Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8362 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 1:54 p.m.10 views

Malicious code in @marketplace-shared/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98933a5f467c2a623815ed46e5baf6838ba6e86e8055b48d4941da3bf59e5c41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/11 1:54 p.m.4 views

MAL-2026-5658 Malicious code in @marketplace-shared/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98933a5f467c2a623815ed46e5baf6838ba6e86e8055b48d4941da3bf59e5c41 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
Snyk
Snykadded 2026/06/11 1:54 p.m.2 views

Malicious Package

Overview @ntnx/nx-react-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snykadded 2026/06/11 1:54 p.m.4 views

Malicious Package

Overview @marketplace-shared/components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 1:54 p.m.8 views

Malicious code in experian-analytics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b17ea66ee9c256e21971184546b027011520942070236a348fe0da478b5ac66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/11 1:54 p.m.3 views

MAL-2026-5667 Malicious code in experian-analytics-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b17ea66ee9c256e21971184546b027011520942070236a348fe0da478b5ac66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
Snyk
Snykadded 2026/06/11 1:54 p.m.4 views

Malicious Package

Overview experian-analytics-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 12:30 p.m.7 views

Malicious code in @tt-aem-tt4a/shared-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 817c1920ad6f83b25d8fd32b77999376a6ad3b5448e93e7b0b66cce72ec4dac0 The OpenSSF Package Analysis project identified '@tt-aem-tt4a/shared-components' @ 10.0.0 npm as malicious. It is considered malicious because: ...

5.4AI score
Exploits0
OSV
OSVadded 2026/06/11 12:30 p.m.4 views

MAL-2026-5639 Malicious code in @tt-aem-tt4a/shared-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 817c1920ad6f83b25d8fd32b77999376a6ad3b5448e93e7b0b66cce72ec4dac0 The OpenSSF Package Analysis project identified '@tt-aem-tt4a/shared-components' @ 10.0.0 npm as malicious. It is considered malicious because: ...

5.4AI score
Exploits0
RedhatCVE
RedhatCVEadded 2026/06/10 11:33 p.m.6 views

CVE-2026-45359

A flaw was found in ImageMagick. A local attacker could exploit this vulnerability by providing an invalid 'connected-components:keep-top' value during image processing. This could lead to a heap buffer over-read, potentially resulting in information disclosure or a denial of service DoS...

7.1CVSS5.2AI score0.00137EPSS
Exploits0References4
OSV
OSVadded 2026/06/10 11:16 p.m.4 views

UBUNTU-CVE-2026-47734

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.3AI score0.00328EPSS
Exploits0References3
NVD
NVDadded 2026/06/10 10:16 p.m.4 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/10 9:27 p.m.9 views

CVE-2026-34077

A flaw was found in React Router versions 7.7.0 through 7.13.1. When using the unstable React Server Components RSC APIs, insufficient sanitization of redirect targets allows client-side cross-site scripting if redirects originate from untrusted sources. An attacker could inject script that...

7.5CVSS5.2AI score0.00258EPSS
Exploits0References4
EUVD
EUVDadded 2026/06/10 9:26 p.m.4 views

EUVD-2026-36160

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00137EPSS
Exploits0References1
CVE
CVEadded 2026/06/10 9:26 p.m.30 views

CVE-2026-45359

CVE-2026-45359 (ImageMagick) : A flaw in the connected-components operation arises from an invalid keep-top value, which can cause a heap buffer over-read. This affects ImageMagick versions prior to 6.9.13-48 and 7.1.2-22. The issue is mitigated by the patched releases 6.9.13-48 and 7.1.2-22. Upg...

5.7CVSS5.5AI score0.00137EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/10 9:26 p.m.5 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00137EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/06/10 9:26 p.m.23 views

CVE-2026-45359 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS0.00137EPSS
Exploits0References1
Debian CVE
Debian CVEadded 2026/06/10 9:26 p.m.6 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00137EPSS
Exploits0
AlpineLinux
AlpineLinuxadded 2026/06/10 9:26 p.m.6 views

CVE-2026-45359

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-48 and 7.1.2-22, an invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation. This issue has been...

5.7CVSS5.5AI score0.00137EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2026/06/10 7:42 p.m.6 views

Important: Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.28.2 Release.

Red Hat OpenShift Dev Spaces 3.28.2 has been released. This release provides security fixes for Dev Spaces components. https://access.redhat.com/support/policy/updates/openshiftcrw...

9.8CVSS6.8AI score0.00559EPSS
Exploits6References9
Rows per page
Query Builder