CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/02/03 3:54 a.m.•4 views

Malicious code in netlify-project-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d2c95931ae7b5a6c572ebecb2cd096bd4cef37bcf61a440cbb2338062f4a836 The package netlify-project-helper was found to contain malicious code. Source: ghsa-malware...

5.4AI score

OSSF Malicious Packages•added 2026/01/19 12:57 a.m.•7 views

Malicious code in @cda-apps/source (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b5806c1f8be7708beab46a8c3d8c222da577363ce72533ed3fb40aadd28a7c2 The package @cda-apps/source was found to contain malicious code. Source: ghsa-malware 356aaa5e677bd040b40c0cec9325f05ae0c9e0e05c364bc0db6ba9837d4607...

5.5AI score

OSSF Malicious Packages•added 2025/09/15 2:27 a.m.•2 views

Malicious code in newrelic-pixie (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16c7baf5c47666c1407211c9fb57ede68cd4a7eea34bd8e591af32fd24c11f5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/07/12 4:16 a.m.•1 views

MAL-2025-6127 Malicious code in spl-token-v2 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...

OSV•added 2025/05/28 5:52 a.m.•1 views

MAL-2025-4533 Malicious code in rm-api-services (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea2d07f3cf2fca9f2d9c28bb289065312eb770f303ac487e0ffe75bba11604a2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/05/14 9:1 a.m.•2 views

Malicious code in middy-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2680c1b38c5fec59b6d12311259c4f6af0119a326ab6f798afe61497f8ce2744 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/04/19 2:8 p.m.•3 views

Exploits0References4

Malicious code in fine-packages (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efa7db7b7f29b44c0f53be5db51efa983975a15a5343fd0adf918ed6f7284c52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/03/11 9:36 p.m.•2 views

Malicious code in react-textfit-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd133ed4ff9a23964d050578a197c7d8d9a45ba07d60f2d3b031b350bae49370 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/02/28 4:25 p.m.•2 views

Malicious code in rpsreadserv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7613e616eae562e968e6493bca504a1081311fa7b668cab5883c22f7468f19b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/11/13 11:51 p.m.•2 views

Malicious code in listing-sc-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca7ca721c36f92794765cd58e98883bb502ec8acf998733b4ea78773c9b7868f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/11/06 5:55 a.m.•2 views

Malicious code in code-analysis-ts-for-sellercenter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74562e2ce31e022d691644a9e71592ee149d99d6988a02f47bd35197d549c1f2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/10/10 6:34 a.m.•2 views

Malicious code in xs2aframe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29d82f0ee0d084351e6fb2f1a8532e979d9c8f65c66d35ea835060c758327a67 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/09/02 1:42 a.m.•2 views

Malicious code in @diotoborg/facilis-nihil-quae (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfd54cacc89e540b79cd9a88406fd35ee1bf1c6fce9ff31175f27bd203848a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/09/02 1:42 a.m.•3 views

Malicious code in @diotoborg/illum-eaque (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71e09e8510023191998680b97e3c756f0142eea533f5ce3a293e04112edbc71e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/06/10 4:56 p.m.•2 views

Malicious code in aws-logs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4707229414d50f1284c7a7b64169463a7c7ca779faf42df6b059947dfd1b79eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/01/28 3:0 a.m.•2 views

Malicious code in discord-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6192027c3576f1efb2bbd06fa525cab0ca4115483f0e8df0a0d2c93f60b24a71 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/01/24 8:23 p.m.•1 views

Malicious code in wlwz-2312-6705 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7215eb26813c2789f000b115d92ee633e2f749c0e4b2d1f74483a850c96e6479 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/01/08 3:1 p.m.•2 views

Malicious code in vg-bot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d995efbd124e2109bc610be152ba4a331cb7d256d3a70d5df78498e416cffbc7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2023/05/09 1:9 a.m.•7 views

MAL-2023-102 Malicious code in apitelegraf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a634fa568ff42edf6105be25c73b2ab0f1f9dd3413865cb85a5ca04f6c46981 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...