Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

29602 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/25 12:2 a.m.5 views

Malicious code in @clausehq/flows-step-httprequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126cc191c92f3dd4eb7a0c64301c3d7e0ff5d999596b4c1b3584e38f130495cc The package @clausehq/flows-step-httprequest was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/25 12:2 a.m.2 views

MAL-2025-191201 Malicious code in @clausehq/flows-step-httprequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 126cc191c92f3dd4eb7a0c64301c3d7e0ff5d999596b4c1b3584e38f130495cc The package @clausehq/flows-step-httprequest was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/25 12:1 a.m.5 views

Malicious code in @chtijs/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d13d42ca03eebf6bafc9addea00583d377c625dfac5eaff226bc3b0a155788c8 The package @chtijs/eslint-config was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/25 12:1 a.m.3 views

MAL-2025-191200 Malicious code in @chtijs/eslint-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d13d42ca03eebf6bafc9addea00583d377c625dfac5eaff226bc3b0a155788c8 The package @chtijs/eslint-config was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
Nvidia
Nvidiaadded 2025/11/25 12:0 a.m.15 views

Security Bulletin: NVIDIA NeMo Framework - November 2025

NVIDIA has released a software update for NVIDIA® NeMo Framework. To protect your system, clone or update this software to version 2.5.1 or later from NVIDIA/NeMo Framework on NVIDIA GitHub and pypi. Go to NVIDIA Product Security...

7.8CVSS7AI score0.00169EPSS
Exploits0Affected Software1
Nvidia
Nvidiaadded 2025/11/25 12:0 a.m.6 views

Security Bulletin: NVIDIA NeMo Agent Toolkit - November 2025

NVIDIA has released a software update for NVIDIA® NeMo Agent Toolkit. To protect your system, clone or update this software to version 1.3.0 or later from NVIDIA GitHub. The affected sub-module is https://github.com/NVIDIA/NeMo-Agent-Toolkit-UI. Go to NVIDIA Product Security. To protect your...

7.6CVSS7AI score0.00243EPSS
Exploits0Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.7 views

@actbase/react-kakaosdk contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.6 views

@actbase/react-absolute contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.4 views

@accordproject/markdown-it-cicero contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Databaseadded 2025/11/25 12:0 a.m.4 views

02-echo contains malware after npm account takeover

On November 24th 2025, a new supply chain attack called Shai-Hulud 2.0 was launched. This package contains the malicious code that attempts to harvest credentials and infect GitHub and npm repositories. The malicious software executes during the pre-install phase and attempts to harvest credentia...

7.1AI score
Exploits0References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:54 p.m.5 views

Malicious code in @micado-digital/stadtmarketing-kufstein-external (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b458f23284c11d0533df6f7d474554467329282fb52e761f0a654ef8cf69f3e The package @micado-digital/stadtmarketing-kufstein-external was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/24 11:54 p.m.1 views

MAL-2025-191246 Malicious code in @micado-digital/stadtmarketing-kufstein-external (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b458f23284c11d0533df6f7d474554467329282fb52e761f0a654ef8cf69f3e The package @micado-digital/stadtmarketing-kufstein-external was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:51 p.m.6 views

Malicious code in quickswap-v2-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4313e2b3fbb458efed74babcd2a8ec50374c189c7e41f82e4e8c2121350a962e The package quickswap-v2-sdk was found to contain malicious code. Source: ghsa-malware 3166b60c9fe686ac7370d58396dbbfa253204d33049707ea4799b075e6d00b...

6.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:51 p.m.5 views

Malicious code in @lui-ui/lui-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8515f668c012cc4072d376364ab0ed194d6040b86dbc19737c43a7ab00acd2d4 The package @lui-ui/lui-tailwindcss was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/24 11:51 p.m.2 views

MAL-2025-191244 Malicious code in @lui-ui/lui-tailwindcss (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8515f668c012cc4072d376364ab0ed194d6040b86dbc19737c43a7ab00acd2d4 The package @lui-ui/lui-tailwindcss was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:50 p.m.5 views

Malicious code in quickswap-smart-order-router (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65a1978f5a844fe2a4875f031a7498db4411fdf687fe752f1dbbcea7a6a31fba The package quickswap-smart-order-router was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/24 11:50 p.m.1 views

MAL-2025-191243 Malicious code in @lui-ui/lui-nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aeaeb0138ac2e77901a8360aeeeec1038e7da06fabc4c4726a6fb2060f8d01b5 The package @lui-ui/lui-nuxt was found to contain malicious code. Source: ghsa-malware 7914345d453dc4753973e462d6f8e4cbd4d25656c98b9a22f073c9fdddb715...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:50 p.m.6 views

Malicious code in @lui-ui/lui-nuxt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aeaeb0138ac2e77901a8360aeeeec1038e7da06fabc4c4726a6fb2060f8d01b5 The package @lui-ui/lui-nuxt was found to contain malicious code. Source: ghsa-malware 7914345d453dc4753973e462d6f8e4cbd4d25656c98b9a22f073c9fdddb715...

6.9AI score
Exploits0References4
OSV
OSVadded 2025/11/24 11:50 p.m.3 views

MAL-2025-191409 Malicious code in quickswap-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49dcf945c1f4a044140fa8266ccef0485d549fd60e40a201830e3c0d47e5a825 The package quickswap-sdk was found to contain malicious code. Source: ghsa-malware e27417025676edb6f4f89ab42768d6676919fdcae59a91035af673ad2f0ff913...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/24 11:50 p.m.6 views

Malicious code in quickswap-router-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed80b7ba4c6742a8930246967edfa6fc147fc7a52d957d93c89ce0a9258bd470 The package quickswap-router-sdk was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
Rows per page
Query Builder