CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•15 views

Malicious code in @antv/l7-maps (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score

Exploits0References5

vulnersOsv•added 2026/05/18 9:0 p.m.•2 views

@antv/l7 (>=2.1.13 <=2.25.10), @antv/l7-component (>=2.21.4 <=2.25.10) +8 more potentially affected by unknown CVE via @antv/l7-maps (>=2.10.0 <=2.25.9)

@antv/l7-maps NPM version =2.10.0, =2.1.13, =2.21.4, =2.1.13, =2.10.0, =2.10.0, =2.1.13, =2.1.13, =2.10.0, =1.0.0, =1.0.17, =1.0.18 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVL7MAPS-16754835...

5.5AI score

Exploits0

vulnersOsv•added 2026/05/18 9:0 p.m.•3 views

@antv/l7 (>=2.10.0 <=2.25.10), @antv/l7-component (>=2.21.4 <=2.25.10) +7 more potentially affected by unknown CVE via @antv/l7-map (>=2.10.0 <=2.25.9)

@antv/l7-map NPM version =2.10.0, =2.10.0, =2.21.4, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =2.10.0, =1.0.0, =1.0.17, =1.0.18 Source cves: unknown CVE Source advisory: SNYK:JS-ANTVL7MAP-16754443...

5.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by