CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2343 matches found

OSV•added 2025/11/12 4:29 a.m.•6 views

MAL-2025-148159 Malicious code in spica-cypress-barnard-bootstrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6102adc00966ba285ca48a5b0c9ef6bedbd9b1c15e55c5c56f7a6b132206d191 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•0 views

MAL-2025-140104 Malicious code in bootstrap-fornax-test-atlas (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b6adf60ba9bef1c75805ea586f8259b5b5ddb53f5837ecb17beec187d724952 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•5 views

MAL-2025-147073 Malicious code in react-bootstrap-rocket-async-meteor (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a6eed4998bf00e59d674933b76fbf9a1a5c4a158d6c5f0892cc4c658ac9d96f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•3 views

MAL-2025-140574 Malicious code in ceres-react-bootstrap-gatsby-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf3b4e726dde90fa56bb930d14a2e37b38d2948bf534b5ec6b166ca2e2d78a12 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•2 views

MAL-2025-147072 Malicious code in react-bootstrap-publish-concurrently-command (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40ca53b27778645d89b96eb595882242733d814a4cfe82678efc4b8e67b9ab61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-140110 Malicious code in bootstrap-janus-spica-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bb8df0cbaee112cc2fa35b1b834732111d81069400cdaf6f347189357c40e90 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•4 views

MAL-2025-147050 Malicious code in react-bootstrap-achernar-procyon-mini-css-extract-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 47c1b7077ae1d503d6fa1608613dae97013280d40f52920ea01fd87b77227ec8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•4 views

MAL-2025-145254 Malicious code in mysql-meissa-react-bootstrap-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e0eb4b60620a7189a9a4bc23c417244da08f5afdfb4839b12a5e386e93d14ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•3 views

MAL-2025-144196 Malicious code in koa-module-bootstrap-spica (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91a4cb222471bc51975749e78a4951f374ebdaaf33f053ab57fbcd73c4c00e15 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-141984 Malicious code in element-ui-spinner-bootstrap-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 955b49c0bd95c502fd03223c8164d7331c570f17e89327a7346c250f55ee2f63 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•2 views

MAL-2025-140119 Malicious code in bootstrap-rollup-figures-auriga (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc950508599104478cefa863ecb90a39d15f9b7095bafe4d9c802576eb00031f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-115999

Malicious code in bootstrap-fornax-miranda-yakutsk npm...

OSV•added 2025/11/12 4:29 a.m.•4 views

MAL-2025-147071 Malicious code in react-bootstrap-polaris-prompts-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70ab5c4a923aa2e466ecbc96e0eac3c8a5009b0e4895c85f60cfa56187d7f5e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•3 views

Malicious code in thuban-link-bootstrap-flare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 733981bb19ff12b4cfcabe59bf6a8a94808fb30163e1dc15d296f1c523f55cc7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•3 views

MAL-2025-143552 Malicious code in impulse-react-bootstrap-gacrux-stream (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eeeb91210fb4388357c7e75117778a2bbbfacf234dd1abd657a2fb9009212a46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-140122 Malicious code in bootstrap-standard-yonder-miranda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 062ac6199e03c58154dfd853a5ca4b290af0a81c5f809ac9ac34e7cacfdfed49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-111261

Malicious code in mensa-halley-bootstrap-rocket npm...

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-122888

Malicious code in rate-limiter-cluster-react-bootstrap-ariel npm...

RedhatCVE•added 2025/11/12 3:46 a.m.•8 views

CVE-2025-11822

The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5AI score0.00237EPSS

Exploits0References1

EUVD•added 2025/11/11 6:30 a.m.•2 views

EUVD-2025-60976

The WP Bootstrap Tabs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bootstraptab' shortcode in all versions up to, and including, 1.0.4. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS4.7AI score0.00237EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by