CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/02/03 3:41 p.m.•4 views

Malicious code in @x-clients/features (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11011581541d17f28bb84a9e3ea5703dfc0f4834506875fa48f61ea79c87c30c The package @x-clients/features was found to contain malicious code. Source: ossf-package-analysis...

5.4AI score

OSSF Malicious Packages•added 2026/01/30 11:13 p.m.•6 views

Malicious code in mbo-letters-cl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score

OSSF Malicious Packages•added 2026/01/07 7:35 p.m.•6 views

Malicious code in cko-ui-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8bd7dceb0840c7e96ac7bbc186b43c5a28941546823b4a13888aad0870a5aaa9 The package cko-ui-toolkit was found to contain malicious code. Source: ghsa-malware 06a8bb4e74769e572fe928f5f3fa63fb6ebda995375148b063d1730c43c4dc06...

5.6AI score

OSSF Malicious Packages•added 2025/12/22 1:51 p.m.•9 views

Malicious code in utif-updated (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24ed42240868e0b6b0eff870ffa0f42d95bca3659f922078257f1a71694da3f1 The package utif-updated was found to contain malicious code. Source: ghsa-malware 3d854467203e61d8d828eafa2a699ba639c90e4045f0e92f033fdade35096cac A...

7AI score

OSSF Malicious Packages•added 2025/12/06 4:23 p.m.•4 views

Malicious code in fdir2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 19307a303580d9399ea5d4c9bee17c0e89d9f81daaab855f99563080ba79630c The package fdir2 was found to contain malicious code. Source: ossf-package-analysis 8999cc376e31073e8a5937b4bed10d25255c312d9b6c888bfad3a30401583b77...

OSSF Malicious Packages•added 2025/12/03 1:31 a.m.•5 views

Malicious code in karemm6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7f481c97f5f745c99eb45dfa9b3744087e80ec7ac13fe1fb4043ca0274c625c3 The package karemm6 was found to contain malicious code. Source: ossf-package-analysis d17f9161b68d61aa5f69d4d313d653d03c3256893ac716347d63dade604eea...

OSSF Malicious Packages•added 2025/11/30 2:53 p.m.•5 views

Malicious code in 7715-permissions-shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62836f3e2abcaa4bf3bcda16aa07d57b7f0a97ffcd7d65d3ba155bfd17f8cd8c The package 7715-permissions-shared was found to contain malicious code. Source: ghsa-malware...

7AI score

OSSF Malicious Packages•added 2025/11/20 9:20 a.m.•4 views

Malicious code in alicenpmpocpackage (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 158edf3777a6df259583332b3694508454333d6643c7eb04eea85176ba9df724 The package alicenpmpocpackage was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2025/11/11 5:3 p.m.•3 views

Malicious code in warnermedia-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 235c7d43006e41c31c3b06069239c483934cee515a1f489c55e698fdf994909e The OpenSSF Package Analysis project identified 'warnermedia-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

OSV•added 2025/11/11 5:0 p.m.•1 views

MAL-2025-138578 Malicious code in netflix-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 711ffa8c0ce9379a63de3ef137c0bf569750b0d78159c94ec77e3e25b5354050 The OpenSSF Package Analysis project identified 'netflix-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7AI score

OSV•added 2025/09/01 9:47 a.m.•2 views

MAL-2025-46909 Malicious code in github-kv (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5fcb11aea794afd6b87c58dee41958584041b8638848807223b0633a851e3ad1 The OpenSSF Package Analysis project identified 'github-kv' @ 0.0.1.rdbd1267 rubygems as malicious. It is considered malicious because: - The...

OSSF Malicious Packages•added 2025/09/01 9:47 a.m.•4 views

Malicious code in github-orca (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 83776c9c0b12c59a169cd0eb6d85e38ce8ae930d21f9d837edf0acd9e2bdccf1 The OpenSSF Package Analysis project identified 'github-orca' @ 0.0.20.1626.gb0c19ef3 rubygems as malicious. It is considered malicious because:...

OSV•added 2025/09/01 9:47 a.m.•2 views

MAL-2025-46910 Malicious code in github-orca (RubyGems)

OSSF Malicious Packages•added 2025/08/23 2:25 p.m.•3 views

Malicious code in invalid-polyfill-missing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 295b859cd3be40684c8d7ebb9bc2a3ca4bb969aad8ff1d524948397a3724c444 The OpenSSF Package Analysis project identified 'invalid-polyfill-missing' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

OSV•added 2025/08/17 6:6 p.m.•3 views

MAL-2025-6929 Malicious code in eslint-plugin-i18n-scan (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 24f25e113ba45d8c8835196aef1b368f2a1e4fb1aecdc17e3a6d47db15371e04 The OpenSSF Package Analysis project identified...

7.3AI score

OSSF Malicious Packages•added 2025/08/12 7:20 a.m.•4 views

Malicious code in facebook-for-woocommerce (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e0ca4dfebc7839330f25a231f2f87af41aef50ea715541751bef46a1709f045e The OpenSSF Package Analysis project identified 'facebook-for-woocommerce' @ 3.6.6 npm as malicious. It is considered malicious because: - The...

OSSF Malicious Packages•added 2025/08/06 3:40 p.m.•4 views

Malicious code in @evt-cdk/core (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a8a0ad11a64b544d80bc12997810cd5b4bf68f64136221617a6f7d54173491f7 The OpenSSF Package Analysis project identified '@evt-cdk/core' @ 7.0...

OSV•added 2025/07/25 1:6 p.m.•3 views

MAL-2025-6239 Malicious code in scheduler-builtin (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9238549a48f542b04214bdd11a30353e38a60a8838caafb36557ef1225cf6fd8 Any computer that has this package installed or running should be considered...

OSV•added 2025/07/24 5:7 p.m.•0 views

MAL-2025-6228 Malicious code in kalitestbbh (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e73ee538aaefd2dcb0c98564285812c9ac69f9e308fac7b6de60784ebf954a2 Any computer that has this package installed or running should be considered...