VYPR

npm package

@ensdomains/ens-contracts

pkg:npm/%40ensdomains/ens-contracts

Malware

2 malicious versions on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (2)

  • CVE-2026-22866Feb 25, 2026
    affected <= 1.6.2

    Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. In versions 1.6.2 and prior, the `RSASHA256Algorithm` and `RSASHA1Algorithm` contracts fail to validate PKCS#1 v1.5 padding structure when verifying RSA signatures.

  • CVE-2023-38698Aug 4, 2023
    affected < 0.0.22fixed 0.0.22

    Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or re