VYPR

npm package

prebid.js

pkg:npm/prebid.js

Malware

3 malicious versions on record

One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.

Vulnerabilities (1)

  • CVE-2025-59038HigSep 9, 2025
    affected >= 10.9.2, < 10.10.0fixed 10.10.0

    Prebid.js is a free and open source library for publishers to quickly implement header bidding. NPM users of prebid 10.9.2 may have been briefly compromised by a malware campaign. The malicious code attempts to redirect crypto transactions on the site to the attackers' wallet. Ve