CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

4173 matches found

Vulnrichment•added 2025/11/13 9:43 p.m.•2 views

CVE-2025-64752 grist-core has path to server-side requests via websocket

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack...

6.8CVSS6.3AI score0.00034EPSS

Exploits0References2

EUVD•added 2025/11/13 9:43 p.m.•3 views

EUVD-2025-177190

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for fetching from a URL that is executed on the server. The privileged network access of server-side requests could offer opportunities for attack...

6.8CVSS6.2AI score0.00034EPSS

Exploits0References2

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178104

Malicious code in library-fetch-hyperion-vortex npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-179513

Malicious code in cressida-jwt-loglevel-fetch npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-180345

Malicious code in arcturus-fornax-thuban-fetch npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178923

Malicious code in fetch-readable-spectron-convict npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177807

Malicious code in miranda-koa-fetch-duplex npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in html-webpack-plugin-vega-atlas-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72fd14fbfa7df3518df196ac7331d4c07644a19e457f73f31be91ee9ab01ce42 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•5 views

Malicious code in miranda-koa-fetch-duplex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0542faa9fd01fa72c958cf46a1d5a08f0ba4db727709a088052187230321c063 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-178504

Malicious code in html-webpack-plugin-vega-atlas-fetch npm...

OSV•added 2025/11/13 3:23 a.m.•2 views

MAL-2025-186959 Malicious code in fetch-readable-spectron-convict (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c63589f0ebd1c39360f807094399bb7293af123a3f30940dd806d287be6c8076 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in command-leda-fetch-delphinus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5feb6e2ef6c9afe8aa0d51f1a5b382e86c7f05202802ce99f9d5296a1ce376d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•2 views

Malicious code in epimetheus-release-it-fetch-centaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc286cddc9b68a29d158425dc814ed9cc8de7a7cdd3c89822a899de1ace22dd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-179649

Malicious code in command-leda-fetch-delphinus npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-180328

Malicious code in ariel-geckodriver-stratosphere-fetch npm...

OSV•added 2025/11/13 3:23 a.m.•0 views

MAL-2025-190340 Malicious code in winston-process-fetch-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f32310e6d14f06422f625862322cf64c1e6a08c795148c10b8a5c50e384c2f17 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•0 views

MAL-2025-185543 Malicious code in arcturus-fornax-thuban-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7009c927b5e00df689b7d6fb41e960faddd6fa557d4deb76f787a5556c51e1d3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•1 views

MAL-2025-187778 Malicious code in library-fetch-hyperion-vortex (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca2c4eff15bede06787b56a8f8b27dea6ef1f37f7ce1a8ee13de06cce88a6df5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-180240

Malicious code in auriga-eslint-halley-fetch npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-177485

Malicious code in odin-fetch-arcturus-cressida npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by