Lucene search
K

705 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/23 12:12 a.m.10 views

Malicious code in loading-session (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 640bfe1e0b6627e78ec34ef2d97df0d5d29d912446883f284c15935cc8f6f996 Package advertises itself via a verbatim copy of pino's README, docs/, and index.d.ts TypeScript types and documentation are pino's, but index.js doe...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/05/23 12:12 a.m.7 views

MAL-2026-4600 Malicious code in loading-session (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 640bfe1e0b6627e78ec34ef2d97df0d5d29d912446883f284c15935cc8f6f996 Package advertises itself via a verbatim copy of pino's README, docs/, and index.d.ts TypeScript types and documentation are pino's, but index.js doe...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 1:21 p.m.12 views

Malicious code in share-anything-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 290f9dadaf589349dd8a7c641450aca713a6ead63b2ba685c15e4e6a37ab3b07 The package's package.json declares a postinstall lifecycle hook "postinstall": "node install.js" that runs install.js automatically on npm install...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/22 1:21 p.m.10 views

MAL-2026-4668 Malicious code in share-anything-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 290f9dadaf589349dd8a7c641450aca713a6ead63b2ba685c15e4e6a37ab3b07 The package's package.json declares a postinstall lifecycle hook "postinstall": "node install.js" that runs install.js automatically on npm install...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/21 12:36 p.m.9 views

MAL-2026-4515 Malicious code in chai-val (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 515e313c5420dfe9edcb88d61079fa80dbf3539da465572fde5ece42ba6ed748 The package masquerades as a pino-logger helper file structure, exports, and keywords are copied from pino but its main entry exports a middleware th...

6.5AI score
Exploits0References1
OSV
OSV
added 2026/05/21 4:36 a.m.8 views

MAL-2026-4573 Malicious code in git-userhub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 859f77ac10aa89722823e0477f8f6986db2b54dd25b1b2aedb05ee31d5891071 Package name 'git-userhub' is a lookalike of a GitHub-related identity, with no legitimate publisher backing. The package.json declares a postinstall...

6.4AI score
Exploits0References2
OSV
OSV
added 2026/05/20 8:46 p.m.8 views

MAL-2026-4516 Malicious code in chain-async-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37ce7d13d84d6293da0026d252448caac350f46ecf2206ee1eaeeff8b47d48c6 chain-async-test impersonates the legitimate chain-async library copies its README, license, author 'Eugene Lazutkin / uhop', and full API surface; t...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/05/20 6:38 p.m.11 views

MAL-2026-4360 Malicious code in @aledan007/tester (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab03e3eef2f59f358cdaacedf2d9facb12077110c5402ad36aad6e3581e66439 The bundled server file dist/server/index.js contains a hardcoded reference to the attacker-controlled domain https://evil.attacker-example.com...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 12:58 p.m.11 views

Malicious code in @scp3500/openvl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee1ab6796d8af462e9f00e82a28545b72eae4d9d9f0ab0f36ca4b09cd29487c scripts/mcpserver.js loads childprocess, fs, and http, reads from process.env, and issues HTTP POST requests to a hardcoded external destination at...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/20 8:14 a.m.8 views

MAL-2026-4601 Malicious code in local-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4649a6cac828460ea4a3e6d867038eaa507f109eb6a46de9eef1fc340d867608 The package executes lifecycle and import-time code that fetches executables and posts host data to off-publisher infrastructure. download.js line 92...

5.9AI score
Exploits0References21
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Thunderbird

The parent process does not properly check whether the Speech Synthesis feature is enabled when receiving instructions from a child process. This vulnerability affects Thunderbird 91.9...

6.5CVSS6.8AI score0.00428EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 6:48 p.m.10 views

Malicious code in xorma-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1e155ef0f73465f5fe6f401a4f90c521d5268eb65bb9bc594caa4a69732260 On require'xorma-js', a top-level IIFE in dist/index.js synchronously executes npm uninstall clsx-js && npm install clsx-js via childprocess.execSync...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/19 6:48 p.m.13 views

MAL-2026-4734 Malicious code in xorma-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd1e155ef0f73465f5fe6f401a4f90c521d5268eb65bb9bc594caa4a69732260 On require'xorma-js', a top-level IIFE in dist/index.js synchronously executes npm uninstall clsx-js && npm install clsx-js via childprocess.execSync...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/19 4:57 p.m.8 views

MAL-2026-4503 Malicious code in bytecore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c1ddd2dea35052822d2dc89f0f46ceae20c772c257e0c97f0024483e9ff31c0 The package masquerades as a pino-like logging middleware README is copied from pino, exports a pino property, mimics pino's option shape but the...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 3:8 a.m.13 views

Malicious code in cdp-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbf55b093e3a93e8d3f536101e62e09cf7e86636cd42813d02f518138cbcb8ed The package ships cdpinject.js, which combines childprocess, fs, http/https, and base64 encoding to gather system information and exfiltrate it over...

5.8AI score
Exploits0References2
NVD
NVD
added 2026/05/12 10:16 a.m.16 views

CVE-2026-5029

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS0.00291EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/09 2:43 a.m.9 views

SUSE CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

7.8CVSS6.5AI score0.00191EPSS
Exploits0References3
OSV
OSV
added 2026/05/08 3:16 p.m.5 views

DEBIAN-CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

7.8CVSS6.6AI score0.00191EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/05/08 3:16 p.m.10 views

CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

7.8CVSS5.8AI score0.00191EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/07 4:8 a.m.15 views

Arbitrary Code Injection

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Arbitrary Code Injection through lib/builtin.js. An attacker can execute host code when the allowlist includes -X or uses and then calls...

9.9CVSS6.2AI score0.00974EPSS
Exploits1References2
Rows per page
Query Builder