CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added last week•24 views

CVE-2026-53661 boruta-server sent sensitive session cookies without the Secure attribute

8.8CVSS0.00259EPSS

CVE•added last week•12 views

CVE-2026-53661

CVE-2026-53661 affects Boruta (standalone OAuth2/OpenID Connect server). Prior to 0.9.1, session cookies (_boruta_web_key) and identity remember-me cookie (_boruta_identity_web_user_remember_me) were set without Secure; in plaintext HTTP this enables cookie capture and impersonation. Affected com...

8.8CVSS5.5AI score0.00259EPSS

Vulnrichment•added last week•7 views

CVE-2026-53661 boruta-server sent sensitive session cookies without the Secure attribute

8.8CVSS5.5AI score0.00259EPSS

Positive Technologies•added 2026/06/11 12:0 a.m.•7 views

PT-2026-48665

8.8CVSS5.5AI score0.00259EPSS

Exploits0References4

OSSF Malicious Packages•added 2026/06/10 6:44 p.m.•12 views

Malicious code in check-error-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7c25cbbb904c18028cac363ba66eb89d91301bd3204a8347834e52387b4b575e On require/import, index.js executes a top-level resolveConfig that reconstructs a URL from an XOR-obfuscated integer array, AES-256-CBC-decrypts it,...

6.2AI score

Exploits0References6

OSSF Malicious Packages•added 2026/06/10 6:26 p.m.•10 views

Malicious code in @access-risk/browser-remedy-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0de4bc9f19feea718e091e9b0a480e9b939cdffa88109375020895c99efa489c On npm install, postinstall.js executes automatically and collects host identity and environment details using os.hostname, process.cwd, and filesyst...

Circl•added 2026/06/10 12:31 a.m.•7 views

Exploits0References2

CVE-2026-48265

creationtimestamp| type| source ---|---|--- 2026-06-10 00:31:02+00:00| seen| https://bsky.app/profile/experiencedigest.bsky.social/post/3mnvhhvjwpa2d...

5.4CVSS5.3AI score0.00283EPSS

OSSF Malicious Packages•added 2026/06/09 8:43 p.m.•7 views

Malicious code in menu-filter-widget-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bed4a7ece362ef59f2b621b3f64d06e899740c8ca8d73e437145d48b960187ce package.json declares a postinstall lifecycle hook that runs callback.js on every npm install. callback.js reads os.hostname and sends it to a...

OSV•added 2026/06/09 5:45 p.m.•7 views

MAL-2026-5459 Malicious code in @dktunited/anly-tracker-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a8893b914c3ba3139a3c8cede191521742237aa7c1c5d64f7ee45dbc5f636a6 scripts/postinstall.js runs unconditionally during npm install and exfiltrates installer-side identifiers to an attacker-controlled out-of-band...

OSV•added 2026/06/09 5:44 p.m.•6 views

MAL-2026-5436 Malicious code in checkout-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6add4dfcaaf79ce107ac8026032b47540def183a121be2266891644c90f10c8 Package replicates the API surface of an internal Exodus package generateMnemonicSigningKeys, signDirectPaymentMultiChain, signCapture, signRefund,...

5.3AI score

OSV•added 2026/06/09 5:44 p.m.•5 views

MAL-2026-5443 Malicious code in exodus-wallet-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 53bf93b626689e980ef2e9c4ba33fd95e81d6a04c665f85908c8cf07b8b36e14 Package name impersonates the Exodus cryptocurrency wallet brand. package.json declares "postinstall": "node src/canary.js", and src/canary.js perfor...

6.1AI score

OSSF Malicious Packages•added 2026/06/09 5:44 p.m.•5 views

Malicious code in grateful-payments (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7a07a0a09ed8037058353b9b9b067e25e3cbe783eaab8d54276d490f823471 On npm install, the package's postinstall script src/canary.js performs a DNS lookup and HTTPS GET to the hardcoded host...

OSV•added 2026/06/09 5:44 p.m.•7 views

MAL-2026-5445 Malicious code in grateful-payments (npm)

OSSF Malicious Packages•added 2026/06/09 5:44 p.m.•9 views

Malicious code in exodus-solana-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecffe98bff5e1c4655631cf8f92b1b1ccb534e0eeaa7043fab0d5fa1fbfabc35 Package name impersonates the Exodus cryptocurrency wallet brand exodus-solana-sdk. package.json declares a postinstall hook node src/canary.js that...

OSSF Malicious Packages•added 2026/06/09 5:44 p.m.•7 views

Malicious code in exodus-ethereum-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e52a42f8980da0a9df361ef772ca31bbdaec85eb3fc7a73dbcfc8b5ca6894a Package name impersonates the Exodus cryptocurrency wallet brand and ships no real functionality src/index.js exports an empty object; package.json...

OSV•added 2026/06/09 5:16 p.m.•6 views

MAL-2026-5426 Malicious code in @oplus/obus-web-sdk-plugin-recovery (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7435b09e6ec064fe7ff0738becd8dd3445f1a73e97427a8fb9285460bd4f723 @oplus/[email protected] publishes to a likely-private internal scope at an artificially high version to win resolution against a...

5.4AI score

OSSF Malicious Packages•added 2026/06/09 5:16 p.m.•6 views

Malicious code in @oplus/obus-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ed41b3738a8034ebb2e92744dd0891812f6c6fdb278e78c377045a86f2b5a34d On npm install, scripts/postinstall.js collects the installer's username os.userInfo, hostname os.hostname, current working directory process.cwd, an...

OSV•added 2026/06/09 4:6 p.m.•6 views

MAL-2026-5393 Malicious code in @sflyinc-knapsack/shutterfly-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1b554d911cfb6d444727262a62e2db10f22a75d53d23741d6c2684f62fb6e5d On require/load, index.js collects host identifiers os.hostname, os.userInfo, os.homedir, DNS server configuration, package.json metadata, and dirnam...