CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/11 12:2 p.m.•5 views

MAL-2026-5649 Malicious code in bibip-bip (PyPI)

6.3AI score

OSSF Malicious Packages•added 2026/06/11 7:39 a.m.•12 views

Malicious code in tailwind-animator-scroll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f89c3c4c01375bc7baef213c815a901ac3947eaf3835aa80ea67a725ece8d533 The package's main entry src/index.js appends, after a large whitespace gap following the legitimate-looking Tailwind plugin code, an...

5.6AI score

OSV•added 2026/06/11 7:25 a.m.•10 views

MAL-2026-5614 Malicious code in janus-erc20 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728f3d5af5a999be016a49283fff2c5cedc0c5df445d2f078f1f9817dde22334 On npm install, postinstall.js harvests installer secrets and POSTs them to 193.203.169.109:8443/c/janus-erc20 over HTTPS with TLS verification...

5.4AI score

OSSF Malicious Packages•added 2026/06/11 7:16 a.m.•7 views

Malicious code in 0x2ai-demo9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb3fa91a9457ef11dc837c301fef1b22dbe1b19f00400215d853958726e1d055 On npm install, the package's postinstall script writes .mcp.json, CLAUDE.md, and a .claude/commands/0x2ai-boot.md slash-command file into the...

OSSF Malicious Packages•added 2026/06/11 7:16 a.m.•8 views

Malicious code in 0x2ai-zoe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 724bd98c39a8e4ff21b039fddeadfda7f0ef7e3c6be47e771d72efed77d02b1b On npm install, scripts/postinstall.cjs copies the entire payload/ tree into process.env.INITCWD the directory the developer ran npm from, depositing...

OSV•added 2026/06/11 6:49 a.m.•17 views

MAL-2026-5617 Malicious code in sysnu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eac9873e59ffdf79c56fd4f9366b56e0532f87dc00c4380fae18d714785b0bc8 On require / CLI invocation, sysnu performs two install-time-equivalent actions on Windows hosts. First, if python is not on PATH, index.js lines 42-...

5.6AI score

The Hacker News•added 2026/06/11 6:23 a.m.•14 views

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2026/06/11 6:13 a.m.•8 views

Malicious code in twilio-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 737fede3d5b2007849cab0503cec191ce127c33c0b28f3b3285f347a064966e1 Package name twilio-sdk impersonates the official Twilio Node SDK twilio but ships an empty API module.exports = . The only real behavior runs in...

OSV•added 2026/06/11 6:13 a.m.•11 views

Exploits0References9

MAL-2026-5621 Malicious code in twilio-sdk (npm)

OSSF Malicious Packages•added 2026/06/11 5:17 a.m.•14 views

Exploits0References9

Malicious code in ai-sdk-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 501daa3c8b2c9c2609dc60fd90ae59710a603ae56fa5dcc867d24913889c5413 [email protected] is a typosquat impersonating the Vercel AI SDK ecosystem homepage ai-sdk.guide, author 'AI SDK Guide '. On npm install,...

OSV•added 2026/06/11 5:10 a.m.•11 views

Exploits0References22

MAL-2026-5572 Malicious code in sendgrid-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08f1d48bc557c6afa69c74455fe35f34ed0992082dc30fc09d032523d2329f63 Package impersonates the official SendGrid npm packages @sendgrid/ but ships no SDK functionality — index.js exports an empty object. Its sole purpos...

5.4AI score

Exploits0References9

OSSF Malicious Packages•added 2026/06/11 5:6 a.m.•9 views

Malicious code in webpack-cache-cycle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82fa37e2478a7109e376e3a062ccb203806511033930eb7390e45fe7ef404b81 On npm install, package.json's postinstall hook runs node -e "require'./loader.js'". loader.js spawns a detached node process that decodes a...

OSV•added 2026/06/11 5:6 a.m.•10 views

MAL-2026-5580 Malicious code in webpack-cache-reset (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fee0027f45dd4846b52b99120af39a0bca88f8693047612e946cd8d816f36e6c On npm install, the package's postinstall hook runs loader.js, which hex-decodes the URL https://jsonkeeper.com/b/INN1F an anonymous JSON paste host,...

6AI score

OSV•added 2026/06/11 5:6 a.m.•9 views

MAL-2026-5578 Malicious code in webpack-cache-clean (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f8656d094ec59721c08eb72a1ec8f1530cd07985edf705032926dd9a19461d9 On npm install, the package runs a postinstall hook node -e "require'./loader.js'" that spawns a detached child process. The child decodes an...

6.3AI score

OSSF Malicious Packages•added 2026/06/11 5:0 a.m.•11 views

Malicious code in @bestlzk/sectest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0cfce552ac72417ec7db2c48e0e13b1d060007167e82bd0f9b10799efe85e7f4 On npm install, postinstall.js collects platform, Node version, current working directory, and OS username, then POSTs them as JSON to...

6.4AI score

OSV•added 2026/06/11 5:0 a.m.•7 views

MAL-2026-5561 Malicious code in @bestlzk/sectest (npm)

6.4AI score

OSV•added 2026/06/11 4:49 a.m.•9 views

MAL-2026-5569 Malicious code in js-crypto-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9d677e45bee46911d04564e9260f4b569119a4ca0a13a58bcd43760359fbb4f The package's prepinstall.js script base64-decodes a hidden URL stored in a constant misleadingly named HASHKEY decoding to...

5.9AI score

OSSF Malicious Packages•added 2026/06/11 4:46 a.m.•9 views

Malicious code in nim-submit-for-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf75301042574897cc2f4bd8f3b8939fe4ac7a958f2cfe2404bbbee149797d0 On npm install, the package's postinstall hook executes lib/compiler.js, which spawns a detached Node process that collects host identity hostname,...