CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

207 matches found

OSSF Malicious Packages•added 2026/05/19 12:0 a.m.•10 views

Malicious code in jest-less-loader (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

Exploits0References5

vulnersOsv•added 2026/05/19 12:0 a.m.•4 views

@jason_mao/mao-ui (=0.0.1), aim-testing (>=0.0.5 <=0.0.8) potentially affected by unknown CVE via jest-less-loader (=0.2.0)

jest-less-loader NPM version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on jest-less-loader and may be impacted: - @jasonmao/mao-ui =0.0.1 - aim-testing =0.0.5, =0.0.8 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4140...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177680

Malicious code in nebula-development-less-loader-achernar npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-176204

Malicious code in stop-chalk-build-less-loader npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177837

Malicious code in mineralogy-less-loader-dagda-global npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178124

Malicious code in less-loader-rocket-adonis-kronos npm...

EUVD•added 2025/11/13 3:23 a.m.•0 views

EUVD-2025-179977

Malicious code in boson-style-loader-less-loader-superflare npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178077

Malicious code in lint-isostasy-altair-less-loader npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-176078

Malicious code in tachyon-asthenosphere-less-loader-dagda npm...

EUVD•added 2025/11/13 3:23 a.m.•0 views

EUVD-2025-175597

Malicious code in webdriverio-less-loader-relay-venus npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in csv-mongodb-rehype-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f821738c4cf7c99d8107896b24f9a81bd00506c105a6aca07ef8a729d5d444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-175439

Malicious code in yonder-less-loader-ini-auth npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-177670

Malicious code in neptune-barnard-mdx-less-loader npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-179450

Malicious code in csv-mongodb-rehype-less-loader npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•2 views

Malicious code in yonder-less-loader-ini-auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64d24be310a09fbc0c9ea69c806f48c32bc74d179f2b3b70aedfed17bb573b41 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSV•added 2025/11/13 3:23 a.m.•1 views

MAL-2025-185905 Malicious code in boson-style-loader-less-loader-superflare (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc2f50bd5b7c71fb5520c30b341fe247f8acbf2e602197b32e39a8de63489160 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178342

Malicious code in iota-less-loader-commitlint-config-angular-private npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•6 views

Malicious code in less-loader-gulp-yaml-crust (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a37ba6b2766ddc09a8955e32126156706d18cd48cf81fa1da83c4c563b856dfc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•0 views

EUVD-2025-178075

Malicious code in lint-less-loader-jekyll-virgo npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in chakra-ui-sadr-yaml-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a073ff2d6f60d319212474b26295e2faeab06927317a907039f5600ac134ae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by