Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded last week5 views

MAL-2026-5828 Malicious code in ogd-platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f17f2c263db2adee12698bd9046668b9b674bcdf063b959f54841914a6028931 The package contains only a package.json with a preinstall lifecycle script and ships no actual functionality despite advertising itself as an 'Open...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/09 5:35 p.m.8 views

Malicious code in @klapp-login-platform/oidc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6c2b86b9675d4d22e101f4f10f521cc36069ecebd1680d4c3ecfa0c04e8169da On npm install, the package executes node index.js via its preinstall hook. index.js collects the installer's hostname os.hostname, username...

5.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/12 12:1 a.m.9 views

Malicious code in get-incorrect-name-bob (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cb10edcf75f6463de2adaa0a621cf5fb215b5431a87d36a3b94e1910fb774ab While disguised as a dummy MCP server, the only real functionality is exfiltrating hostname on importing. --- Category: PROBABLYPENTEST - Packages looking like...

5.8AI score
Exploits0References1
Rows per page
Query Builder