CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/03/24 4:0 p.m.•1 views

Malicious code in ssh-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d42bf2b2b77d94173694ed6e952fc5efb2d0de3b04f237f15ffa9470809a321e The package ssh-common was found to contain malicious code...

5.9AI score

OSSF Malicious Packages•added 2026/03/24 3:59 p.m.•3 views

Malicious code in securefiles-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9e6eb158a4a31560fd7d020c4644db9f8795bf0049b5e15a5ab5cccea05e68ee The package securefiles-common was found to contain malicious code...

5.9AI score

vulnersOsv•added 2026/03/10 1:12 a.m.•3 views

@oneuptime/cli (>=10.0.10 <=10.0.20) potentially affected by CVE-2026-30957 via @oneuptime/common (>=10.0.10 <=10.0.20)

@oneuptime/common NPM version =10.0.10, =10.0.10, =10.0.20 Source cves: CVE-2026-30957 Source advisory: OSV:GHSA-JW8Q-GJVG-8W4Q...

9.9CVSS5.8AI score0.00112EPSS

Exploits1

vulnersOsv•added 2026/03/07 2:39 a.m.•2 views

@oneuptime/cli (>=10.0.10 <=10.0.19) potentially affected by CVE-2026-30921 via @oneuptime/common (>=10.0.10 <=10.0.19)

@oneuptime/common NPM version =10.0.10, =10.0.10, =10.0.19 Source cves: CVE-2026-30921 Source advisory: OSV:GHSA-4J36-39GM-8VQ8...

9.9CVSS5.8AI score0.00022EPSS

Exploits1

vulnersOsv•added 2026/03/05 12:59 a.m.•0 views

dbt-databricks (>=1.11.1 <=1.11.3) potentially affected by CVE-2026-29790 via dbt-common (=1.36.0)

dbt-common PYPI version =1.36.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbt-common and may be impacted: - dbt-databricks =1.11.1, =1.11.3 Source cves: CVE-2026-29790 Source advisory: OSV:GHSA-W75W-9QV4-J5XJ...

5.3CVSS5.8AI score0.00097EPSS

Tenable Nessus•added 2026/01/30 12:0 a.m.•4 views

SUSE SLES15 / openSUSE 15 Security Update : kubernetes (SUSE-SU-2026:0325-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0325-1 advisory. This update for kubernetes rebuilds it against the current GO security release. Tenable has extracted the preceding descriptio...

6AI score

OSSF Malicious Packages•added 2026/01/16 12:10 a.m.•4 views

Malicious code in nyse-web-tools-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b342ea907a70673cd21fd5f5a5de071c5af10278ab0cdc695cdd98e37bb8063 The package nyse-web-tools-common was found to contain malicious code. Source: ghsa-malware...

6.9AI score

EUVD•added 2025/12/01 4:16 p.m.•2 views

EUVD-2025-200060

Malicious code in debug-common npm...

6.6AI score

OSSF Malicious Packages•added 2025/11/25 12:16 a.m.•5 views

Malicious code in @voiceflow/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31b6225a913c42ff3e119872d881af1992d5de51a2cf9632f3c055a8fd577c9 The package @voiceflow/common was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

Snyk•added 2025/11/24 4:24 p.m.•1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score

Exploits0References3

OSV•added 2025/10/30 5:38 p.m.•1 views

MAL-2025-49174 Malicious code in epic-node-services-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a56c7af2b6009234c70bfecc0a432077b5d114c759db50acb84b2841c2ee452 The package epic-node-services-common was found to contain malicious code...

EUVD•added 2025/10/30 5:38 p.m.•1 views

EUVD-2025-37119

Malicious code in epic-node-services-common npm...

6.6AI score

OSSF Malicious Packages•added 2025/10/30 5:38 p.m.•2 views

Malicious code in epic-node-services-common (npm)

OSSF Malicious Packages•added 2025/10/07 2:42 p.m.•2 views

Malicious code in java-common (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 555d7c368b052227256d6f6b35ce4b6d84da939df3127667ff6e73515dbee1bd Any computer that has this package installed or running should be considered...

6.8AI score

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in @citi-gcg-167407/web-common (npm)

The package @citi-gcg-167407/web-common was found to contain malicious code...

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in @citi-gcg-167407/common (npm)

The package @citi-gcg-167407/common was found to contain malicious code...

vulnersOsv•added 2025/08/14 6:52 p.m.•2 views

@artemislunapatron/common (>=1.0.4 <=1.0.14), pwp-core (>=1.0.0 <=1.2.4) +1 more potentially affected by unknown CVE via exprss (=0.0.1-security)

exprss NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on exprss and may be impacted: - @artemislunapatron/common =1.0.4, =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-20100...

5.8AI score

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-7125 Malicious code in @citi-gcg-167407/web-common (npm)

The package @citi-gcg-167407/web-common was found to contain malicious code...

7.2AI score

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-7045 Malicious code in @adzu/common (npm)

The package @adzu/common was found to contain malicious code...

7.2AI score