CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 1 hour ago•7 views

CVE-2026-8078

4.8CVSS

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

Fedora 42 : haproxy (2026-d790d66a08)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d790d66a08 advisory. Upgrade to 3.0.23 see https://www.haproxy.org/download/3.0/src/CHANGELOG for full upstream changelog Tenable has extracted the preceding description...

7.5CVSS5.9AI score0.00468EPSS

Exploits0References3

GithubExploit•added 2026/04/30 10:0 a.m.•68 views

Exploit for CVE-2026-31431

CVE Checker for Copy Fail CVE-2026-31431 Authors: Chris Fol...

7.8CVSS5.9AI score0.02194EPSS

Exploits226

OSV•added 2026/04/23 4:24 a.m.•2 views

MAL-2026-3005 Malicious code in changelog-cli-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98a1e229322241da9d146f6aad5c96de566b2707088406fd7de40cbb69445023 The package changelog-cli-logger was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/04/23 4:24 a.m.•3 views

Malicious code in changelog-cli-logger (npm)

OSV•added 2026/04/23 4:24 a.m.•0 views

MAL-2026-3006 Malicious code in changelog-utils-structured-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59b5bb27f7c03b12e70af2a6d86b388cad7c4fdd02e8ee381f947d291ce9acd The package changelog-utils-structured-logger was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/04/16 12:15 p.m.•1 views

MAL-2026-2700 Malicious code in conventional-changelog-dash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 881ccc3d6c947645ee3866499931db298b0f2f7ac4a3d41dd9acf806d4e6d702 The package conventional-changelog-dash was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/04/16 12:15 p.m.•3 views

Exploits0

Malicious code in conventional-changelog-dash (npm)

OSV•added 2026/04/15 1:43 p.m.•2 views

Exploits0

SUSE-SU-2026:1356-1 Security update for nfs-utils

This update for nfs-utils fixes the following issue: Security fixes: - CVE-2025-12801: rpc.mountd allows a NFSv3 client to escalate their privileges and access subdirectories and subtrees of an exported directory bsc1259204. Other fixes: - Split from nfs-utils into its own spec and changelog file...

6.5CVSS5.8AI score0.00019EPSS

Exploits0References4

OSV•added 2026/04/13 12:0 p.m.•1 views

RUSTSEC-2026-0100 `pretty-changelog-logger` was removed from crates.io for malicious code

pretty-changelog-logger contains a build script build.rs that acts as a loader/dropper for malicious payloads. The malicious crate had 3 versions published on 2026-04-08 that had a total of 2239 downloads. There were no crates depending on this crate on crates.io. Thanks to Socket.dev for detecti...

vulnersOsv•added 2026/03/27 6:20 p.m.•5 views

Exploits0References2

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +8 more potentially affected by CVE-2026-33938 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =1.31.0, =1.37.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33938 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803083...

8.1CVSS6.3AI score0.00048EPSS

Exploits1

SUSE Linux•added 2026/03/27 9:4 a.m.•1 views

Security update for python312

This update for python312 fixes the following issues: Update to Python 3.12.13: CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. CVE-2025-12084: quadratic complexity in xml.minidom node ID cache cleari...

8.7CVSS7AI score0.00215EPSS

Exploits0References40

Snyk•added 2026/03/25 12:42 p.m.•3 views

Malicious Package

Overview changelog-utils-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS5.9AI score

Exploits0References2

OSV•added 2026/03/25 12:42 p.m.•2 views

MAL-2026-2191 Malicious code in changelog-utils-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 766b0a70c145b6eea78f6d7852be0ff75da958b1c0f465aa5108a1acabb5e9b2 The package changelog-utils-logger was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/03/25 12:42 p.m.•6 views

Malicious code in changelog-utils-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bec9a644e6b7c6be0e1e95ad8690cf8c19568061865f8e185552431e09fbb38c The package changelog-utils-wrapper was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/03/25 12:42 p.m.•4 views

Malicious code in changelog-utils-logger (npm)

OSV•added 2026/03/25 12:42 p.m.•0 views

MAL-2026-2192 Malicious code in changelog-utils-wrapper (npm)

OSSF Malicious Packages•added 2026/03/22 6:22 p.m.•3 views

Malicious code in @emilgroup/changelog-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeeaacce965f54999e4e8fc1a9db77251e1c3956c24672ffe63e1285c46e737d The package @emilgroup/changelog-sdk-node was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/03/22 6:22 p.m.•1 views

Exploits0References4

MAL-2026-2040 Malicious code in @emilgroup/changelog-sdk-node (npm)