)