CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

16030 matches found

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•11 views

Malicious code in @capibar.chat/ui-kit (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•8 views

Malicious code in @sber-ecom-core/sberpay-widget (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•10 views

Malicious code in @t-in-one/add_application (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•10 views

Malicious code in @t-in-one/application_id_storage_key_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•9 views

Malicious code in @t-in-one/form_product_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•8 views

Malicious code in @t-in-one/prefill_bundle_data_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•6 views

MAL-2026-5040 Malicious code in @t-in-one/only_difference_payload (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•11 views

Malicious code in @t-in-one/add_app_middleware_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•10 views

Malicious code in @t-in-one/get_application_hid (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•8 views

MAL-2026-5036 Malicious code in @t-in-one/add_application_tid (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•10 views

Malicious code in @t-in-one/prefill_transformers_data_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•7 views

MAL-2026-5031 Malicious code in @capibar.chat/ui-kit (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•5 views

MAL-2026-5033 Malicious code in @t-in-one/add_app_middleware_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•7 views

MAL-2026-5035 Malicious code in @t-in-one/add_application_service_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•10 views

Malicious code in @t-in-one/add_application_service_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•5 views

MAL-2026-5043 Malicious code in @t-in-one/prefill_transformers_data_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•5 views

MAL-2026-5038 Malicious code in @t-in-one/form_product_token (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSSF Malicious Packages•added 2026/05/29 12:0 a.m.•11 views

Malicious code in @t-in-one/send_add_application (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•4 views

MAL-2026-5039 Malicious code in @t-in-one/get_application_hid (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

OSV•added 2026/05/29 12:0 a.m.•8 views

MAL-2026-5034 Malicious code in @t-in-one/add_application (npm)

Wave 2 of a dependency confusion attack campaign C2: oob.moika.tech targeting internal npm scopes. The attacker npm user t-in-one, email [email protected] published packages at inflated versions that resolve ahead of private registry versions via npm's default version resolution. The campaign...

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by