Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

42 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/29 10:3 p.m.13 views

Malicious code in evmchain-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6d325c67c3edd95dd9b9e24502f3c8d01369606c35e1231231383e34a24b2da7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/12 2:10 a.m.3 views

MAL-2026-3515 Malicious code in @tallyui/connector-medusa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3acb08c5699637240eec2741252206938cd0e0be4b997523e2100925456e2e39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/04/22 1:29 a.m.10 views

Malicious code in @usealloy/api-contract (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac2459ced40bf7d07428205c0322e09c951fdc50972f337b30508ad2ad867b37 The package @usealloy/api-contract was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/04/13 11:8 p.m.3 views

Malicious code in magentaa11y (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 995b52a2411e3213a611e58f659a941136e8021a88e1d638a232018265d5c11a The package magentaa11y was found to contain malicious code. Source: ghsa-malware 1c1c14e542b99ac8e01a06fd61158c90ffe14fbedbf4834d97f38d65d477ebb5 An...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/03/27 12:51 a.m.2 views

MAL-2026-2247 Malicious code in cua-primitives-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8835d90bff1ed316ff7b7be2d8a1223402e539c4b10cfc2ba0de3164dc438570 The package cua-primitives-server was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/27 4:13 p.m.5 views

Malicious code in @skyzopedia/brat (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7928fe6b128de0686bbc2619dd9015f58d8f2a38d50911f33d8886b323c6df5 The package @skyzopedia/brat was found to contain malicious code. Source: ghsa-malware 0eb0067d76f7f026901f7d29398dd55485b8fa6a59af7bdbfbdb40d6f97b7e...

5.9AI score
Exploits0References1
OSV
OSVadded 2026/02/24 3:1 p.m.4 views

MAL-2026-1016 Malicious code in js-multer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fbd8b0061a32bc73c0f643e53d0522b03117bda560c40b279b8cdebe5a1100 The package js-multer was found to contain malicious code. Source: ghsa-malware 330a991375f32abf73368d5d321c5a485cd844db42ccaa02388ebe61bc013376 Any...

5.9AI score
Exploits0References1
OSV
OSVadded 2026/02/13 2:1 p.m.3 views

MAL-2026-883 Malicious code in ecosystem_ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4987a955f090814c8e125cdaca051b7d106fc4e853cc4e45bc253fbb444f8d94 The package ecosystemui was found to contain malicious code. Source: ghsa-malware 31a22a7e3ce76544adef6885be748f17910483d02a1f19395a520b918516ea63 An...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/02/02 8:29 a.m.7 views

Malicious code in dise-pkt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b02da19d128c79fa9465ba506ff8f53abb3ef541a1da253174255be017c9fd97 The package dise-pkt was found to contain malicious code. Source: ghsa-malware 58b8c2811e173e83d76597b5cb08d80de79cbc72396b7ba7957ed6c15a6003a2 Any...

5.4AI score
Exploits0References1
OSV
OSVadded 2025/10/08 12:37 a.m.1 views

MAL-2025-48039 Malicious code in rails-dom-testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c71a0792e9dc0f14b43ce18d9e3c77d91946237916717b87a53222fb8fec287a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2025/09/25 4:4 a.m.1 views

MAL-2025-47560 Malicious code in internallib_v714 (npm)

The package internallibv714 was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 949e0eb9d0a4f2ce9f9738485e24ab728066c412cd31cbc7445910a5e2709571 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/07/09 9:17 a.m.3 views

Malicious code in houimlogs22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c17d30387b6d0c43cbc6b39b5be60746ceb7ef2a5a6f82469ef4f40f7e46f0c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/07/02 8:19 a.m.3 views

Malicious code in notifications-item (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97d85b541866edfdc9a987e188439cb632fc50a8841072cc43eef2d044f30c8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/05/19 7:48 a.m.3 views

Malicious code in angular-monash (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7281e9d55aa990f9d2ed6d6f8acc5d290a25f3d17fe641c841a5976b519e4844 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/28 8:12 a.m.3 views

Malicious code in ecko-wallet-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0abf27a0a21da3cbad3585aecbe105d054575fe79c1b9c788c93ff4b6478bcab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/03/04 8:51 a.m.3 views

Malicious code in sample-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce665e88f829ec81fed84869682431912fd05dda0ed950a4a37db218cc2c6673 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/02/11 9:27 p.m.4 views

Malicious code in toobit-dev (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d0f3cbca32c205dc8a61718610eba04f690441add92e4fb0e98f1e3f18f21f9 Any computer that has this package install...

7AI score
Exploits0References1
OSV
OSVadded 2025/01/14 12:15 a.m.3 views

MAL-2025-83 Malicious code in ebay-connect (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d19ac42f1b12b95f81ed89c55872795f9fceb4ea498c981624eb1eb04828bcd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/12/19 1:17 p.m.3 views

Malicious code in zap_contracts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 063e3a8cd4df1cbe8d271d03490b9f7dd78cbeda98767caf294735ff4cacef75 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/12/19 1:13 p.m.5 views

Malicious code in apache-airflow-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e6c372df22c9d32de9b2be3a877474b47fc253abc67f5b69d611ebc9640559fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
Rows per page
Query Builder