CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8993b5329a7604ba0c4c94d86538798b1f58cc2d7e21fb16f89b966ebf27387 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/13 3:23 a.m.•7 views

EUVD-2025-179452

Malicious code in csv-helmet-dione-canopus npm...

6.6AI score

Exploits0

OSV•added 2025/11/13 3:23 a.m.•3 views

MAL-2025-189248 Malicious code in rimraf-quantum-csv-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9909070a68830c6d663c79812a272f46e552253bfb360b94ab3ec3234e687778 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

OSV•added 2025/11/13 3:23 a.m.•4 views

MAL-2025-186434 Malicious code in csv-steganography-sadr-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 576c9c5300d33eedfca84952fa6d232cca75ad84dbeb63ccde6da8ff03408c5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

CVE•added 2025/11/12 9:11 a.m.•15 views

CVE-2025-64406

CVE-2025-64406 affects Apache OpenOffice up to 4.1.15. It is an out-of-bounds write vulnerability that could crash the program or corrupt memory when a crafted document is processed. Upgrading to OpenOffice 4.1.16 fixes the issue. CVSSv3.1 base score 4.3 (MEDIUM) with network attack vector, low c...

4.3CVSS6.5AI score0.00432EPSS

Exploits0References3Affected Software1

Cvelist•added 2025/11/12 9:11 a.m.•3 views

CVE-2025-64406 Apache OpenOffice: Possible memory corruption during CSV import

An out-of-bounds Write vulnerability in Apache OpenOffice could allow an attacker to craft a document that would crash the program, or otherwise corrupt other memory areas. This issue affects Apache OpenOffice: through 4.1.15. Users are recommended to upgrade to version 4.1.16, which fixes the...

0.00432EPSS

Exploits0References2

CVE•added 2025/11/12 8:28 a.m.•9 views

CVE-2025-12732

CVE-2025-12732 impacts the WordPress plugin “WP Import – Ultimate CSV XML Importer for WordPress” (versions

4.3CVSS4.7AI score0.00226EPSS

Exploits0References4

Cvelist•added 2025/11/12 8:28 a.m.•8 views

CVE-2025-12732 WP Import – Ultimate CSV XML Importer for WordPress <= 7.33 - Missing Authorization to Authenticated (Author+) Sensitive Information Exposure

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to unauthorized access of sensitive information due to a missing authorization check on the showsetting function in all versions up to, and including, 7.33. This makes it possible for authenticated attacker...

4.3CVSS0.00226EPSS

Exploits0References4

Patchstack•added 2025/11/12 5:11 a.m.•5 views

WordPress WP Import plugin <= 7.33 - Missing Authorization to Authenticated (Author+) Sensitive Information Exposure vulnerability

Missing Authorization to Authenticated Author+ Sensitive Information Exposure vulnerability discovered by M Indra Purnama type5afe in WordPress Plugin WP Ultimate CSV Importer versions = 7.33...

4.3CVSS6.7AI score0.00226EPSS

Exploits0References1Affected Software1

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-111507

Malicious code in lyra-grus-csv-dotenv-parse-variables npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 4:29 a.m.•3 views

EUVD-2025-114750

Malicious code in csv-subscription-apollo-meissa npm...

6.6AI score

Exploits0