CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/21 9:49 p.m.•4 views

Malicious code in claude-content-writer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b38e69b148dc7998c9ab02fb5b6c2a90413a88129cf7db96b1c900e9c830f719 On npm install, the package's postinstall hook runs scripts/install-dependencies.sh, which performs git clone --depth 1...

6AI score

OSSF Malicious Packages•added 2026/05/20 9:43 a.m.•6 views

Malicious code in gm-kilo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4a35ea8669a2b02f60117ecc483176741399084b0fbebf11900d0a89505d9fb package.json declares an install lifecycle script that runs bin/gm-kilo.js install. At install time, the script executes bun x gm-plugkit@latest spoo...

6.2AI score

OSV•added 2026/05/20 9:43 a.m.•3 views

MAL-2026-4574 Malicious code in gm-kilo (npm)

6.2AI score

OSV•added 2026/05/20 7:37 a.m.•2 views

MAL-2026-4684 Malicious code in tdpilot (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92ebe5ca10c51471256249507d8c7b142996cc72d7472a7a55c08fe6351876f9 run.js invokes execSync"curl -LsSf https://astral.sh/uv/install.sh | sh", fetching and executing a remote shell script from astral.sh without integri...

6.4AI score

OSSF Malicious Packages•added 2026/05/20 2:32 a.m.•7 views

Malicious code in vestibulect (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82da0f0bb40f42e69defbea694db093f2ad880c8c094508f61e2d7fe58550e2e package.json declares a postinstall hook "postinstall": "node install.js" which executes install.js automatically on npm install. install.js imports ...

5.8AI score

RedhatCVE•added 2026/05/15 1:57 a.m.•2 views

CVE-2026-31233

Guardrails AI thru 0.6.7 contains a code injection vulnerability CWE-94 in its Hub package installation mechanism. When installing validator packages via guardrails hub install, the system retrieves a manifest from the Guardrails Hub and dynamically executes a script specified in the postinstall...

9.8CVSS6.3AI score0.00378EPSS

VulnCheck KEV•added 2026/05/14 12:0 a.m.•17 views

VulnCheck KEV: CVE-2026-28515

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this...

9.3CVSS5.8AI score0.39836EPSS

In wildExploits3References3

EUVD•added 2026/05/12 6:30 p.m.•6 views

EUVD-2026-29556

6.3AI score0.00378EPSS

OSV•added 2026/05/12 6:30 p.m.•2 views

GHSA-R6HF-G5X6-7PV9 Guardrails AI contains a code injection vulnerability in its Hub package installation mechanism

9.8CVSS6.3AI score0.00378EPSS

NVD•added 2026/05/12 6:16 p.m.•6 views

CVE-2026-31233

9.8CVSS0.00378EPSS

Positive Technologies•added 2026/05/12 12:0 a.m.•8 views

PT-2026-40120

6.3AI score0.00378EPSS

CVE•added 2026/05/12 12:0 a.m.•8 views

CVE-2026-31233

CVE-2026-31233 affects Guardrails AI through version 0.6.7. The vulnerability resides in the Hub package installation mechanism: when installing validator packages, the system fetches a manifest from the Guardrails Hub and dynamically executes a script specified in the post_install field. The scr...

9.8CVSS6.3AI score0.00378EPSS

Cvelist•added 2026/05/11 9:40 a.m.•32 views

CVE-2026-6956 Reflected XSS in ATutor

ATutor is vulnerable to Reflected XSS in /install/install.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS0.00101EPSS

Vulnrichment•added 2026/05/11 9:40 a.m.•5 views

CVE-2026-6956 Reflected XSS in ATutor

5.1CVSS6AI score0.00101EPSS

EUVD•added 2026/05/08 2:53 a.m.•6 views

EUVD-2026-28496

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac function appends attacker-controlled remote releaseInfo.name directly into an...

9.8CVSS5.8AI score0.00194EPSS

ATTACKERKB•added 2026/05/08 2:51 a.m.•1 views

CVE-2026-41501

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux function appends attacker-controlled remote version strings directly into an...

9.8CVSS5.8AI score0.00753EPSS

Exploits0References4Affected Software1

Snyk•added 2026/04/28 9:0 p.m.•1 views

Embedded Malicious Code

Overview @cap-js/db-service is a CDS base database service Affected versions of this package are vulnerable to Embedded Malicious Code that conceals an obfuscated payload designed to steal developer credentials during the package installation. The malicious versions and their contents are activel...

9.8CVSS5.8AI score

Snyk•added 2026/04/28 9:0 p.m.•1 views

Embedded Malicious Code

Overview mbt is a that triggers an 11.6 MB heavily obfuscated script execution.js during package installation. Once executed on a developer's machine, the malware steals the developer's credentials and weaponizes them to automatically create public GitHub repositories under the victim's account...

9.8CVSS5.8AI score

Snyk•added 2026/04/28 9:0 p.m.•2 views

Embedded Malicious Code

Overview @cap-js/sqlite is a CDS database service for SQLite Affected versions of this package are vulnerable to Embedded Malicious Code that conceals an obfuscated payload designed to steal developer credentials during the package installation. The malicious versions and their contents are...

9.8CVSS5.8AI score