Lucene search
K

663 matches found

OSV
OSV
added 2026/05/28 5:50 p.m.11 views

MAL-2026-4859 Malicious code in telethon-pro-safe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8bc2e515c2eb7bf73ea5d532cfb6701dcaf3dd95e9d8248ee3d426b1d0c1ed8c During installation, package executes obfuscated code that starts a RAT-like software allowing remote control and exfiltrating sensitive data. --- Category:...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/22 9:30 a.m.11 views

MAL-2026-4395 Malicious code in @inetafrica/open-claudia (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09b3881ec598069649e57612f04359886ef22331899541885248ea6a0a41bce2 Multiple files in this package contain a Telegram-bot-based command-and-control and exfiltration framework wired to install/runtime-reachable code...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/05/21 8:32 a.m.7 views

MAL-2026-4588 Malicious code in ionic-insta-api-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44363ea3b97b18ea938430059144fd219a58b93d04149e45da97c60322ff4868 This package presents itself as an Instagram API wrapper but silently forwards caller-supplied Instagram credentials and session data to a hardcoded...

5.5AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/21 2:28 a.m.21 views

SUSE CVE-2026-41470

LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attackers who obtain a valid Session token can issue PLAY and TEARDOWN commands from a second TCP...

8.2CVSS5.8AI score0.00486EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 1:29 a.m.11 views

Malicious code in selfservsweeper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81843a6f21fe31627b1e97fdb8ffe41789c1f921c60512347bbf2b0c2fb30121 Package self-describes as a 'Touch-friendly Minesweeper overlay for NCR SelfServ kiosks', but the advertised CLI entrypoints selfservsweeper,...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/05/21 1:29 a.m.10 views

MAL-2026-4221 Malicious code in selfservsweeper (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 81843a6f21fe31627b1e97fdb8ffe41789c1f921c60512347bbf2b0c2fb30121 Package self-describes as a 'Touch-friendly Minesweeper overlay for NCR SelfServ kiosks', but the advertised CLI entrypoints selfservsweeper,...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/05/20 6:38 p.m.11 views

MAL-2026-4360 Malicious code in @aledan007/tester (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ab03e3eef2f59f358cdaacedf2d9facb12077110c5402ad36aad6e3581e66439 The bundled server file dist/server/index.js contains a hardcoded reference to the attacker-controlled domain https://evil.attacker-example.com...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/05/20 1:0 p.m.10 views

MAL-2026-4603 Malicious code in lynx-keeper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc28f02ae68bf5a1a57af8662180d7a8a040e6f32ad87abde9acdae508070189 On require, dist/index.js executes a hex-obfuscated harvester that reads /.aws/credentials, /.aws/config, /.ssh/idrsa, /.ssh/ided25519, /.ssh/config,...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/19 5:19 p.m.15 views

Malicious code in superacli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c45fea405a610447f72926e8663afc4151606f39189d380bf929ad09419908b plugins/gopass/daemon.js opens an outbound WebSocket connection to a hardcoded bare IP ws://92.113.145.178:8768 defaulted via process.env.GOPASSUIURL...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/05/19 5:19 p.m.8 views

MAL-2026-4674 Malicious code in superacli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c45fea405a610447f72926e8663afc4151606f39189d380bf929ad09419908b plugins/gopass/daemon.js opens an outbound WebSocket connection to a hardcoded bare IP ws://92.113.145.178:8768 defaulted via process.env.GOPASSUIURL...

5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/05/19 12:0 a.m.13 views

EUVD-2026-30950

An OS command injection vulnerability in the /stream-to-vlc Express route in hitarth-gg Zenshin before 2.7.0 allows remote attackers to execute arbitrary commands via the url parameter...

6.1AI score0.01622EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/18 10:6 a.m.15 views

Malicious code in pyenvprep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/15 12:29 p.m.16 views

Malicious code in venv-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/05/15 12:29 p.m.9 views

MAL-2026-3803 Malicious code in venv-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9af11c23295a9a592b6fd62d62490669a752ab6dc6c0b755ebd068ec6371375f Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/05/14 9:30 p.m.8 views

GHSA-FM77-94QM-4894 Crabbox: environment variable exposure vulnerability

Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens, cloud credentials, and broker tokens into the remote command environment. Attackers can exploit...

9.3CVSS5.8AI score0.00742EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/14 7:18 p.m.22 views

EUVD-2026-30418

Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward local secrets such as API tokens, cloud credentials, and broker tokens into the remote command environment. Attackers can exploit...

9.3CVSS5.8AI score0.00742EPSS
Exploits0References4
OSV
OSV
added 2026/05/13 6:41 p.m.10 views

MAL-2026-3698 Malicious code in trickery (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3ad5df28c8d5f5afa377d6b54a7eac1d3110610783c7e62fbd084a0bd49baac5 Package contains code to install a backdoor - and additionally to a user-controlled backdoor, it also installs the second, with own C2 server. It's not...

6AI score
Exploits0References2
OSV
OSV
added 2026/05/13 11:26 a.m.8 views

MAL-2026-3777 Malicious code in vue-template-compiler-plugin (npm)

Full C2 implant disguised as vue-template-compiler fork. postinstall-run.cjs loads tooling-bootstrap.cjs which contains base64-encoded C2 agent. Decoded payload: registers victim hostname, username, OS to Cloudflare tunnel C2 at maiden-apply-looks-education.trycloudflare.com, beacons for tasks,...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 5:52 a.m.18 views

Malicious code in openai-spellcheckers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 195e6ac284c1a3e97b7683250a5514ed89d903819d2a3c97987782d4725e0e9f Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6AI score
Exploits0References3
OSV
OSV
added 2026/05/13 5:52 a.m.7 views

MAL-2026-3638 Malicious code in openai-spellcheckers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 195e6ac284c1a3e97b7683250a5514ed89d903819d2a3c97987782d4725e0e9f Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6AI score
Exploits0References3
Rows per page
Query Builder