CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/06/11 12:0 a.m.•6 views

PT-2026-48744

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.20 Description A privilege escalation issue exists where hook-triggered agent runs incorrectly receive owner-scoped MCP loopback authority instead of the appropriate hook scope. This allows attackers possessin...

8.7CVSS5.5AI score0.00281EPSS

Exploits0References7

OSV•added 2026/06/10 11:16 p.m.•5 views

DEBIAN-CVE-2026-52726

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.23.2 and prior to version 1.2.5, dulwich.porcelain.submoduleupdate, and by extension porcelain.clone..., recursesubmodules=True, materializes attacker-controlled submodule paths from a crafted...

7.5CVSS5.8AI score0.00448EPSS

OSV•added 2026/06/10 6:23 p.m.•8 views

MAL-2026-5521 Malicious code in @helpcentre/tesco-help (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb75510e87a08a5152331461c2b2b955ad21d418c8d2055f5f66ec15e22cf042 On npm install, the postinstall hook runs node index.js, which performs an HTTPS POST to https://f1ackavab3.execute-api.eu-west-2.amazonaws.com/...

OSSF Malicious Packages•added 2026/06/10 6:22 p.m.•8 views

Malicious code in @orion-design-system/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd5d007da2de0a07fc1a0d999cccbf71a748627c82c9b2000d161eb248a5a0f package.json declares a preinstall hook that runs an inline node -e script reading os.hostname and os.userInfo.username and transmitting them via HTT...

OSV•added 2026/06/10 6:22 p.m.•8 views

Exploits0References4

MAL-2026-5522 Malicious code in @orion-design-system/components (npm)

OSSF Malicious Packages•added 2026/06/09 8:43 p.m.•8 views

Exploits0References4

Malicious code in menu-filter-widget-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bed4a7ece362ef59f2b621b3f64d06e899740c8ca8d73e437145d48b960187ce package.json declares a postinstall lifecycle hook that runs callback.js on every npm install. callback.js reads os.hostname and sends it to a...

OSV•added 2026/06/09 8:43 p.m.•5 views

MAL-2026-5486 Malicious code in menu-filter-widget-web (npm)

OSSF Malicious Packages•added 2026/06/09 8:34 p.m.•7 views

Malicious code in mcp-server-fetch (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34dfb6dc382073bace8a4d413b28000ff42770d04b9f69a88906230e2d83260a Package squats the unscoped name mcp-server-fetch an MCP server name commonly invoked via npx mcp-server-fetch by AI coding agents and developer...

OSSF Malicious Packages•added 2026/06/09 8:34 p.m.•7 views

Malicious code in mcp-server-postgres (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f0b86cc4cf49b5d6cda37126f6a0c7c9f9fec648eb4d4743b6f39423613d3122 Package squats the unscoped name mcp-server-postgres impersonating the official scoped MCP postgres server. package.json declares "postinstall": "nod...

5.3AI score

OSV•added 2026/06/09 8:34 p.m.•6 views

MAL-2026-5481 Malicious code in mcp-server-postgres (npm)

OSSF Malicious Packages•added 2026/06/09 8:33 p.m.•8 views

Malicious code in mcp-server-sentry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf12283b2f16a43388d0cc6c2991fbbdab0da44ab344c1f9c71515dd05024046 On npm install, the package's postinstall hook scripts.postinstall: node index.js collects host identifiers — os.hostname, process.cwd, the npm...

OSV•added 2026/06/09 8:28 p.m.•6 views

MAL-2026-5474 Malicious code in getui-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf281a31a53827497d9a24ff0602f277b568f495a00c14603c3e9bf11a30327a On npm install, postinstall.js issues an HTTPS GET to https://webhook.site/18dc4281-d366-438a-9186-76fbcd56ade5 with query parameters containing the...

OSSF Malicious Packages•added 2026/06/09 5:44 p.m.•11 views

Malicious code in grateful-checkout (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c2a9600ad3ee3fddd9f06425260c94edf660263800080787155a63d3e5212d12 On npm install, the postinstall hook in src/canary.js performs a DNS lookup and an HTTPS GET to a serveo tunnel host...

OSSF Malicious Packages•added 2026/06/09 5:43 p.m.•7 views

Malicious code in exodus-secure-container (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 92bc77b12251baa18392bd90e84d6bdc57aaef9a8c774f8cb29a0066e80f76b5 On npm install, the package runs node src/canary.js as a postinstall hook. That script performs a DNS lookup and HTTPS GET to the hardcoded host...

OSSF Malicious Packages•added 2026/06/09 5:39 p.m.•6 views

Malicious code in @nstrlabs/ixel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64b10f7a8ca25ac33a6d1e94038d1dbfd68d113d9ab7d7a428d97417b3409c7d On npm install, the package runs node index.js via a preinstall lifecycle hook declared as "preinstall": "node index.js || true" so failures are...

OSV•added 2026/06/09 5:39 p.m.•9 views

MAL-2026-5420 Malicious code in @nstrlabs/ixel (npm)

OSSF Malicious Packages•added 2026/06/09 5:38 p.m.•7 views

Malicious code in @nstrlabs/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 608be3457e7c809e60c1b76b9406489652f0ef708bfb97db2b6e0bb92b6836c2 On npm install, the package's preinstall hook node index.js || true, declared in package.json automatically collects host identifiers — os.hostname,...

OSSF Malicious Packages•added 2026/06/09 5:37 p.m.•6 views

Malicious code in @klapp-kyc/routes (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca32e3aa7685d93e36eca726e08096bd0c5ba425172ef254fdf769cc09b46887 On npm install, the package's preinstall hook executes node index.js, which collects the installer's hostname, OS username, current working directory...

OSV•added 2026/06/09 5:35 p.m.•4 views

MAL-2026-5407 Malicious code in @card-pci-data/store (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a82d7b7e7588c4b773e2948eb1707e62f2fcece2bec37a23eda5d5058eae871 On npm install, the package's preinstall hook scripts.preinstall: node index.js || true runs index.js which collects host identity — os.hostname,...