CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in @antv/f-charts (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score

Exploits0References4

OSV•added 2026/05/19 12:0 a.m.•5 views

MAL-2026-3854 Malicious code in @antv/ava-react (npm)

5.8AI score

Exploits0References5

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in ai-figure (npm)

5.8AI score

Exploits0References4

OSV•added 2026/05/19 12:0 a.m.•4 views

MAL-2026-3872 Malicious code in @antv/dipper-map (npm)

5.8AI score

Exploits0References4

OSV•added 2026/05/19 12:0 a.m.•8 views

MAL-2026-3953 Malicious code in @antv/g-plugin-svg-picker (npm)

5.8AI score

Exploits0References4

OSV•added 2026/05/19 12:0 a.m.•5 views

MAL-2026-4060 Malicious code in @antv/li-analysis-assets (npm)

5.8AI score

Exploits0References5

RedHat Linux•added 2023/02/23 12:1 a.m.•4 views

jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git

A flaw was found in the Git Jenkins plugin. The affected versions of the Git Jenkins Plugin allow attackers to trigger the builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

8.8CVSS5.8AI score0.0058EPSS

Exploits0References5

RedHat Linux•added 2023/02/08 6:41 p.m.•5 views

jenkins-plugin: Cross-site Request Forgery (CSRF) in org.jenkins-ci.plugins:git

8.8CVSS5.8AI score0.0058EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by