CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

Snyk•added 2026/04/13 3:25 p.m.•2 views

Malicious Package

Overview @amplify-js/datastore is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

Exploits0References2

OSSF Malicious Packages•added 2026/04/13 3:25 p.m.•3 views

Malicious code in @amplify-js/datastore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a31c933f191cd94be3e10adb951ed57652fe41955589d37ce8c200c96256f36e The package @amplify-js/datastore was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Exploits0References1

OSV•added 2026/04/13 3:25 p.m.•0 views

MAL-2026-2574 Malicious code in @amplify-js/datastore (npm)

5.7AI score

Exploits0References1

GithubExploit•added 2026/03/18 11:51 p.m.•274 views

Exploit for Incorrect Default Permissions in Amazon Amplify_Cli

skycenter Attack Chain Security Analysis Engine for AWS, Azure...

10CVSS6.3AI score0.9113EPSS

Exploits21

OSV•added 2026/02/10 7:22 p.m.•1 views

MAL-2026-842 Malicious code in amplify-python-logging (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e12fee1c4154d81de6e4575af21aa6a760da4f5694746264a2de50e2c5782fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/02/10 7:22 p.m.•3 views

Malicious code in amplify-python-logging (PyPI)

5.8AI score

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-45491

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00231EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-13500

Malicious code in bioql PyPI...

9.5CVSS8.8AI score0.00236EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-1151

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00648EPSS

Exploits2References9

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-7996 Malicious code in @hey-amplify/scripts (npm)

The package @hey-amplify/scripts was found to contain malicious code...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•3 views

Malicious code in @hey-amplify/scripts (npm)

The package @hey-amplify/scripts was found to contain malicious code...

7AI score

Exploits0

RedhatCVE•added 2025/05/23 7:46 a.m.•5 views

CVE-2024-28056

Amazon AWS Amplify CLI before 12.10.1 incorrectly configures the role trust policy of IAM roles associated with Amplify projects. When the Authentication component is removed from an Amplify project, a Condition property is removed but "Effect":"Allow" remains present, and consequently...

9.8CVSS6.8AI score0.00648EPSS

Exploits2References1

RedhatCVE•added 2025/05/07 6:25 p.m.•4 views

CVE-2025-4318

The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build...

9.5CVSS7AI score0.00236EPSS

Exploits0References1

NVD•added 2025/05/05 7:15 p.m.•11 views

CVE-2025-4318

9.5CVSS0.00236EPSS

Exploits0References5

OSV•added 2025/05/05 7:15 p.m.•1 views

CVE-2025-4318

9.5CVSS7AI score0.00236EPSS

Exploits0References5

Cvelist•added 2025/05/05 6:16 p.m.•11 views

CVE-2025-4318 Input validation issue in AWS Amplify Studio UI component properties

9.5CVSS0.00236EPSS

Exploits0References3

CVE•added 2025/05/05 6:16 p.m.•63 views

CVE-2025-4318

CVE-2025-4318 affects the package aws-amplify/amplify-codegen-ui used with AWS Amplify Studio. The vulnerability is described as a lack of input validation in UI component property expressions, which could allow an authenticated user with access to create or modify components to execute arbitrary...

9.5CVSS6.6AI score0.00236EPSS

Exploits0References5

Vulnrichment•added 2025/05/05 6:16 p.m.•5 views

CVE-2025-4318 Input validation issue in AWS Amplify Studio UI component properties

9.5CVSS6.6AI score0.00236EPSS

Exploits0References3

CNNVD•added 2025/05/05 12:0 a.m.•2 views

Amplify Codegen UI 安全漏洞

Amplify Codegen UI is an AWS Amplify open source React component generated for use in the AWS Amplify project. A security vulnerability exists in Amplify Codegen UI that stems from a lack of input validation for AWS Amplify Studio UI component property expressions, which could lead to the executi...

9.5CVSS8.7AI score0.00236EPSS

Exploits0References2

Positive Technologies•added 2025/05/05 12:0 a.m.•2 views

PT-2025-19763

Name of the Vulnerable Software and Affected Versions aws-amplify/amplify-codegen-ui affected versions not specified Description The issue is related to a lack of input validation in the AWS Amplify Studio UI component property expressions. This could potentially allow an authenticated user who h...

9.5CVSS7.5AI score0.00236EPSS

Exploits0References27

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by