Lucene search
K

1875 matches found

OSV
OSV
added 2026/03/21 10:54 p.m.7 views

MAL-2026-2018 Malicious code in @modals/blockchain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9883b4336552c287c2c3ed9bb5888cc22173cd8b39fd181552f858607f0ffa70 The package @modals/blockchain was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score
Exploits0
OSV
OSV
added 2026/03/21 1:28 p.m.8 views

MAL-2026-2012 Malicious code in characterai-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 376ab6840d12bf4d2b6ff51f365071cdefb5fae185ba150f7a8db8b70b925155 The package characterai-poc was found to contain malicious code. Source: ghsa-malware e45663d55a0e072d7245ee8cf3a8557710aef6e643c135b20a0918aa96d2da9...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/03/20 4:56 a.m.3 views

Malicious Package

Overview @get-wrecked/overlay is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 4:36 a.m.4 views

Malicious Package

Overview trex-proxy-browser-extension-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.8AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2026/03/19 12:0 a.m.8 views

GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The...

7.8CVSS6.2AI score0.00755EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/17 3:9 a.m.4 views

Malicious Package

Overview vitest-config is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/16 3:51 p.m.4 views

Malicious Package

Overview delta666 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2025-208741

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2025-208720

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

4.5CVSS6AI score0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 2:42 p.m.3 views

CVE-2025-52646 HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries.

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 2:42 p.m.16 views

CVE-2025-52646

Technical details are not publicly available in the provided documents. Monitor for updates from vendors and security trackers to obtain affected versions, root cause, impact, and remediation.

5.3CVSS6AI score0.00147EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/03/16 2:17 p.m.5 views

CVE-2025-52637

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

7.3CVSS0.00225EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.11 views

PT-2026-25756

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

2.2CVSS6AI score0.00147EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.14 views

PT-2026-25706

HCL AION is affected by a vulnerability where certain offering configurations may permit execution of potentially harmful SQL queries. Improper validation or restrictions on query execution could expose the system to unintended database interactions or limited information exposure under specific...

4.5CVSS6AI score0.00225EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.3 views

VoiceSHIELD-Small: Real-Time Malicious Speech Detection and Transcription

Voice interfaces are quickly becoming a common way for people to interact with AI systems. This also brings new security risks, such as prompt injection, social engineering, and harmful voice commands. Traditional security methods rely on converting speech to text and then filtering that text,...

5.8AI score
Exploits0
Snyk
Snyk
added 2026/03/06 7:14 a.m.6 views

Malicious Package

Overview bloxupgrade is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.8 views

Malicious Package

Overview @saferpay/logging is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.11 views

Malicious Package

Overview sap-avatars is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.7 views

Malicious Package

Overview @cb-global-design-system-tokens/tailwind is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organizati...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.7 views

Malicious Package

Overview @toloka-tb/core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Rows per page
Query Builder