CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 3 days ago•7 views

Malicious code in request-cache-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eafb96e46544cb1351d26caf52bff79055bc205a1f8454737b677fff8fbc6fea request-cache-py impersonates the legitimate requests-cache HTTP caching library. On import requestcachepy, the package's init.py starts a background...

6.1AI score

Exploits0References7

OSV•added 3 days ago•4 views

MAL-2026-6245 Malicious code in request-cache-py (PyPI)

6.1AI score

Exploits0References7

OSSF Malicious Packages•added 6 days ago•8 views

Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score

Exploits0References6

OSV•added 6 days ago•5 views

MAL-2026-6083 Malicious code in syncagents (PyPI)

5.9AI score

Exploits0References6

EUVD•added 6 days ago•8 views

EUVD-2026-37785

Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the downloaddir function that allows a rogue or compromised remote Windows server to write files outside the intended download directory by returning filenames with traversal sequences from Get-ChildItem...

7.4CVSS5.4AI score0.00304EPSS

Exploits0References3

OSSF Malicious Packages•added 6 days ago•7 views

Malicious code in scan-only (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a7779ff21d9783e1026e13a7abf65e448c5f3d3d111f3cae539f3690e53a2b4 The CLI binary at bin/scan-only.js, when invoked e.g., via npx scan-only --diagnose, harvests installer-side secrets and ships them to a hardcoded...

6.1AI score

Exploits0References14

Nuclei•added 2026/06/16 7:13 a.m.•228 views

Mlflow <2.9.2 - Path Traversal

Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. id: CVE-2023-6909 info: name: Mlflow 2.9.2 - Path Traversal author: Hyunsoo-ds severity: high description: | Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. impact: | Successful...

7.5CVSS7.2AI score0.89716EPSS

Exploits1References3

OSV•added 2026/06/15 3:9 p.m.•4 views

MAL-2026-5784 Malicious code in vaults-monitor-cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b81c6b9e59e86c40858cb47e91d597b3776fea71def7feb3ca11833625fa3923 On npm install, the package's preinstall hook node postinstall.js || true executes automatically. The script collects hostname, username, and current...

OSSF Malicious Packages•added 2026/06/13 6:51 a.m.•8 views

Malicious code in houzidawang807 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7568d90e7a8d940b5618fa36bccfc2b7fa02ceaa814f0a416d2cc989c685e489 Package advertises itself as 'a simple date formatting utility' but ships an SSH-key-stealing C2 client. postinstall.js enumerates /.ssh for .pub...

5.3AI score

OSV•added 2026/06/13 6:51 a.m.•7 views

MAL-2026-5732 Malicious code in houzidawang808 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71d6b96fe99e7f8503cb07df05d6b621dc8e8243fc7288844678d8aff043a654 The package presents itself as a 'simple date formatting utility' index.js exports a trivial formatDate wrapper around toLocaleDateString, but ships ...

5.3AI score

OSSF Malicious Packages•added 2026/06/12 3:28 p.m.•9 views

Malicious code in internallib_v984 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c46879ad94169111411f91b210779628bb14a5d16843ec2bec42bf418affdf8 Package exports a single command function that, when invoked, performs three coordinated attacks against the host: 1 appends a hardcoded...

5.5AI score

Exploits0References7

OSV•added 2026/06/11 12:53 p.m.•6 views

MAL-2026-5641 Malicious code in goreleaser-run (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2733e0c086915d44eb8c971575087d9260bf1133d62da63920b578cf7e60c30 Package impersonates the legitimate goreleaser tool name goreleaser-run, homepage spoofed to https://goreleaser.org; goreleaser is not officially...

5.5AI score

EUVD•added 2026/06/10 5:3 a.m.•9 views

EUVD-2026-35982

A local privilege escalation vulnerability was found in the ansible.posix authorizedkey module. The module's keyfile function uses os.chown instead of os.lchown and opens files without ONOFOLLOW when managing SSH authorized keys. An unprivileged local user can pre-stage symbolic links in their...

7.3CVSS5.6AI score0.00127EPSS

Debian CVE•added 2026/06/10 5:3 a.m.•8 views

CVE-2026-11837

7.3CVSS5.6AI score0.00127EPSS

Exploits0

OSV•added 2026/06/09 7:55 a.m.•8 views

MAL-2026-5360 Malicious code in wallet-sdk-9 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0 campaign sibling c960+. postinstall auto-execs, src/index.js harvests /.ssh/idrsa+ided25519+Sol/Eth/BTC/Tron/Sui/Aptos wallets+.env+seeds, self-labels "CRYPTO STEALER", exfils to SAME Telegram bot 8227918239 chat 6433587894 not rotated. Campaign now...

5.7AI score

OSSF Malicious Packages•added 2026/06/09 7:55 a.m.•10 views

Malicious code in ethereum-kit-9 (npm)

5.7AI score

OSSF Malicious Packages•added 2026/06/09 7:55 a.m.•8 views

Malicious code in crypto-utils-7 (npm)

Crypto/SSH/wallet stealer, blockchain-helper-0/web3-tools-9 campaign sibling c960/c961. postinstall scripts/postinstall.js auto-execs, src/index.js harvests /.ssh/idrsa+wallet keys/seeds+env, self-labels "CRYPTO STEALER", exfils to IDENTICAL Telegram bot 8227918239 chat 6433587894 not rotated...

OSSF Malicious Packages•added 2026/06/09 7:55 a.m.•10 views

Malicious code in ethereum-kit-1 (npm)

OSV•added 2026/06/09 7:55 a.m.•8 views

MAL-2026-5355 Malicious code in ethereum-kit-1 (npm)