CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

MAL-2026-5495 Malicious code in @solana-launchpad/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f311ca65e1dd4812e0b9812be713108a676a6f25c8d48443ab93a97133447b7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score

Exploits0References1

vulnersOsv•added 4 days ago•3 views

openpaw-graveyard (=3.0.0) potentially affected by unknown CVE via @solana-launchpad/sdk (=1.0.13)

@solana-launchpad/sdk NPM version =1.0.13 is affected by a known vulnerability. The following packages have a transitive dependency on @solana-launchpad/sdk and may be impacted: - openpaw-graveyard =3.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-5495...

5.5AI score

Exploits0

OSSF Malicious Packages•added 4 days ago•6 views

Malicious code in @solana-launchpad/sdk (npm)

5.5AI score

Exploits0References1

vulnersOsv•added 4 days ago•3 views

@meme-sdk/trade (>=1.0.0 <=1.0.1), @solana-launchpad/sdk (>=1.0.10 <=1.0.13) +2 more potentially affected by unknown CVE via @validate-sdk/v2 (>=1.22.11 <=1.22.31)

@validate-sdk/v2 NPM version =1.22.11, =1.0.0, =1.0.10, =1.0.5, =1.0.6 - openpaw-graveyard =3.0.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-5497...

5.5AI score

Exploits0

vulnersOsv•added 2026/04/28 10:0 p.m.•4 views

openpaw-graveyard (=3.0.0) potentially affected by unknown CVE via @solana-launchpad/sdk (=1.0.13)

5.8AI score

Exploits0

vulnersOsv•added 2026/04/28 10:0 p.m.•8 views

@meme-sdk/trade (>=1.0.0 <=1.0.1), @solana-launchpad/sdk (>=1.0.10 <=1.0.13) +2 more potentially affected by unknown CVE via @validate-sdk/v2 (>=1.22.11 <=1.22.31)

@validate-sdk/v2 NPM version =1.22.11, =1.0.0, =1.0.10, =1.0.5, =1.0.6 - openpaw-graveyard =3.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-VALIDATESDKV2-16321533...

5.8AI score

Exploits0

Snyk•added 2026/04/28 10:0 p.m.•2 views

Malicious Package

Overview @solana-launchpad/sdk is a malicious package. This package contains malicious code, and its content was not yet removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by