CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7911 matches found

OSSF Malicious Packages•added 2025/11/24 10:51 p.m.•3 views

Malicious code in csv-tool-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4710ebc34f0c5b28d34c41d165d2fff2c6ea04e90038226c7b328283319dd2a4 The package csv-tool-cli was found to contain malicious code. Source: ghsa-malware 7a82657ae868943eebe70053efe5b50087b24ce2a81a2c5eccca35dcb483a1f2 A...

6.9AI score

Exploits0References4

OSSF Malicious Packages•added 2025/11/24 10:45 p.m.•6 views

Malicious code in blinqio-executions-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9e5a96fa18543da294b321a481fba9ad03884c6ca9387794f923c84892966be The package blinqio-executions-cli was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

OSV•added 2025/11/24 10:45 p.m.•2 views

MAL-2025-191076 Malicious code in blinqio-executions-cli (npm)

6.8AI score

Exploits0References4

EUVD•added 2025/11/24 10:45 p.m.•2 views

EUVD-2025-199186

Malicious code in blinqio-executions-cli npm...

6.6AI score

Exploits0References1

OSSF Malicious Packages•added 2025/11/24 10:42 p.m.•6 views

Malicious code in arc-cli-fc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6214b07e01a7c332d90dc0c32f225b76b8a3a8733256c42038ba1a6494a1794 The package arc-cli-fc was found to contain malicious code. Source: ghsa-malware 2b66690547df94d6cac227e7ed304d7408b2344131612b96fd60575122bf7cbe Any...

6.9AI score

Exploits0References4

OSV•added 2025/11/24 10:42 p.m.•2 views

MAL-2025-191064 Malicious code in arc-cli-fc (npm)

6.8AI score

Exploits0References4

EUVD•added 2025/11/24 10:42 p.m.•2 views

EUVD-2025-199191

Malicious code in arc-cli-fc npm...

6.6AI score

Exploits0References1

vulnersOsv•added 2025/11/24 9:26 p.m.•4 views

@kitalive/sfdx-plugin (>=0.1.2 <=0.1.3), @salesforce/data (>=0.0.3 <=0.1.8) +4 more potentially affected by unknown CVE via template-lib (=1.1.2)

template-lib NPM version =1.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on template-lib and may be impacted: - @kitalive/sfdx-plugin =0.1.2, =0.0.3, =0.0.3, =51.6.0, =7.94.1, =7.115.1 - sfdx-node =3.1.0 Source cves: unknown CVE Source advisory:...

5.8AI score

Exploits0

vulnersOsv•added 2025/11/24 9:23 p.m.•5 views

@jbrowse/core (>=1.4.0 <=1.7.3), @persistr/js (>=3.6.3 <=3.14.0) +5 more potentially affected by unknown CVE via tenacious-fetch (=2.3.1)

tenacious-fetch NPM version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tenacious-fetch and may be impacted: - @jbrowse/core =1.4.0, =3.6.3, =1.0.5, =1.0.0, =1.2.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191023...

5.8AI score

Exploits0

Snyk•added 2025/11/24 8:33 p.m.•2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score

Exploits0References3

OSSF Malicious Packages•added 2025/11/24 4:31 p.m.•5 views

Malicious code in @postman/postman-mcp-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10b1da432f0b6ecaccc97520bb9697e6dbf44b04415bd15e6ac9864c86f3b37e The package @postman/postman-mcp-cli was found to contain malicious code. Source: google-open-source-security...

6.9AI score

Exploits0References3

vulnersOsv•added 2025/11/24 4:31 p.m.•5 views

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-linux-x64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-linux-x64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190903...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2025/11/24 4:31 p.m.•4 views

Malicious code in @mcp-use/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d5826632c7194cdf9ed00c672477f5c1c8a250a107013f1edc0b803d948e471 The package @mcp-use/cli was found to contain malicious code. Source: google-open-source-security...

6.9AI score

Exploits0References3

vulnersOsv•added 2025/11/24 4:31 p.m.•2 views

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-windows-x64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-windows-x64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190906...

5.8AI score

Exploits0

vulnersOsv•added 2025/11/24 4:31 p.m.•5 views

@localstack/localstack-mcp-server (>=0.2.0 <=0.4.0), @posthog/nuxt (>=0.0.5 <=1.2.8) +4 more potentially affected by unknown CVE via posthog-node (>=5.0.0 <=5.13.2)

posthog-node NPM version =5.0.0, =0.2.0, =0.0.5, =0.62.0, =20.7.1-alpha.134, =0.0.0-client-js-listmessages-agentid-fix-20251119175531, =1.0.0-beta.9 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190925...

5.8AI score

Exploits0

EUVD•added 2025/11/24 4:31 p.m.•1 views

EUVD-2025-198917

Malicious code in @postman/postman-mcp-cli npm...

6.6AI score

Exploits0

vulnersOsv•added 2025/11/24 4:31 p.m.•5 views

postman-cli (>=1.16.0-canary.1 <=1.24.2) potentially affected by unknown CVE via @postman/pm-bin-macos-arm64 (>=1.16.0-canary.1 <=1.24.2)

@postman/pm-bin-macos-arm64 NPM version =1.16.0-canary.1, =1.16.0-canary.1, =1.24.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-190904...

5.8AI score

Exploits0