VYPR

Beproduct Org Nestjs Auth

by Beproduct

Source repositories

CVEs (1)

  • CVE-2026-46412criMay 19, 2026
    risk 0.59cvss epss 0.00

    ## Summary Between 2026-05-11 20:19 UTC and 22:56 UTC, an attacker used a compromised npm publish token to publish 18 malicious versions of `@beproduct/nestjs-auth` (0.1.2 through 0.1.19). The packages contained payloads from the **Mini Shai-Hulud** npm supply-chain worm…