CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4242 matches found

EUVD•added 2025/12/02 4:21 a.m.•2 views

EUVD-2025-200178

Malicious code in @wxi-dev/serverless-tsc-config npm...

6.6AI score

Exploits0References1

CNNVD•added 2025/12/02 12:0 a.m.•1 views

Red Hat OpenShift Dev Spaces 安全漏洞

Red Hat OpenShift Dev Spaces is a cloud-based development environment from Red Hat USA. A security vulnerability exists in Red Hat OpenShift Dev Spaces that stems from improper permissions in the /etc/passwd file, which could result in elevated privileges within the container...

6.4CVSS6.7AI score0.00003EPSS

Exploits0References3

OSV•added 2025/12/01 4:16 p.m.•4 views

MAL-2025-191527 Malicious code in solana-dev-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c145bf7c5a5338ce094da7306d81c107eb218975e136423df4b1e3f71207b755 The package solana-dev-mcp was found to contain malicious code...

6.8AI score

Exploits0

OSSF Malicious Packages•added 2025/12/01 4:16 p.m.•5 views

Malicious code in solana-dev-mcp (npm)

7AI score

Exploits0

GithubExploit•added 2025/11/28 9:38 a.m.•142 views

ExploitForge

Getting Started with Create React App This project was bootst...

7.2AI score

Exploits0

Snyk•added 2025/11/25 6:25 a.m.•1 views

Malicious Package

Overview @vleo-dev/a11y-js-service is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score

Exploits0References2

RedhatCVE•added 2025/11/25 12:17 a.m.•6 views

CVE-2025-61138

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/ directory...

7.5CVSS7AI score0.00044EPSS

Exploits0References1

OSSF Malicious Packages•added 2025/11/25 12:16 a.m.•5 views

Malicious code in @dev-blinq/ai-qa-logic (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bcfefccc1ff9a7579321c6e45d16fc6aa94b9eaa45952fe47d415c2ffcde9a4 The package @dev-blinq/ai-qa-logic was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

OSV•added 2025/11/25 12:16 a.m.•1 views

MAL-2025-191210 Malicious code in @dev-blinq/ai-qa-logic (npm)

6.8AI score

Exploits0References4

EUVD•added 2025/11/25 12:16 a.m.•2 views

EUVD-2025-199501

Malicious code in @dev-blinq/ui-systems npm...

6.6AI score

Exploits0References4

EUVD•added 2025/11/25 12:16 a.m.•1 views

EUVD-2025-199492

Malicious code in @mizzle-dev/orm npm...

6.6AI score

Exploits0References3

OSSF Malicious Packages•added 2025/11/25 12:16 a.m.•3 views

Malicious code in @mizzle-dev/orm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd528c11fe54881e4913d51e5acc448562c3fc1b7edaae7aa2a40e6b12425f55 The package @mizzle-dev/orm was found to contain malicious code. Source: ghsa-malware c327219099fb121baf202032e61fc1b4881236e892dea9b4aa2b6159f953696...

6.9AI score

Exploits0References4

OSSF Malicious Packages•added 2025/11/24 11:35 p.m.•4 views

Malicious code in @dev-blinq/cucumber_client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db4a451970465311f6a1d2b9ac8b4713f2f4ff114aa37c12dd0daff6032c8ab6 The package @dev-blinq/cucumberclient was found to contain malicious code. Source: ghsa-malware...

6.9AI score

Exploits0References4

Snyk•added 2025/11/24 8:33 p.m.•2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score

Exploits0References3

Snyk•added 2025/11/24 8:33 p.m.•1 views

Embedded Malicious Code

9.8CVSS6.8AI score

Exploits0References3

EUVD•added 2025/11/24 4:31 p.m.•1 views

EUVD-2025-198926

Malicious code in @posthog/web-dev-server npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/24 4:31 p.m.•3 views

Malicious code in @posthog/web-dev-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d8d0531931bec7f4add3b4f255b7f6572d28ff3edf2774f7d076fde394eb405 The package @posthog/web-dev-server was found to contain malicious code. Source: google-open-source-security...

6.9AI score

Exploits0References3

OSV•added 2025/11/24 11:21 a.m.•2 views

USN-7851-2 runc-app, runc-stable regression

USN-7851-1 fixed vulnerabilities in runC. The introduction of a new upstream release has caused regressions in runc-app and runc-stable. This update fixes the problem. Original advisory details: Lei Wang and Li Fubang discovered that runC incorrectly handled masked paths. An attacker could possib...

5.8AI score

Exploits0References2

Rockylinux•added 2025/11/21 6:13 p.m.•1 views

runc security update

An update is available for runc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The runC tool is a lightweight, portable implementation of the Open Container...

8.4CVSS6.9AI score0.00026EPSS

Exploits4