Lucene search
K

10 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.14 views

Malicious code in dreamgen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 518c5b1627018ff52b8f3b8e83d862735009be6eaed3595922195bb3b45e6162 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/06 6:13 a.m.13 views

Malicious code in ppkt2synergy (PyPI)

The package ppkt2synergy version 0.1.1 contains a malicious .pth file ppkt2synergy-setup.pth that executes a Bun-based credential stealer on every Python startup via CPython's site.py exec mechanism. The payload downloads the Bun runtime from the official GitHub release page, then runs an...

6AI score
Exploits0References7
OSV
OSV
added 2026/06/06 6:13 a.m.11 views

MAL-2026-5294 Malicious code in magique-ai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4241e99d1053712e6909db44c939421695dff66556055a93058f9a55f8694929 The package was found to contain malicious code or consuming dependency that contains malicious code Source: kam193...

6.1AI score
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.9 views

PT-2026-49155

Impact On May 19, 2026, a compromised version of @cap-js/[email protected] was published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that machine npm tokens, cloud provider credentials, SSH keys,...

9.6CVSS5.3AI score
Exploits0References5
CVE
CVE
added 2026/05/27 3:50 p.m.73 views

CVE-2026-48027

Summary: CVE-2026-48027 affects Nx Console, a UI for Nx & Lerna. A malicious copy of Nx Console version 18.95.0 was published briefly in Visual Studio Marketplace (and OpenVSX) around 12:30–12:48 UTC (≈18 minutes) and 12:33–13:09 UTC (≈36 minutes) respectively. The compromised package allowed cod...

9.8CVSS5.8AI score0.0185EPSS
In wildExploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/27 3:50 p.m.10 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.3CVSS5.8AI score0.0185EPSS
Exploits1References4
EUVD
EUVD
added 2026/05/27 3:50 p.m.14 views

EUVD-2026-32550

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.8CVSS5.8AI score0.0185EPSS
Exploits1References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 6:18 a.m.19 views

Malicious code in checkmarx.ast-results (VSCode:https://open-vsx.org)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3205937565e6fad63cbece12a8463cd52f3e95c10ac99ab7e62a317e9c18717a This extension is a compromised version of the offical Checkmarx VSCode extensions available on the Microsoft Marketplace, by the TeamPCP...

5.9AI score
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-27596

Malicious code in bioql PyPI...

8.6CVSS6.3AI score0.00324EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2010/12/02 12:0 a.m.58 views

ProFTPd 1.3.3c - Compromised Source Backdoor Remote Code Execution

== ProFTPD Compromise Report == On Sunday, the 28th of November 2010 around 20:00 UTC the main distribution server of the ProFTPD project was compromised. The attackers most likely used an unpatched security issue in the FTP daemon to gain access to the server and used their privileges to replace...

7.4AI score
Exploits0
Rows per page
Query Builder