Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/15 8:11 p.m.7 views

Malicious code in yunxin-overmind-comment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57551a10d99024d1d12c7f2e349e6557613ed3a5e036bf45d71129d501fbbabc On npm install, the package's scripts.postinstall runs src/postinstall.js, which spawns a detached Node child that collects the installer's hostname,...

5.3AI score
Exploits0References1
OSV
OSVadded 2026/06/15 8:11 p.m.7 views

MAL-2026-5833 Malicious code in yunxin-overmind-comment (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57551a10d99024d1d12c7f2e349e6557613ed3a5e036bf45d71129d501fbbabc On npm install, the package's scripts.postinstall runs src/postinstall.js, which spawns a detached Node child that collects the installer's hostname,...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 4:46 a.m.9 views

Malicious code in nim-submit-for-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf75301042574897cc2f4bd8f3b8939fe4ac7a958f2cfe2404bbbee149797d0 On npm install, the package's postinstall hook executes lib/compiler.js, which spawns a detached Node process that collects host identity hostname,...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/11 4:46 a.m.9 views

MAL-2026-5570 Malicious code in nim-submit-for-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf75301042574897cc2f4bd8f3b8939fe4ac7a958f2cfe2404bbbee149797d0 On npm install, the package's postinstall hook executes lib/compiler.js, which spawns a detached Node process that collects host identity hostname,...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/11 4:36 a.m.8 views

Malicious code in qa-handoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4939e56124668b7d03f9e2a96dfbfedba53e24aaa5d2190e298547e724b1f851 On npm install, the package automatically executes lib/setup.js via the postinstall lifecycle hook. The script spawns a detached Node process that...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/06/11 4:36 a.m.10 views

MAL-2026-5571 Malicious code in qa-handoff (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4939e56124668b7d03f9e2a96dfbfedba53e24aaa5d2190e298547e724b1f851 On npm install, the package automatically executes lib/setup.js via the postinstall lifecycle hook. The script spawns a detached Node process that...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/05/22 3:5 a.m.6 views

MAL-2026-4444 Malicious code in @shwfed/nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87ac343d6f89a601749bb115fa6902e7d39c71a0a6469690ecef56e9ea8a135e @shwfed/nuxt is published as a Nuxt UI module but contains undocumented build-hook code that, when a consumer integrates the module and runs a build...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/22 3:5 a.m.9 views

Malicious code in @shwfed/nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87ac343d6f89a601749bb115fa6902e7d39c71a0a6469690ecef56e9ea8a135e @shwfed/nuxt is published as a Nuxt UI module but contains undocumented build-hook code that, when a consumer integrates the module and runs a build...

5.9AI score
Exploits0References3
Rows per page
Query Builder