Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CNNVD
CNNVDadded 2026/03/04 12:0 a.m.3 views

Multer 安全漏洞

Multer is an open-source middleware for Node.js developed by ExpressJS. Versions of Multer prior to 2.1.1 contained a security vulnerability caused by a stack overflow issue when handling malformed requests, which could lead to a denial-of-service attack...

8.7CVSS5.9AI score0.00067EPSS
Exploits0References5
Snyk
Snykadded 2025/12/30 4:12 p.m.2 views

Malicious Package

Overview express-js-web is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSVadded 2025/12/30 4:12 p.m.2 views

MAL-2025-192968 Malicious code in express-js-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e922c32d1b163c8938985f7665f539243b9be99316491150e61476d30cf0ce68 The package express-js-web was found to contain malicious code. Source: ghsa-malware 50f874487616a31800182c5b87aec47559f7136d5ed3a84355446b795a3137d7...

6.8AI score
Exploits0References1
EUVD
EUVDadded 2025/12/30 4:12 p.m.6 views

EUVD-2025-205796

Malicious code in express-js-web npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/12/30 4:12 p.m.4 views

Malicious code in express-js-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e922c32d1b163c8938985f7665f539243b9be99316491150e61476d30cf0ce68 The package express-js-web was found to contain malicious code. Source: ghsa-malware 50f874487616a31800182c5b87aec47559f7136d5ed3a84355446b795a3137d7...

6.9AI score
Exploits0References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-1363

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.00245EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/07/17 12:0 a.m.2 views

Multer 安全漏洞

Multer is an expressjs open source middleware for Node.js. A security vulnerability exists in Multer versions 1.4.4-lts.1 through prior to 2.0.2, which stems from an unhandled exception in the handling of malformed multipart upload requests, which could lead to a denial of service...

7.5CVSS6AI score0.0004EPSS
Exploits0References3
OSV
OSVadded 2024/03/25 9:15 p.m.2 views

AZL-43690 CVE-2024-29041 affecting package nodejs-nodemon 2.0.3-4

Express.js minimalist web framework for node. Versions of Express.js prior to 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL Express performs an...

6.1CVSS6.6AI score0.00154EPSS
Exploits0References1
CVE
CVEadded 2022/03/31 10:45 p.m.81 views

CVE-2022-24794

Express OpenID Connect (express-openid-connect) CVE-2022-24794 describes an Open Redirect vulnerability when requiresAuth is applied on a catch-all route. Affected versions are prior to 2.7.2. The issue arises because the original URL reported by the Express framework is not properly sanitized, a...

7.5CVSS6.4AI score0.00245EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder