CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

2036 matches found

OSV•added 2026/04/16 8:36 p.m.•2 views

MAL-2026-2895 Malicious code in chai-as-optimized (npm)

chai-as-optimized is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/0ac7efbc0b6b1a53b305 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References2

OSV•added 2026/04/16 8:36 p.m.•1 views

MAL-2026-2891 Malicious code in chai-as-init (npm)

chai-as-init is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c2e881b8bc0fe2121454 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSSF Malicious Packages•added 2026/04/16 8:36 p.m.•5 views

Malicious code in chai-as-ide (npm)

chai-as-ide is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/244f4de235f04fbcd51a and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References2

OSV•added 2026/04/16 1:51 p.m.•2 views

MAL-2026-2701 Malicious code in sanitize-url (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f98260cc1b910a8921671795398ad7f986f02b0b7bc8efef18a4df09b87d51 The package sanitize-url was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/04/16 1:51 p.m.•5 views

Malicious code in sanitize-url (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f98260cc1b910a8921671795398ad7f986f02b0b7bc8efef18a4df09b87d51 The package sanitize-url was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/04/16 1:34 a.m.•4 views

Malicious code in pretty-logger-js (npm)

pretty-logger-js is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e46da449e6d21efcef5e9975a2f8e90c31369882800ed4c560ae47ade99b53 The packa...

OSV•added 2026/04/16 1:34 a.m.•1 views

MAL-2026-2908 Malicious code in pretty-logger-js (npm)

pretty-logger-js is a malicious npm package that when imported downloads and executes a C2 dropper from https://www.jsonkeeper.com/b/OTOAQ. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29e46da449e6d21efcef5e9975a2f8e90c31369882800ed4c560ae47ade99b53 The packa...

OSSF Malicious Packages•added 2026/04/15 11:43 p.m.•5 views

Malicious code in trgrip (npm)

trgrip is a malicious npm package that when imported downloads a C2 dropper from https://44.206.172.239:7443/direct/download/97900a0e-c691-483a-a988-97b76f205c0f and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSSF Malicious Packages•added 2026/04/15 11:21 p.m.•5 views

Malicious code in simple-auth-basic (npm)

simple-auth-basic is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8802844b712eedf88f3862f4e836efd3a767ee4944f6ec3b8c3fbe849fd741b The...

Exploits0References1

OSSF Malicious Packages•added 2026/04/15 10:5 p.m.•5 views

Malicious code in trackora-chain (npm)

trackora-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/BADC6 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References2

OSSF Malicious Packages•added 2026/04/15 10:5 p.m.•5 views

Malicious code in chai-as-evm (npm)

chai-as-evm is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSSF Malicious Packages•added 2026/04/15 10:5 p.m.•9 views

Malicious code in chai-use-chains (npm)

chai-use-chains is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSV•added 2026/04/15 10:5 p.m.•0 views

MAL-2026-2887 Malicious code in chai-as-elevated (npm)

chai-as-elevated is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/545d3d0c167b8dde920f and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References2

OSSF Malicious Packages•added 2026/04/15 10:5 p.m.•6 views

Malicious code in chai-as-adapter (npm)

chai-as-adapter is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSV•added 2026/04/15 10:5 p.m.•4 views

MAL-2026-2899 Malicious code in chai-use-chains (npm)

chai-use-chains is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSV•added 2026/04/15 10:5 p.m.•1 views

MAL-2026-2896 Malicious code in chai-as-stream (npm)

chai-as-stream is a malicious npm package that when imported send all env variables to https://locate-my-ip.vercel.app/api/ip-check-encrypted/3aeb34a333, receives a C2 dropper and executes it evolution of malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=-...

Exploits0References2

OSV•added 2026/04/15 10:5 p.m.•1 views

MAL-2026-2902 Malicious code in lockedin-chai-chain (npm)

lockedin-chai-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSSF Malicious Packages•added 2026/04/15 10:5 p.m.•4 views

Malicious code in lockedin-chai-chain (npm)

lockedin-chai-chain is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSV•added 2026/04/15 10:5 p.m.•1 views

MAL-2026-2885 Malicious code in chai-as-adapter (npm)

chai-as-adapter is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

OSV•added 2026/04/15 10:5 p.m.•3 views

MAL-2026-2897 Malicious code in chai-beta (npm)

chai-beta is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/XRGF3 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by