Lucene search
K

486 matches found

OSV
OSV
added 2026/06/15 5:24 p.m.9 views

MAL-2026-5803 Malicious code in flow-lending (npm)

Sentinel-high 9.9.9 dependency-confusion squat of an internal Cardano/DeFi lending pkg. preinstall node index.js || true auto-execs a credential exfil: harvests env secrets mnemonic/private key/token/blockfrost API key and POSTs to raw attacker C2 2.25.140.71:8443/surflending/npm-confusion. 2-pkg...

5.4AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/13 7:15 a.m.16 views

Malicious code in postinstall-logger-7x9z (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e89b603ffc718873a9d4c42167bf0c667c995cc2547bc9b99373ad4e9f0ca1e On install, package.json's postinstall hook "postinstall": "node run.js" triggers execution of bundled beacon scripts beacon15.js and beaconlinux.js...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/12 1:7 p.m.7 views

MAL-2026-5684 Malicious code in jec (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cfd390b5ea0fe558bd7f5fd56dec8386148e58d7f8d4b6bba14f8a2aa8b6d323 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/06/10 5:21 p.m.8 views

MAL-2026-5518 Malicious code in hello-dynamic (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 168dd7abca8ed812dcfb0119eaf80a2b05b186ee37a1e0c8f98e88f884a90602 Package attempts to test exploitation via legacy dependencylinks configuration --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages,...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.5 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0605)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0605 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.4AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 5:16 p.m.8 views

MAL-2026-5434 Malicious code in ac_calendar_ts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5b3fd92d67510aef112ac70c9af79a59b924eef29e20b1b127ea4c720182c63 On npm install, the package's canary.js postinstall script issues an HTTP GET to http://157.230.17.236/dc carrying the installer's os.hostname, packa...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 4:53 p.m.9 views

Malicious code in ultimate-ai-power (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90499eb8f54fcc67c067ef7d5397153b4abfc5bbca9d96e7deb291152f49ed3f On import ultimateaipower, the package's top-level init.py collects the local username getpass.getuser and resolved host IP socket.gethostbyname and...

5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/06/06 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/06/06 9:0 p.m.11 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.8 views

CVE-2026-41412

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5-2606, the alf.io extension sandbox injects a fully-functional HTTP client simpleHttpClient into every extension script's scope. The postFileAndSaveResponse method accep...

4.9CVSS5.5AI score0.00317EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.10 views

Malicious code in awaitly-visualizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.10 views

Malicious code in effect-analyzer (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.10 views

Malicious code in create-cf-token (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.12 views

Malicious code in awaitly-mongo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad946395e22355158fb80d8dd83874ea4b4270c38900399882114d590894a615 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5199 Malicious code in @ethlete/contentful (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/05 12:53 a.m.6 views

MAL-2026-5233 Malicious code in autotel-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9012c3503081f1a635cdffe1f65697c6df9181cedcd9e72c01338101f9f8e4c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.10 views

MAL-2026-5241 Malicious code in create-wrangler-deploy (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/05 12:53 a.m.6 views

MAL-2026-5235 Malicious code in awaitly-analyze (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b77cddba130960f19c0c0b71b952811cc8dabd41e848d5305497cd16757ba2e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/05 12:53 a.m.7 views

MAL-2026-5198 Malicious code in @ethlete/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a6c7977dbc054cdb7fe56da0d2fbd26e2a6fed695deb4263ccbf4adfedd86acb The Miasma malware is a self-propagating worm that spreads across the npm registry by abusing weaponized binding.gyp files to achieve...

5.7AI score
Exploits0References2
OSV
OSV
added 2026/06/03 1:45 p.m.9 views

MAL-2026-5176 Malicious code in internal-tracker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e2d5962963c8d8a956fcb154caa77b63b09419f4f58ddb23e2afbb0cb98c6c79 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
Rows per page
Query Builder