Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/20 1:16 a.m.2 views

MAL-2026-4452 Malicious code in @tailwind-core/webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7955094460738dc65288f88a3bb990c7d3ff52ed3683f11265b7072bd80aa4e3 Package @tailwind-core/webpack impersonates the legitimate Tailwind v4 webpack loader @tailwindcss/webpack. The README copies Tailwind Labs branding ...

5.9AI score
Exploits0References1
Snyk
Snykadded 2026/05/18 9:0 p.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...

9.8CVSS5.9AI score
Exploits0References2
OSV
OSVadded 2026/05/09 5:29 p.m.3 views

MAL-2026-3405 Malicious code in ggfmttygl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e741cc1df48cc526ad3a27ac702f5dea403723557b4a485f84847340310d66e5 Package is disguised as a utility, but in fact loads encrypted code as modules. However, loading it requires knowing the decryption key which is not included i...

5.9AI score
Exploits0References1
OSV
OSVadded 2026/02/19 11:56 p.m.2 views

MAL-2026-947 Malicious code in ethrpc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b1eff108aebd0c94cd1b2c9dd2321060f61236e0dbf655c62f729169dcd5d5b3 The malicious code is in the ethrpc-keys package, which is a clone of legitimate eth-keys, but contains a modification that silently exfiltrates the user's...

5.7AI score
Exploits0References1
OSV
OSVadded 2026/01/16 9:32 p.m.2 views

MAL-2026-1036 Malicious code in uitil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ff0b75197d8e7cd361d61461260811fba8920c54b8538cb5f21ec2fc1c885ec3 The package implements an undocumented way to execute code hidden in image files, and a function that searches for images in the current directory and attempts...

6.1AI score
Exploits0References3
OSV
OSVadded 2025/04/20 12:5 p.m.3 views

MAL-2025-191943 Malicious code in zmaker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f4ac88a121488df2fdfa1cb5409f3443f658a30d679f20acc41dd2c656bd3b8 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/04/20 12:5 p.m.3 views

Malicious code in zsender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64454f4348553cc0321094cffaef685d8977dd95ccf1c07dc54e2b8b3c39a8f0 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/02/13 1:18 p.m.3 views

Malicious code in compute-st-speed (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 35e058e2655bdae9fb5cef9e594f9f1dcc59206620e758c625c9cdee1e0634a8 Infostealer with multiple possibilities, but not auto-activating on installation. There are already multiple attempts to publish it, with different...

7.2AI score
Exploits0References1
Rows per page
Query Builder