CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/02/03 7:27 a.m.•4 views

Malicious code in epic-admin-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53764f149897a5c5d4373d2f217da3994123f2664db8150cfcf37b474ee632db The package epic-admin-ui was found to contain malicious code. Source: ghsa-malware 34cc1c893e75c3b3e5849e74fed6d7f75ce784c9e933d878d93e773fae313305...

5.4AI score

OSV•added 2026/01/28 6:44 a.m.•3 views

MAL-2026-560 Malicious code in transform-async-to-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3375385fb6c066445341256f9ce616582a713468ea0649853056c24b4aaf1776 The package transform-async-to-generator was found to contain malicious code. Source: ghsa-malware...

5.8AI score

OSV•added 2026/01/27 8:11 a.m.•6 views

MAL-2026-537 Malicious code in mysql2.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf03a68f80a8549d53b74c88dcddc103e1ba4941db706b05958b5a8afd7912b9 The package mysql2.js was found to contain malicious code. Source: ghsa-malware a62950456c9e80360128c446e77395618e0567734ef79c8d93f73aa0c1c45115 Any...

5.8AI score

OSSF Malicious Packages•added 2025/12/19 4:13 p.m.•5 views

Malicious code in ctfvamp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60afd58ec7b3c88e49140c847bac2c30a9e0e6d9f4f700125d59a3302bb9dac2 The package ctfvamp was found to contain malicious code. Source: ghsa-malware 813e410e18d7609781e8b8a67e5750a2e2652e69245b8a6d343d9ea8364d75a6 Any...

OSV•added 2025/12/16 6:42 a.m.•3 views

MAL-2025-192588 Malicious code in elf-stats-fuzzy-wreath-278 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de72f83ee4c58e98151bb08bdad43674b0ee28f24618856adaf402b3e2ddbcd9 The package elf-stats-fuzzy-wreath-278 was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/11/24 10:56 p.m.•5 views

Malicious code in @osmanekrem/bmad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 944b38bf9ed936861ce98cafc711d3d8a8b9cacdc551e5ea1142ea4143cb60aa The package @osmanekrem/bmad was found to contain malicious code. Source: ghsa-malware 4ec958dd0f9ea68f75efc0bfd5d3c3af3b068c9bd15c3a1806453debabae0a...

OSSF Malicious Packages•added 2025/11/24 2:59 p.m.•5 views

Malicious code in @actbase/react-absolute (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed7fad65f30e84a768e6bfde1db53365d73d067672f3722603eecc021adadadd The package @actbase/react-absolute was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/11/24 2:41 p.m.•4 views

Malicious code in cpu-instructions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad988ed4a15a4f88901a6bc82cda5a2e09726ec4529de5a5d3478ce794340f1a The package cpu-instructions was found to contain malicious code. Source: ghsa-malware 99e2bbdca8dd9a2a62e695b54bc5c62b387e43d8e65e138c649077e6c3d8dd...

OSSF Malicious Packages•added 2025/11/24 2:40 p.m.•4 views

Malicious code in @strapbuild/react-native-perspective-image-cropper-2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5e2f74d9d1d21777c83aa98d57c78a19a6161665a8af16c87f380f0d5b8139e The package @strapbuild/react-native-perspective-image-cropper-2 was found to contain malicious code. Source: ghsa-malware...

OSV•added 2025/11/20 12:14 a.m.•1 views

MAL-2025-190581 Malicious code in com.unity.polyspatial.xr (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f47a6bc79a20cf499736b6544281ecd6035fd1135b3d465ea2b7579061bfc2b The package com.unity.polyspatial.xr was found to contain malicious code. Source: ghsa-malware...

OSV•added 2025/10/29 10:46 p.m.•1 views

MAL-2025-49014 Malicious code in jfrog-npm-actions-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a600f48287c23fcb6db85ed0ed084de6ce12d7d3fab99e327ec306c6a84ea7f0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/09 9:4 p.m.•5 views

Malicious code in redirect-ld0k2a (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f762105594d45064c5f4884413c3276f3290f34020261668e50bae1efafcff5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/22 6:6 a.m.•3 views

Malicious code in cui-travel-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 28f2686ec4318061b35e9018872a2a9f3a364c77dcf26ccc1bc405d36475d8fa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/09/15 1:20 a.m.•2 views

Malicious code in tailwind-configs-viewer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eee3c791a92600ef66a7c4165e740bfeda8da8dad109a35e6db271d6fe07caf7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/09 4:27 p.m.•3 views

MAL-2025-47065 Malicious code in hrpq1wq123 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1723d1a69b33a9e203de3ca455da66ce2a37a8e1b6a65edc18c77634d2c22ae2 Any computer that has this package installed or running should be considered...

OSSF Malicious Packages•added 2025/09/08 5:11 p.m.•3 views

Malicious code in chalk (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 985b6546ed08c8482326a4819faec318c27c1f6d7518acdf384d5f5a8c1453aa Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score

Exploits0References3

OSSF Malicious Packages•added 2025/09/08 3:17 p.m.•3 views

Malicious code in is-arrayish (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb234972f25697d7cb6b5fee49c919d030c6f82ca0fa9068cc69f3bed952d540 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score

Exploits0References5

OSV•added 2025/08/15 11:42 a.m.•2 views

MAL-2025-6888 Malicious code in meid-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54a1eca3fe980472cd2c418bc50f361595c86cc248665cdf8e01129e7af96f66 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

OSSF Malicious Packages•added 2025/07/30 7:19 a.m.•2 views

Malicious code in json-confs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aeb598462f7d5aa755a41083007142a93c31fc7a61b70ea43c88dcefdd53025f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...