Lucene search
+L

599997 matches found

OSV
OSV
added 2 days ago6 views

MAL-2026-10659 Malicious code in @sauruslord/libsignal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0c2cf2672d98396a7b66cb732741d269732f5faae72293ea46e06b879e7a45b Package name impersonates Open Whisper Systems' libsignal-node but ships unrelated code. On require of index.js, after a 1-second delay, install.js...

6.1AI score
Exploits0References2
OSV
OSV
added 2 days ago4 views

MAL-2026-10661 Malicious code in sauruslord-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 474b90ec19af5dbbc5bf3c8d27c0c4d079c7d980d6e3316dad3bbf5682abbe52 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in sauruslord-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 474b90ec19af5dbbc5bf3c8d27c0c4d079c7d980d6e3316dad3bbf5682abbe52 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSV
OSV
added 2 days ago3 views

MAL-2026-10638 Malicious code in monogrok (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3369fb16804682addfec56904223d0255c2a0ca6d35481e744221e8252f2000d Package publishes as a generic 'M!T' library with an unrelated Apache-license README, but the tarball contains an offensive spam / phishing /...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago13 views

Malicious code in monogrok (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3369fb16804682addfec56904223d0255c2a0ca6d35481e744221e8252f2000d Package publishes as a generic 'M!T' library with an unrelated Apache-license README, but the tarball contains an offensive spam / phishing /...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago7 views

Malicious code in ethereum-input-decorder (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94137fcf0aee7d8edb4e15a8bc9be4455fbdf79cb5bf99987b79f0393fdff62c The package name typosquats the legitimate 'ethereum-input-decoder'. Its top-level init.py unconditionally invokes a payload routine on import: it...

6.2AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago8 views

Malicious code in webpack-session-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0007695a788bff7d6d0a87ee48de6771c12a1e21241bd3fc0bc7b5509608533e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 2 days ago4 views

MAL-2026-10653 Malicious code in webpack-session-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0007695a788bff7d6d0a87ee48de6771c12a1e21241bd3fc0bc7b5509608533e The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago6 views

Malicious code in @hkyyy/portal-widget-helper-0601 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f72e27d8bfbf5b9bfefe661d642be934399a38031c1bee028a20ed3282e0f482 The package has no real functionality — index.js only exports ok: true — and its sole effect is to run a postinstall reconnaissance script...

6.1AI score
Exploits0References2
OSV
OSV
added 2 days ago3 views

MAL-2026-10648 Malicious code in @hkyyy/portal-widget-helper-0601 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f72e27d8bfbf5b9bfefe661d642be934399a38031c1bee028a20ed3282e0f482 The package has no real functionality — index.js only exports ok: true — and its sole effect is to run a postinstall reconnaissance script...

6.1AI score
Exploits0References2
Chainguard
Chainguard
added 2 days ago9 views

GHSA-F8H2-VMM9-QHJ6 vulnerabilities

Vulnerabilities for packages: dotnet-bootstrap...

6.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2 days ago8 views

Malicious code in @leviosa86com/leviosa86-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...

6.1AI score
Exploits0References4
OSV
OSV
added 2 days ago3 views

MAL-2026-10625 Malicious code in @leviosa86com/leviosa86-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96264a8719e17bd8ec21d47213fe31dec87445e01ff312a1e46af5819e028979 Package @leviosa86com/[email protected] ships src/poc/index.js which shells out via childprocess.exec to collect host identifiers hostname, pwd,...

6.1AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2 days ago4 views

net: golang: Go net package: Denial of Service via long CNAME response in LookupCNAME

A flaw was found in the net package of Go golang, specifically when using the LookupCNAME function with the cgo DNS resolver. A remote attacker could exploit this by providing a very long Canonical Name CNAME response. This can trigger a double-free of C memory, leading to a crash and a Denial of...

7.5CVSS6.9AI score0.00813EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-60082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBI versions before 1.651 for Perl do not enforce statement handle consistency with the row. When the statement handle had no fields but the source row was...

9.1CVSS6.1AI score0.00653EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-15392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DBD::File versions before 1.651 for Perl do not ensure the table file is not a symlink to an untrusted location. The completetablename method builds the absolut...

7.7CVSS6.1AI score0.00196EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago5 views

Malicious code in install-skia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b665b508eeae9e0e619ed7b68e3a43248cd81d67d40a0516bbd62981ddb2359f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 3 days ago8 views

Malicious code in iwsdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66af3674e89512532e1448a9421b3318388094ff91bb2e8c32714670a7f5f2cc The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 3 days ago4 views

MAL-2026-10650 Malicious code in install-skia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b665b508eeae9e0e619ed7b68e3a43248cd81d67d40a0516bbd62981ddb2359f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSV
OSV
added 3 days ago4 views

MAL-2026-10651 Malicious code in iwsdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66af3674e89512532e1448a9421b3318388094ff91bb2e8c32714670a7f5f2cc The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
Rows per page
Query Builder