CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13250 matches found

OSV•added 2026/05/09 5:13 p.m.•8 views

MAL-2026-3401 Malicious code in bttcli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ce4d4558612dd659843989e690b64a3c4073d5a4b34217c2e89a5325835da685 During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/09 5:9 p.m.•10 views

Malicious code in python-bittensor-config-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6f2ecdbc9e024d6dc51c8e5d48941c5aac432db65ad733317aed159d480973cd During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...

5.8AI score

Exploits0References1

Vulnrichment•added 2026/05/09 3:59 a.m.•5 views

CVE-2026-42301 Improper Input Validation leading to Improper Control of Generation of Code ('Code Injection') in pyp2spec

pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata e.g. the summary field into the generated spec file without escaping RPM macro directives. When a packager then runs rpmbuild, those directives get evaluated, s...

7.8CVSS6AI score0.00197EPSS

Exploits0References2

EUVD•added 2026/05/09 3:59 a.m.•9 views

EUVD-2026-28896

7.8CVSS6AI score0.00197EPSS

Exploits0References2

vulnersOsv•added 2026/05/08 8:20 p.m.•5 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), adede (=4.1.0) +201 more potentially affected by CVE-2026-44199 via wagtail (>=1.0.0 <=7.0.0)

wagtail PYPI version =1.0.0, =0.0.0, =0.57.1, =0.1.0a0.dev0, =4.1.0, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =6.3.8 and more Source cves: CVE-2026-44199 Source advisory: OSV:GHSA-PWM3-7FV4-G6XX...

6.5CVSS5.8AI score0.00174EPSS

Exploits0

Wolfi•added 2026/05/08 7:48 p.m.•18 views

CVE-2026-6019 vulnerabilities

Vulnerabilities for packages: python...

6.1CVSS5.8AI score0.00229EPSS

Exploits1

Chainguard•added 2026/05/08 7:17 p.m.•7 views

GHSA-2755-2MM4-RM5C vulnerabilities

Vulnerabilities for packages: python...

5.8AI score

Exploits0

OSV•added 2026/05/08 3:45 p.m.•4 views

MAL-2026-3398 Malicious code in ninja-ssh-proto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 84f71e430b37d8fe0ee6c72826071159bb146664fe17d9a596f6e611579851f7 During installation or import, package silently adds a new authorized SSH key. It's closely related to the 2026-05-ninja-core-utils campaign, but there is no...

5.8AI score

Exploits0References1

OSV•added 2026/05/08 9:1 a.m.•7 views

MAL-2026-3393 Malicious code in web3-tool-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9b0a2f82214baa91e572e7e7081cc863c213321d2a1f69cace704ce9b4a33e70 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

OSV•added 2026/05/08 7:38 a.m.•6 views

MAL-2026-3380 Malicious code in justinleaguekems (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 039b35e6547b64dd3e28ba9e178b9716447f88d6bd9558766c9ffe8850262d99 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score

Exploits0References1

OSV•added 2026/05/08 7:35 a.m.•5 views

MAL-2026-3386 Malicious code in yeahmankema (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e82095096c026f9ea1f8a44e7b94b0f9def1346ef887a8a6bb4e11aedc5abd63 Package exfiltrates screenshots and network information to a hardcoded target. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score

Exploits0References1

OSV•added 2026/05/08 7:29 a.m.•5 views

MAL-2026-3383 Malicious code in wallet-utils-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1c6b0bc86ba79fbf578e23fb2eeb78129ba07b9a274e2e8f780b0d427065290e The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

OSV•added 2026/05/08 7:28 a.m.•4 views

MAL-2026-3381 Malicious code in solana-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 047a41b9a67bb975c2e98b31b5e13875569de5097f0b61bb5984e300687e03e3 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/08 7:27 a.m.•11 views

Malicious code in eth-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e5895b0a95cf86acc67f21e61b55a0718a073fd06657523b47550532153ed546 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

OSV•added 2026/05/08 7:26 a.m.•6 views

MAL-2026-3377 Malicious code in crypto-wallet-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1e40a039f63743a1d3c20fb312ecd2ecb1e47fe20c6787efa0a3f0f441ad5828 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

OSV•added 2026/05/08 7:20 a.m.•6 views

MAL-2026-3379 Malicious code in eth-web3-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ab01b68589d4f3b1e8686ed007d522f24c8259049cb211a023ac3f3ff8f56ce4 Code pretends to be an ETH utility and exfiltrates the given seed/private key --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/08 7:19 a.m.•10 views

Malicious code in crypto-kit-pro (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b3c7b3526469db1bb04a5875cfcb3a1e41fe3f9c697b6d63e497a15d1177cb1b The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

5.9AI score

Exploits0References1

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Oracle Linux 6 : python (ELSA-2026-10102)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-10102 advisory. 2.6.6-68.0.6 - Fix CVE-2026-4519 Orabug: 39253111 Tenable has extracted the preceding description block directly from the Oracle Linux security...

7CVSS6.8AI score0.00315EPSS

Exploits0References3

OSV•added 2026/05/07 8:7 p.m.•5 views

MAL-2026-3371 Malicious code in pycacheopt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf50eae305079227b5283e08547cc201f941624c95e49460c3e6544cdd1e221b The extension module hides code that in specific circumstances executes given code. The malicious action is hidden only in the extension module with the...

5.9AI score

Exploits0References2

Wolfi•added 2026/05/07 7:48 p.m.•19 views

GHSA-JP4C-XJXW-MGF9 vulnerabilities

Vulnerabilities for packages: kubeflow-katib, tensorflow-cpu-jupyter, pypy-3.10, datadog-agent, py3-pip...

5.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by