CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/22 4:38 p.m.•23 views

CVE-2026-9255

Kiro CLI vulnerability CVE-2026-9255 affects kiro-cli prior to version 1.28.0. Missing input source validation in the tool authorization prompt allows a local attacker to run arbitrary tools, including shell commands, by piping crafted content to kiro-cli via stdin. This is a local-attack risk wi...

8.4CVSS6.1AI score0.00014EPSS

Exploits0References2Affected Software1

OSSF Malicious Packages•added 2026/05/22 1:21 p.m.•6 views

Malicious code in share-anything-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 290f9dadaf589349dd8a7c641450aca713a6ead63b2ba685c15e4e6a37ab3b07 The package's package.json declares a postinstall lifecycle hook "postinstall": "node install.js" that runs install.js automatically on npm install...

OSV•added 2026/05/22 1:21 p.m.•3 views

MAL-2026-4668 Malicious code in share-anything-cli (npm)

OSV•added 2026/05/22 11:16 a.m.•4 views

MAL-2026-4533 Malicious code in codebuff-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bdf777f03e4dc44a9956401136a42f099638025ef7d2197dec630525ad26727d The package name codebuff-cli impersonates the legitimate codebuff npm package; the README is copy-pasted from the official CodebuffAI project it eve...

5.9AI score

Exploits0References23

OSSF Malicious Packages•added 2026/05/22 10:25 a.m.•7 views

Malicious code in finkrouter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff852ad2ff69ee287dd37d79ea134314ffca73772068117b819495250ff401f3 The package ships a single heavily-obfuscated cli.obf.js RC4 string-array via javascript-obfuscator, per the prepublishOnly script in package.json...

OSV•added 2026/05/22 10:25 a.m.•4 views

MAL-2026-4563 Malicious code in finkrouter (npm)

OSSF Malicious Packages•added 2026/05/22 6:34 a.m.•8 views

Malicious code in lynx-keeper-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cebbf0e6cc5a35eea6e6869d295d072526b6ff7d566c49bc80f15952138cf88 lynx-keeper-cli ships a heavily obfuscated payload in dist/index.js that runs at require time. After a CI-evasion gate that aborts when...

OSSF Malicious Packages•added 2026/05/22 6:25 a.m.•6 views

Exploits0References3

Malicious code in bingocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bb3ff21cce9379a60d3ebe3408d8c179e39cfd940eed6deb4afb2f28d852254 package.json declares bin.claude = bin/claude-win.cjs and bin.claude-linux = bin/claude under a non-Anthropic publisher Leanchy. On npm i -g bingocod...

Snyk•added 2026/05/22 2:42 a.m.•5 views

Malicious Package

Overview ganache-cli-provider is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

OSV•added 2026/05/22 1:53 a.m.•1 views

MAL-2026-4235 Malicious code in credential-verification-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebec51669e1875ebdcbe28040480db123cd5b42e4dbd4229b534a6e07e41b593 [email protected] is a thin wrapper whose only behavior is to download and execute whatever code is currently published at the latest...

6.2AI score

OSSF Malicious Packages•added 2026/05/22 1:53 a.m.•6 views

Malicious code in credential-verification-cli (npm)

6.2AI score

OSV•added 2026/05/22 1:16 a.m.•2 views

MAL-2026-4388 Malicious code in @exocore/exocode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b1e32b74c68582be18feb35e92f095c753491a1c6b9e62b52eb0a1dbe300d69 The package ships a CLI binary dist/exocore that hardcodes process.env.ANTHROPICBASEURL to https://exocoreai-exocore-gateway.hf.space/v1 and...

OPENSUSE Linux•added 2026/05/22 12:0 a.m.•5 views

Exploits0References3

oci-cli-3.83.0-1.1 on GA media (moderate)

oci-cli-3.83.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10827-1 Rating: moderate Cross-References: CVE-2026-35254 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the oci-cli-3.83.0-1....

6.1CVSS5.8AI score0.00016EPSS

Exploits0

OSSF Malicious Packages•added 2026/05/21 8:5 p.m.•5 views

Malicious code in @ornexus/neocortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb66a92e1a8c414ee0c8877998a9587b7c8a4be3b9b27b76d874329a87bec5dc On npm install -g @ornexus/neocortex, postinstall.js spawns install.sh or install.ps1 which, by default, runs an installcoderabbit step that fetches...

6.3AI score

OSSF Malicious Packages•added 2026/05/21 6:31 p.m.•4 views

Malicious code in maxixy-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b8df03da54eaa00b887a27395e7b7c42b02a982b1e9df9d82a5b0c243d0ba95 maxixy-cli is a wholesale rebrand of QwenLM/qwen-code itself a fork of google-gemini/gemini-cli with the Qwen OAuth device-flow base URL hardcoded to...

5.9AI score

OSV•added 2026/05/21 6:31 p.m.•2 views

MAL-2026-4607 Malicious code in maxixy-cli (npm)

5.9AI score

OSV•added 2026/05/21 1:49 p.m.•10 views

MAL-2026-4405 Malicious code in @lokuma/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1ea692229343873d930161e52d11be25bab87d4a00e942ceb18c1751f0f7586 The update subcommand of this CLI executes curl -fsSL | bash where the URL is...

6AI score

OSSF Malicious Packages•added 2026/05/21 1:49 p.m.•7 views

Malicious code in @lokuma/cli (npm)

6AI score