Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CNNVD
CNNVDadded 2026/05/27 12:0 a.m.4 views

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to v2026 contained a vulnerability related to information leakage. This vulnerability stemmed from unvalidated information during the installation of controllers, allowi...

5.3CVSS5.8AI score0.00049EPSS
Exploits0References2
OSV
OSVadded 2026/05/25 8:30 p.m.3 views

MAL-2026-4552 Malicious code in etherproxy-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5756836b470f645f316696cbaedb1aedc21cde7fc921714bfbf70f2d528ad5b4 The bundled dist/index.js reads process.env values and posts data to https://api.telegram.org via a hardcoded fetch call line 97, with additional...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/19 6:45 p.m.9 views

Malicious code in qr-code-styling-temp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 004a5cc51cc0e38448c56189fb4437ad113eec163f7ae1a7692b88d6aed71182 The package's install lifecycle script node index.js and its main entry both load lib/core.js, which reads os.userInfo.username, os.hostname, and the...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 7:43 a.m.5 views

Malicious code in 8q (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 7:43 a.m.6 views

Malicious code in mymaldependency (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38372ffa2ec19cee68f769508d95ffb4f5c1878aeae058ce3e7a33b947d06cf1 MyMalDependencypackage/init.py executes on every import: it calls os.uname and os.getcwd, writes the results to./trans.txt in the installer's working...

6AI score
Exploits0References1
OSV
OSVadded 2026/05/12 7:41 a.m.2 views

MAL-2026-3692 Malicious code in guan (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e04a9a658bc7616e72a5edf276dd049e5b697f2492c46929caf2e01fac95d84 The top-level src/guan/init.py unconditionally calls statisticsofguanpackage on every import guan. That function in src/guan/others.py opens a raw TC...

5.8AI score
Exploits0References2
SUSE CVE
SUSE CVEadded 2024/08/22 3:12 a.m.1 views

SUSE CVE-2024-7977

Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS6.6AI score0.00028EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2024/05/15 12:0 a.m.3 views

PT-2024-5136 · Zoom · Zoom Workplace App For Windows

Name of the Vulnerable Software and Affected Versions: Zoom Workplace VDI App for Windows affected versions not specified Description: The issue is related to insufficient verification of data authenticity in the installer, which may allow an authenticated user to conduct an escalation of privile...

7.8CVSS7.2AI score0.00092EPSS
Exploits0References6
Rows per page
Query Builder