CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/09 7:28 a.m.•1 views

MAL-2026-2519 Malicious code in just4testlm (PyPI)

5.8AI score

OSV•added 2026/04/08 8:22 p.m.•2 views

MAL-2026-2517 Malicious code in kraken-trader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4bf5ec6e8a6020de1e122cf07f2dde0f02fa1a484ff984586db379729da75523 The package is a loader of malicious code disguised as remote "credits" code. The remote location, built from the parts in the code, delivers highly obfuscated...

5.9AI score

Exploits0References2

CNNVD•added 2026/04/07 12:0 a.m.•2 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the History Navigation policy, which could allow remote attackers to inject arbitrary scripts or...

6.1CVSS7.5AI score0.00016EPSS

Exploits0References3

OSSF Malicious Packages•added 2026/04/04 12:1 p.m.•4 views

Malicious code in gangomodule (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8117683c90fb188f9fc013b3b3006dc5e31269d2511dd7c80eea9ac7b6892d09 During installation, obfuscated code validates the environment against typical sandboxing signs and attempts to download the next stages from remote sources. T...

CNNVD•added 2026/04/01 12:0 a.m.•1 views

SourceCodester Zoo Management System 安全漏洞

The SourceCodester Zoo Management System is an open-source zoo management system developed by SourceCodester. Version 1.0 of the SourceCodester Zoo Management System contains a security vulnerability. This vulnerability stems from a reflection cross-site scripting vulnerability in the msg paramet...

6.1CVSS5.8AI score0.00018EPSS

RedhatCVE•added 2026/03/31 4:59 a.m.•3 views

CVE-2026-30564

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewpayments.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS6AI score0.00066EPSS

NVD•added 2026/03/30 4:16 p.m.•3 views

CVE-2026-30556

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the index.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via...

6.1CVSS0.00021EPSS

NVD•added 2026/03/30 3:16 p.m.•3 views

CVE-2026-30565

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the viewsupplier.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6.1CVSS0.00066EPSS

OSV•added 2026/03/30 11:55 a.m.•1 views

MAL-2026-2298 Malicious code in hiveos-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6d040e58dddde324da836a19a41eb5c65698ef869ed3e534f662136f1fb48440 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

Positive Technologies•added 2026/03/30 12:0 a.m.•4 views

PT-2026-29040

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add customer.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or...

6AI score0.00021EPSS

Exploits1References2

Positive Technologies•added 2026/03/30 12:0 a.m.•1 views

PT-2026-29033

A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the view customers.php file via the "limit" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script ...

6.1CVSS6AI score0.00066EPSS

Exploits1References2

OSSF Malicious Packages•added 2026/03/29 6:44 p.m.•2 views

Malicious code in hiveos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 632c5c53f72df87d7b0d9843df212e147e729699ffe5e7f6c20e3cd41fa13f64 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

Github Security Blog•added 2026/03/29 3:30 p.m.•4 views

Duplicate Advisory: OpenClaw: Unbound interpreter and runtime commands could bypass node-host approval integrity

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-xf99-j42q-5w5p. This link is maintained to preserve external references. Original Description OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local...

7.3CVSS6.3AI score0.00049EPSS

Exploits0References4Affected Software1

OSSF Malicious Packages•added 2026/03/27 4:50 p.m.•4 views

Malicious code in copytrading (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 00e18dbfb3978939790912c09da21fd43b670c4017c160002bb5fc534164e577 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

OSV•added 2026/03/27 4:47 p.m.•1 views

MAL-2026-2273 Malicious code in trustwallet (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ffef6e3541d5ab62ee32f0d44e9da05c6e495c15a4c9a9d9a4866e40ae502604 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

OSSF Malicious Packages•added 2026/03/27 4:45 p.m.•3 views

Malicious code in claude-lite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a73f0745200bef9d517a2ac5e3e69189347e0b730a0187e71c3c201accd5833 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

OSV•added 2026/03/27 4:44 p.m.•1 views

MAL-2026-2272 Malicious code in solana-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f0a22ac83bdfd88312e7d422a0e3c27531ccdb7a6c6e4afa1ae513bb9aecf41f Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...

OSSF Malicious Packages•added 2026/03/27 4:44 p.m.•2 views

Malicious code in solana-api (PyPI)

OSV•added 2026/03/27 4:39 p.m.•1 views

MAL-2026-2268 Malicious code in gemini-ai-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 db2be37ea455b54b825242a3f66310fdf3f70e50b1dc1a234fa3ebb534afa857 Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...