CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/05/21 2:50 p.m.•3 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

7.1CVSS6AI score0.00007EPSS

Exploits4References7

RedHat Linux•added 2026/05/21 2:4 p.m.•5 views

kernel: Read root-owned files as an unprivileged user

7.1CVSS6AI score0.00007EPSS

Exploits4References7

OSSF Malicious Packages•added 2026/05/21 12:47 p.m.•6 views

Malicious code in zest-product (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9081ad708b658c1bd56299e401ca6a764cc9137d99573bc922d38a7381cc30d On npm install, postinstall.js collects host identity and environment data os.hostname, username, process.cwd, process.env values, plus shelled-out...

OSV•added 2026/05/21 12:47 p.m.•5 views

Exploits0References3

MAL-2026-4738 Malicious code in zest-product (npm)

RedHat Linux•added 2026/05/21 12:41 p.m.•3 views

Exploits0References3

kernel: Read root-owned files as an unprivileged user

7.1CVSS6AI score0.00007EPSS

Exploits4References7

OSV•added 2026/05/21 12:0 p.m.•7 views

RUSTSEC-2026-0149 WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-2r75-cxrj-cmph For more information see the GitHub-hosted security advisory...

7.5CVSS5.8AI score

Exploits0References3

RustSec•added 2026/05/21 12:0 p.m.•10 views

WASI path_open(TRUNCATE) bypasses `FilePerms::WRITE` host restriction

Exploits0Affected Software1

OSV•added 2026/05/21 11:28 a.m.•3 views

MAL-2026-4399 Malicious code in @kedem/okdb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cfce9a94c70e54caff77645f380418abda1bb1a38ad9cda61f6fbeaa482e2fed The package's CLI entry point at bin/okdb.js is a heavily obfuscated single-line bundle hex-mangled symbols like 0x2a69e2/0x5d02f6 that constructs HT...

5.9AI score

OSSF Malicious Packages•added 2026/05/21 10:54 a.m.•8 views

Malicious code in payment-account-input-selector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12187e6fb4ae4d3a411cea0c3ec8b995e1091a9cf78219db9fbcdac87540aabf On npm install, preinstall.js collects hostname, username, platform, cwd, timestamp, and a full dump of os.networkInterfaces and HTTP-GETs them as...

OSV•added 2026/05/21 10:54 a.m.•6 views

MAL-2026-4635 Malicious code in payment-account-input-selector (npm)

OSV•added 2026/05/21 8:32 a.m.•3 views

MAL-2026-4588 Malicious code in ionic-insta-api-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02b21f843420dc38a87320830c9f9bd48d72a2938774100b1ee08a2db708abbc ionic-insta-api-wrapper is presented as an Instagram API client but its advertised login API silently relays caller-supplied credentials and session...

6AI score

OSV•added 2026/05/21 8:14 a.m.•8 views

MAL-2026-4335 Malicious code in webservices.rest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c47c5da15de80c0473b9ccdb9899cb24607c3338914d67fe3331b169f5c1553b Package name webservices.rest impersonates the OpenMRS REST API naming convention and is published at version 99.1.0 — the canonical...

5.9AI score

Exploits0References4

GithubExploit•added 2026/05/21 7:17 a.m.•48 views

Exploit for CVE-2025-99999

CVE-2025-99999 - HSM Firmware Authentication Bypass Descri...

OSV•added 2026/05/21 5:52 a.m.•4 views

Exploits1

MAL-2026-4490 Malicious code in auth0-templates-scripts-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed9a505fcbf6daef28b6625dcbde65ea1dd00b01c1a684debfdedfc7e5bc3643 Package name impersonates the Auth0 ecosystem. Its postinstall hook node index.js runs unconditionally on npm install and performs a multi-stage data...

OSSF Malicious Packages•added 2026/05/21 5:52 a.m.•5 views

Malicious code in auth0-templates-scripts-utils (npm)

OSV•added 2026/05/21 4:39 a.m.•2 views

MAL-2026-4472 Malicious code in @zhengshuo888/huoke (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f352f11f7811b28966799c9359f99dbbe9829240066504be17c100981dd45ab On npm install, the package's postinstall hook runs node bin/huoke.js install-skill, which uses execSync to invoke curl -fsSL against...

OSSF Malicious Packages•added 2026/05/21 3:48 a.m.•8 views

Malicious code in @atlisp/mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5f4a9667f0a13220de9b838fde4fc16bd5aaa7f79d91f1122725e4799582515 The package's MCP server auto-injects a LISP bootstrap into every CAD command sent through cadSend/cadSendWithResult, plus connectcad's initAtlisp an...

6.3AI score