Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/06/15 5:24 p.m.7 views

Malicious code in flow-lending (npm)

Sentinel-high 9.9.9 dependency-confusion squat of an internal Cardano/DeFi lending pkg. preinstall node index.js || true auto-execs a credential exfil: harvests env secrets mnemonic/private key/token/blockfrost API key and POSTs to raw attacker C2 2.25.140.71:8443/surflending/npm-confusion. 2-pkg...

5.4AI score
Exploits0References3
OSV
OSVadded 2026/06/15 3:9 p.m.5 views

MAL-2026-5784 Malicious code in vaults-monitor-cron (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b81c6b9e59e86c40858cb47e91d597b3776fea71def7feb3ca11833625fa3923 On npm install, the package's preinstall hook node postinstall.js || true executes automatically. The script collects hostname, username, and current...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/20 2:36 a.m.11 views

Malicious code in python-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b94c01fae325c5f5e92abd5da03527c54e22bb48202b1dc8b3e2c64947753b2 package.json declares "preinstall": "./dist/typecheck.js". The referenced file is not JavaScript — it is a 5,224,556-byte Linux x86 ELF executable...

5.8AI score
Exploits0References2
OSV
OSVadded 2026/05/14 7:24 p.m.6 views

MAL-2026-3758 Malicious code in dotenvv-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79fd33c6e511ab11f10b1dae91e2f083f486dd020bbf2dca5256eabc904f61b7 Package name dotenvv-tool impersonates the popular dotenv package; index.js is an admitted dummy stub "The real payload is in postinstall.js". The...

5.8AI score
Exploits0References5
OSV
OSVadded 2026/05/12 6:0 p.m.5 views

MAL-2026-3680 Malicious code in @a91082900/test_package (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b8349cd7ce2c9ac2321dce8f80e5a46c0064b382fb7e54e975ff27a2dcab1254 The package's main file index.js executes at module load, with no exports and no user-invoked API. On import it issues...

5.9AI score
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2006-5884

Malware in sbrugna...

5CVSS6.4AI score0.01162EPSS
Exploits0References3
OSV
OSVadded 2025/02/26 9:31 p.m.6 views

PYSEC-2025-6 Exfiltrates cookies to hardcoded IP address

Published in 2021, the colabrun package is a Python library that exfiltrates user cookies to a hardcoded IP address. The package was found to exfiltrate user data to a hardcoded server, which could be used for malicious purposes...

7AI score
Exploits0References2
NVD
NVDadded 2006/11/15 3:7 p.m.14 views

CVE-2006-5901

Hawking Technology wireless router WR254-CA uses a hardcoded IP address among the set of DNS server IP addresses, which could allow remote attackers to cause a denial of service or hijack the router by attacking or spoofing the server at the hardcoded address. NOTE: it could be argued that this...

5CVSS6.7AI score0.01162EPSS
Exploits0References2
Cvelist
Cvelistadded 2006/11/15 3:0 p.m.20 views

CVE-2006-5901

Hawking Technology wireless router WR254-CA uses a hardcoded IP address among the set of DNS server IP addresses, which could allow remote attackers to cause a denial of service or hijack the router by attacking or spoofing the server at the hardcoded address. NOTE: it could be argued that this...

6.7AI score0.01162EPSS
Exploits0References2
Rows per page
Query Builder