CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2026/01/13 8:35 p.m.•5 views

tarteaucitron.js has Regular Expression Denial of Service (ReDoS) vulnerability

4.4CVSS7AI score0.0004EPSS

Exploits0References4Affected Software1

RedhatCVE•added 2025/11/25 12:17 a.m.•7 views

CVE-2025-56400

Cross-Site Request Forgery CSRF vulnerability in the OAuth implementation of the Tuya SDK 6.5.0 for Android and iOS, affects the Tuya Smart and Smartlife mobile applications, as well as other third-party applications that integrate the SDK, allows an attacker to link their own Amazon Alexa accoun...

8.8CVSS6.7AI score0.0002EPSS

Exploits0References1

EUVD•added 2025/11/25 12:16 a.m.•1 views

EUVD-2025-199431

Malicious code in @voiceflow/alexa-types npm...

6.6AI score

OSV•added 2025/11/25 12:16 a.m.•1 views

MAL-2025-191331 Malicious code in @voiceflow/alexa-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2a57c4900c522a4ebbd888c0fac2f59b4f5078a7fd20a124d4b46f6329b5161 The package @voiceflow/alexa-types was found to contain malicious code. Source: ghsa-malware...

6.8AI score

vulnersOsv•added 2025/11/25 12:16 a.m.•2 views

@voiceflow/alexa-types (>=2.14.43 <=2.15.62), @voiceflow/google-dfes-types (>=2.0.0 <=2.17.14) +3 more potentially affected by unknown CVE via @voiceflow/voiceflow-types (>=3.20.20 <=3.32.44)

@voiceflow/voiceflow-types NPM version =3.20.20, =2.14.43, =2.0.0, =2.20.44, =1.27.1, =1.0.5, =1.7.13 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191386...

OSSF Malicious Packages•added 2025/11/25 12:16 a.m.•4 views

Malicious code in @voiceflow/alexa-types (npm)

6.9AI score

EUVD•added 2025/11/24 9:31 p.m.•3 views

EUVD-2025-198984

8.8CVSS6.2AI score0.0002EPSS

Exploits0References3

NVD•added 2025/11/24 8:15 p.m.•3 views

CVE-2025-56400

8.8CVSS0.0002EPSS

Exploits0References2

OSV•added 2025/11/24 8:15 p.m.•1 views

CVE-2025-56400

8.8CVSS5.8AI score0.0002EPSS

Exploits0References2

vulnersOsv•added 2025/11/24 4:24 p.m.•2 views

@voiceflow/alexa-types (>=2.14.43 <=2.15.62), @voiceflow/api-sdk (>=3.27.18 <=3.28.60) +7 more potentially affected by unknown CVE via @voiceflow/base-types (>=2.100.1 <=2.136.1)

@voiceflow/base-types NPM version =2.100.1, =2.14.43, =3.27.18, =2.13.92, =2.0.0, =2.20.44, =1.60.0, =1.8.0, =2.9.71, =3.26.33, =3.32.47 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWBASETYPES-14103397...

vulnersOsv•added 2025/11/24 4:24 p.m.•2 views

@voiceflow/alexa-types (>=1.1.3 <=1.49.0), @voiceflow/api-sdk (>=1.0.0 <=1.31.6) +6 more potentially affected by unknown CVE via @voiceflow/pino (>=6.11.0 <=6.11.2)

@voiceflow/pino NPM version =6.11.0, =1.1.3, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =1.5.0, =1.10.2, =1.0.0, =1.17.4 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWPINO-14103426...

vulnersOsv•added 2025/11/24 4:24 p.m.•2 views

@voiceflow/alexa-types (>=2.0.0 <=2.16.3), @voiceflow/api-sdk (>=3.0.0 <=3.29.3) +11 more potentially affected by unknown CVE via @voiceflow/common (>=8.10.0 <=8.9.0)

@voiceflow/common NPM version =8.10.0, =2.0.0, =3.0.0, =2.50.1, =2.0.0, =3.0.0, =2.0.0, =2.0.0, =1.0.3, =1.3.3, =1.0.0, =2.0.0, =3.2.20, =1.0.3, =1.7.13 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWCOMMON-14103402...

vulnersOsv•added 2025/11/24 4:24 p.m.•3 views

@voiceflow/alexa-types (>=2.14.43 <=2.15.62), @voiceflow/google-dfes-types (>=2.0.0 <=2.17.14) +3 more potentially affected by unknown CVE via @voiceflow/voiceflow-types (>=3.20.20 <=3.32.44)

@voiceflow/voiceflow-types NPM version =3.20.20, =2.14.43, =2.0.0, =2.20.44, =1.27.1, =1.0.5, =1.7.13 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWVOICEFLOWTYPES-14103448...

vulnersOsv•added 2025/11/24 4:24 p.m.•3 views

@voiceflow/alexa-types (>=2.15.0 <=2.15.62), @voiceflow/google-dfes-types (>=2.17.0 <=2.17.7) +3 more potentially affected by unknown CVE via @voiceflow/voice-types (>=2.10.0 <=2.10.57)

@voiceflow/voice-types NPM version =2.10.0, =2.15.0, =2.17.0, =2.21.0, =1.60.2, =3.30.0, =3.32.47 Source cves: unknown CVE Source advisory: SNYK:JS-VOICEFLOWVOICETYPES-14103447...