Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded yesterday3 views

MAL-2026-5485 Malicious code in mcp-server-supabase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdd7519780160ab3a92639d54eab0a62f08b3d435e61276f4ba599c638c3cd40 Package name impersonates the official scoped Supabase MCP server. package.json declares "postinstall": "node index.js", which fires automatically on...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded yesterday4 views

Malicious code in mcp-server-supabase (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdd7519780160ab3a92639d54eab0a62f08b3d435e61276f4ba599c638c3cd40 Package name impersonates the official scoped Supabase MCP server. package.json declares "postinstall": "node index.js", which fires automatically on...

5.5AI score
Exploits0References1
OSV
OSVadded 2026/05/25 8:18 p.m.5 views

MAL-2026-4396 Malicious code in @izumiswap/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63bd0a7aaa4ac18d8ae0c57c07bec05cb4f69e8650e77c117d11c048e5cec004 On npm install, scripts/postinstall.js runs as the preinstall/postinstall lifecycle hook and performs an unambiguous install-time RCE. It first...

5.8AI score
Exploits0References5
Rows per page
Query Builder