Lucene search
K

5 matches found

OSV
OSV
added 2026/06/24 7:21 a.m.5 views

MAL-2026-6378 Malicious code in macos-ci-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f342b002e02396d7f82ee89e77140204c35b673411afd05bc1b3ca91c895a06 On first require of the package, index.js decodes a base64-encoded URL https://api.ingress-hub.com/cdn/assets/update.pkg and downloads the response t...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/06/22 12:0 p.m.50 views

MAL-2026-6309 Malicious code in @nullzero/urlcat (npm)

@nullzero/urlcat version 1.4.2, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern [email protected], with...

6.4AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 5:30 p.m.14 views

Malicious code in boardstep (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d23139a90bc62310843522a9f8c266cf11ec4166f7a493072bf93b7d8ec05b0c The package wires all three npm lifecycle hooks preinstall, install, postinstall in package.json to run install.js, which downloads...

5.3AI score
Exploits0References9
AlpineLinux
AlpineLinux
added 2026/04/03 9:18 p.m.6 views

CVE-2026-34980

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server...

7.5CVSS6.1AI score0.00502EPSS
Exploits1References1
OSV
OSV
added 2026/02/06 5:16 p.m.7 views

CVE-2026-2103

Infor SyteLine ERP uses hard-coded static cryptographic keys to encrypt stored credentials, including user passwords, database connection strings, and API keys. The encryption keys are identical across all installations. An attacker with access to the application binary and database can decrypt a...

7.8CVSS5.8AI score0.00097EPSS
Exploits1References1
Rows per page
Query Builder