CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Chainguard•added 2026/03/20 7:17 a.m.•3 views

GHSA-Q382-VC8Q-7JHJ vulnerabilities

Vulnerabilities for packages: ferretdb, jaeger-fips, opencost-fips, datadog-agent, datadog-agent-fips, flux-operator-fips, gitlab-workhorse-ce, jaeger, livekit-cli, osv-scanner, opencost, flux-operator, gitlab-workhorse-ce-fips, glab...

Chainguard•added 2026/03/20 7:17 a.m.•1 views

GHSA-89XV-2J6F-QHC8 vulnerabilities

Chainguard•added 2026/03/20 7:17 a.m.•2 views

CVE-2026-33252 vulnerabilities

7.1CVSS6.3AI score0.00178EPSS

Snyk•added 2026/03/20 4:49 a.m.•1 views

Malicious Package

Overview novi-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score

Exploits0References2

Snyk•added 2026/03/20 4:49 a.m.•3 views

Malicious Package

Overview couplus-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score

Exploits0References2

OSSF Malicious Packages•added 2026/03/20 4:49 a.m.•7 views

Malicious code in couplus-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0c78a6293dc26a858801e92b94142c0fb6ab09c558b39900095be8a8aef9a52 The package couplus-cli was found to contain malicious code. Source: ghsa-malware 469c68fc4282e268dbe121670070e4a148ec18adaad72317ca06de47eed59217 An...

OSSF Malicious Packages•added 2026/03/20 4:49 a.m.•7 views

Malicious code in novi-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...

OSV•added 2026/03/20 4:49 a.m.•3 views

MAL-2026-1961 Malicious code in novi-cli (npm)

OSV•added 2026/03/20 4:49 a.m.•3 views

MAL-2026-1944 Malicious code in couplus-cli (npm)

OPENSUSE Linux•added 2026/03/20 12:0 a.m.•5 views

tempo-cli-2.10.3-1.1 on GA media (moderate)

tempo-cli-2.10.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10390-1 Rating: moderate Cross-References: CVE-2026-28377 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

7.5CVSS5.8AI score0.00155EPSS

RedhatCVE•added 2026/03/19 3:38 p.m.•1 views

CVE-2026-33002

A flaw was found in Jenkins. A remote attacker could exploit a vulnerability in the origin validation of requests made through the Command Line Interface CLI WebSocket endpoint. By manipulating the Host or X-Forwarded-Host HTTP headers, an attacker can perform Domain Name System DNS rebinding...

7.5CVSS5.8AI score0.00297EPSS

Exploits0References4

vulnersOsv•added 2026/03/18 8:7 p.m.•4 views

au.csiro.pathling:encoders (>=5.1.0 <=9.5.0), au.csiro.pathling:fhir-server (>=5.3.1 <=7.2.0) +321 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4 (>=0.0.1 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.r4 MAVEN version =0.0.1, =5.1.0, =5.3.1, =6.2.1, =5.3.1, =5.3.1, =5.3.0, =0.0.9, =5.6.5, =4.0.0, =5.6.5, =4.1.0, =4.0.3, =4.1.0, =4.0.0, =5.2.1 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

7.5CVSS5.4AI score0.00245EPSS

vulnersOsv•added 2026/03/18 8:7 p.m.•3 views

ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=3.4.0 <=8.8.1), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.7.7 <=7.4.5) +208 more potentially affected by CVE-2026-33180 via ca.uhn.hapi.fhir:org.hl7.fhir.r4b (>=5.6.22 <=6.8.2)

ca.uhn.hapi.fhir:org.hl7.fhir.r4b MAVEN version =5.6.22, =3.4.0, =5.7.7, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =6.2.0, =6.8.0, =6.4.0, =5.7.0, =5.7.0, =5.7.0, =5.7.0, =5.7.7, =6.8.0 and more Source cves: CVE-2026-33180 Source advisory: OSV:GHSA-P7M9-V2CM-2H7M...

7.5CVSS5.4AI score0.00245EPSS

OSV•added 2026/03/18 6:31 p.m.•2 views

GHSA-PHHV-63FH-RRC8 Jenkins has a DNS rebinding vulnerability in WebSocket CLI origin validation

Jenkins 2.442 through 2.554 both inclusive, LTS 2.426.3 through LTS 2.541.2 both inclusive performs origin validation of requests made through the CLI WebSocket endpoint by computing the expected origin for comparison using the Host or X-Forwarded-Host HTTP request headers, making it vulnerable t...

7.5CVSS6.1AI score0.00297EPSS

Exploits0References4

Snyk•added 2026/03/18 4:9 p.m.•2 views

Insecure Temporary File

Overview @capgo/cli is an A CLI to upload to capgo servers Affected versions of this package are vulnerable to Insecure Temporary File via unsafe file operations that follow symlinks and do not enforce secure permissions. An attacker can overwrite arbitrary files or expose sensitive credential...

8.6CVSS5.9AI score

Exploits0References4

ATTACKERKB•added 2026/03/18 3:15 p.m.•5 views

CVE-2026-33002

5.8AI score0.00297EPSS

Exploits0References2

OSV•added 2026/03/18 1:1 p.m.•3 views

MAL-2026-1802 Malicious code in node-cli-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b7df6bef20ed41b1a5c7e3ca57da4665f799cfcc6d6cf27b6dc87f8fa0560bc The package node-cli-dotenv was found to contain malicious code...

OSSF Malicious Packages•added 2026/03/18 12:47 p.m.•6 views

Malicious code in dotenv-node-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5f6b181cb56922381245597b93fd06147dd83845cd9467098172f6eab07a7c0 The package dotenv-node-cli was found to contain malicious code...