Lucene search
K

6 matches found

OSV
OSV
added 2026/06/29 6:4 a.m.4 views

MAL-2026-6584 Malicious code in poly-kelly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d3df5266b6e9d9347844e4e054ab744aad9517c6f55df4e68e6c6815e843da7 On npm install, the package's postinstall script reads the homepage field from package.json set to...

5.9AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/27 2:21 p.m.13 views

Malicious code in ryan-pdf-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3d966501b5f533318c26b54887cd29b3cd6c9495035a0f74519ba349357e3eb [email protected] is an empty stub package index.js exports whose sole purpose is to deliver an off-registry payload at install time. Its package.js...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 10:0 a.m.14 views

Malicious code in @cap-js/postgres (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/29 10:0 a.m.8 views

Malicious code in mbt (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/04/29 10:0 a.m.10 views

MAL-2026-3177 Malicious code in @cap-js/postgres (npm)

Supply chain compromise of legitimate SAP packages published by threat actor "[email protected]" impersonating SAP toolchain maintainers. All four compromised packages share the same fingerprint: setup.mjs 4.4 KB and execution.js 11.1 MB bundled in the tarball, with a preinstall hook of "node...

5.7AI score
Exploits0References2
GithubExploit
GithubExploit
added 2022/10/05 10:5 a.m.6 views

Exploit for CVE-2022-42457

CVE-2022-42457 Generex-CS141-Authenticated-Remote-Command-Exec...

9.1CVSS8.4AI score0.02237EPSS
Exploits2
Rows per page
Query Builder