CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

121842 matches found

MAL-2026-5291 Malicious code in sequoia-engineering (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2f9c2bfd3d6035b7f58ea95bdcd1329af80adec3c1ef84cb1a8412c6d4c3bf9b The OpenSSF Package Analysis project identified 'sequoia-engineering' @ 2.2.2 npm as malicious. It is considered malicious because: - The packag...

5.4AI score

Exploits0

OSV•added 2 days ago•6 views

MAL-2026-5289 Malicious code in unifi-portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8ff224f10cd94268bd5347ea6898f0cb1c54d23b19a6eb02d8efa268a16e15e8 The OpenSSF Package Analysis project identified 'unifi-portal' @ 99.0.0 npm as malicious. It is considered malicious because: - The package...

5.4AI score

Exploits0

OSV•added 2 days ago•4 views

MAL-2026-5286 Malicious code in encrypted-archive (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13428a6cdcd4736d3f044dd6a580724699318155a1c1e283b586b9a4c3ab6295 The OpenSSF Package Analysis project identified 'encrypted-archive' @ 99.0.0 npm as malicious. It is considered malicious because: - The package...

5.4AI score

Exploits0

OSSF Malicious Packages•added 2 days ago•9 views

Malicious code in uhd-setup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 358eee34aaba61eaa93e977d35a18f35f59a56527d7c20b6e9a0bdf9c4a0a8da The OpenSSF Package Analysis project identified 'uhd-setup' @ 99.0.0 npm as malicious. It is considered malicious because: - The package...

5.4AI score

Exploits0

RedhatCVE•added 3 days ago•5 views

CVE-2025-65122

Regex Denial of Service in youtube-regex npm package through version 1.0.5...

7.5CVSS5.4AI score0.00052EPSS

Exploits0References1

OSV•added 3 days ago•4 views

ROOT-APP-NPM-CVE-2026-2739 CVE-2026-2739 in @rootio/bn.js - Patched by Root

Root has patched CVE-2026-2739 in the @rootio/bn.js package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00022EPSS

Exploits0

Snyk•added 3 days ago•3 views

Malicious Package

Overview utils-mf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score

Exploits0References2

OSV•added 3 days ago•3 views

MAL-2026-5268 Malicious code in ulid-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b6ef4088107b64693d6c1dfa04be004ad1e19b3d34737d7b79b96b21701a5e7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score

Exploits0References1

OSSF Malicious Packages•added 3 days ago•5 views

Malicious code in ulid-os (npm)

5.5AI score

Exploits0References1

OSSF Malicious Packages•added 3 days ago•6 views

Malicious code in autotel-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score

Exploits0References2

OSSF Malicious Packages•added 3 days ago•8 views

Malicious code in @vapi-ai/server-sdk (npm)

5.7AI score

Exploits0References2

OSV•added 3 days ago•3 views

MAL-2026-5203 Malicious code in @ethlete/theming (npm)

5.7AI score

Exploits0References2

OSV•added 3 days ago•3 views

MAL-2026-5244 Malicious code in discord-search (npm)