Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2791 matches found

OSV
OSVadded 3 days ago1 views

MAL-2026-5155 Malicious code in @ownit/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSV
OSVadded 3 days ago2 views

MAL-2026-5156 Malicious code in @telenor-se/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 3 days ago5 views

Malicious code in @tse-digital/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSV
OSVadded 3 days ago2 views

MAL-2026-5157 Malicious code in @tse-digital/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSV
OSVadded 3 days ago2 views

MAL-2026-5154 Malicious code in @customer-threesixty/assets (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 3 days ago5 views

Malicious code in @customer-threesixty/assets (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 3 days ago5 views

Malicious code in @ownit/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 3 days ago6 views

Malicious code in @telenor-se/core (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/cloudia is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/dataplatform-cloudberry is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/ml-ai-agents-mcp-server is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/billing is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/key-manager is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/svp-lbaas is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization an...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @mlspace/file-manager is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/timescale-db is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @mlspace/env-jobs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/corax is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @cloudplatform-single-spa/svp-bare-metal-servers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snykadded 4 days ago1 views

Malicious Package

Overview @car-loans/online-sign-aff is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder