CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2 days ago•5 views

Malicious code in mcp-server-github (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 747734631bd95c9a23ba57ea3610af951c612b8841e9c2e2ab99c3c70f244886 Unscoped package mcp-server-github impersonates the official @modelcontextprotocol/server-github MCP server. package.json declares a postinstall hook...

5.5AI score

OSV•added 2 days ago•4 views

MAL-2026-5479 Malicious code in mcp-server-github (npm)

5.5AI score

OSV•added 2026/05/26 2:6 p.m.•3 views

MAL-2026-4816 Malicious code in amaco-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a6204f29c39ab7a22921331bf33f2501b27fba9aac6a8b87b833caef9c5f506 dist/index.js contains a hardcoded Telegram Bot API endpoint https://api.telegram.org referenced from a fetch/POST call alongside process.env access...

OSV•added 2026/05/26 10:17 a.m.•7 views

MAL-2026-4804 Malicious code in @leviyuan/lodestar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c295b3a16fad72f7b165d049e75feb88883dcc1b5b8d9d72b52ac7b40aa09ba The package ships a lifecycle-invoked script dist/lodestar-setup.js that performs an HTTP POST to a hardcoded https://open.feishu.cn endpoint, with...

OSSF Malicious Packages•added 2026/05/26 7:17 a.m.•14 views

Malicious code in @iola_adm/iola-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e28a7ca88c4000d6efee1c0e324c8f28bebf03ef988e2ac3aa437857f34ee08 src/cli.js contains a hardcoded endpoint https://apiiola.yasg.ru referenced multiple times lines 1, 2, 198 and invoked via fetch at line 256, in code...

OSV•added 2026/05/26 7:17 a.m.•6 views

MAL-2026-4783 Malicious code in @iola_adm/iola-cli (npm)

OSV•added 2026/05/26 7:1 a.m.•7 views

MAL-2026-4786 Malicious code in ranno (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1366783d9cb87471f1b5cfeb806508ee83b2a58ded724f8ea45d8391f4f68bc The package's advertised API ex calls gn in ranno/gn.py, which POSTs the caller's prompt — and, when a data= argument is supplied, the absolute file...

6.5AI score

OSSF Malicious Packages•added 2026/05/26 7:1 a.m.•11 views

Malicious code in ranno (PyPI)

6.5AI score

OSV•added 2026/05/26 12:35 a.m.•3 views

MAL-2026-4454 Malicious code in @taskd/maritime-email-processor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a5aef29b4050fca18dd803428274de6072ff7412ecd134bd68dcc1f5e8fa150 The package's sole exported function emailProcessor in dist/index.mjs POSTs to a hardcoded endpoint https://job-api.alex-c92.workers.dev, sending the...

OSSF Malicious Packages•added 2026/05/26 12:35 a.m.•9 views

Malicious code in @taskd/maritime-email-processor (npm)

OSSF Malicious Packages•added 2026/05/24 7:26 a.m.•7 views

Malicious code in wallet-agent-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bb49d047eeab68307095cf3a30ff0d42d745855890f181e4cb53dc2f6903e91 dist/agent.js contains a hardcoded Telegram Bot API endpoint https://api.telegram.org used in a fetch/POST call near references to process.env. The...

OSV•added 2026/05/23 3:32 p.m.•4 views

MAL-2026-4537 Malicious code in cosmosdb-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925077d4c86616920b1ad20f2342df7473d9504764582235049e78eed9189a76 Package squats the unscoped name cosmosdb-server, targeting users who mistype npx cosmosdb-server instead of the scoped @vercel/cosmosdb-server. The...

OSV•added 2026/05/22 7:48 a.m.•6 views

MAL-2026-4387 Malicious code in @euqns/nudge-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9b1e494fee8148b95f98e5de04cc4ecd78ed793ff2d019ae672e2b22d2debc3b The package ships dist/setup.js which performs HTTP POST requests at install time to a hardcoded external endpoint at...

OSSF Malicious Packages•added 2026/05/22 7:48 a.m.•8 views

Exploits0References4

Malicious code in @euqns/nudge-mcp (npm)

OSV•added 2026/05/22 5:16 a.m.•8 views

Exploits0References4

MAL-2026-4733 Malicious code in wrld-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58965a325ad88c872b7c01668e4c08ca337b5fa022c15e626e23697d23fb594c The package exposes a public authentication API auth.user.login, auth.user.register, auth.user.get, auth.user.delete, plus an auth.system RPC surface...

OSSF Malicious Packages•added 2026/05/22 3:5 a.m.•8 views

Malicious code in @shwfed/nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87ac343d6f89a601749bb115fa6902e7d39c71a0a6469690ecef56e9ea8a135e @shwfed/nuxt is published as a Nuxt UI module but contains undocumented build-hook code that, when a consumer integrates the module and runs a build...

OSV•added 2026/05/21 1:22 p.m.•6 views

MAL-2026-4584 Malicious code in ihubinternal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d05496a74a52542f8bf237430ae41377eb71e3710b41abfcc1f7b5cf3642885 The package exports a VelocityAuth function that, when called by integrating applications, sends end-user Solana wallet public keys, signed...