Lucene search
K

248 matches found

Snyk
Snyk
added 2026/06/17 6:6 p.m.7 views

Covert Storage Channel

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Covert Storage Channel via the...

9.1CVSS5.9AI score0.00403EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/06 7:4 p.m.4 views

Command Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Command Injection via improper...

7.7CVSS6.1AI score0.00264EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/03 7:33 p.m.3 views

Arbitrary Code Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via th...

8.8CVSS6AI score0.00562EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/03 7:32 p.m.4 views

Directory Traversal

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Directory Traversal via the ZSH...

7.7CVSS6.5AI score0.00464EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:59 p.m.7 views

Malicious code in ids-enterprise-mcp-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7eff48b53ace7d90fb4a9c05eb62e2e8e1b6540f5dd4058611b4aa8203057276 The package ids-enterprise-mcp-server was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:40 p.m.6 views

Malicious code in @strapbuild/react-native-perspective-image-cropper-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e2f74d9d1d21777c83aa98d57c78a19a6161665a8af16c87f380f0d5b8139e The package @strapbuild/react-native-perspective-image-cropper-2 was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/11/19 8:33 p.m.6 views

Arbitrary Code Injection

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to Arbitrary Code Injection via ya...

9.8CVSS7.9AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-188394 Malicious code in octans-yakutsk-dotenv-leda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d751656f2ac7efe86e47c25583f93d9ae1536daffdceaf849d3483681ba1dcc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179573

Malicious code in cordelia-websockets-yakutsk-quark npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in socketio-elara-europa-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 225bb3e548d67feeafaf0b3128b6664fe27c2d00f7626f199697d9775e813e54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in key-class-optimize-notify-fire (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d94bf43315a8c1c2893814e9659a334209b0e31030d5d9e792fbd92c4daf7c1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in jwt-mutation-dagda-octans (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e2929db64171afec57703302466935401c6763c0dcb88032f7433c14889af5a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-188719 Malicious code in pipe-got-filament-xenon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7b64a0c0583f810c7bf936719ae9719767e9f1dfbc35d94dfc570626eb634fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.3 views

MAL-2025-182817 Malicious code in itale-adci-akontolbapakmuulolotlsrtjygfsri (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4733999062be85fdee2b9a79199ded07ab2d57785a8b5a8aadf3cb855ffc46e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/12 10:25 p.m.2 views

EUVD-2025-136338

Malicious code in itale-adci-ggpantekkoyu npm...

6.6AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.4 views

MAL-2025-183010 Malicious code in itale-dci-rr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbd9c5061aa2c7a094df9d44f198af6643c3f6b5d139bfa22562b8896bb69fc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.3 views

MAL-2025-184899 Malicious code in sonic-jos-affoa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 598d9f3aa2d6680dafcabadf73b5be6d33aa841560a0ff888cbf95f624acd953 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 10:25 p.m.4 views

MAL-2025-184267 Malicious code in modiov-khan-avcafivaivuvagavacd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f387025f08622866d5e7d334b2064e4902cbd4f2021c00e41571444e25268a3c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/12 8:46 p.m.3 views

MAL-2025-180829 Malicious code in teate-thy-sonic-parlub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0decd21a301fc2bfd3effb61c8824c1244cd7678312cc02f887b4bdb854b482 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Rows per page
Query Builder