Lucene search
K

6 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:42 a.m.7 views

Malicious code in base62-86x (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 811002816e7f72588c7c6540b088af5c44b8280574e43dbaeef4701fe377fe9f Package impersonates the legitimate base-x/base62 library by Daniel Cousens name base62-86x, homepage pointing at cryptocoinjs/base-x, identical sour...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/05/25 2:50 p.m.8 views

MAL-2026-4519 Malicious code in chromestaff-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d5fad12014025f37f607a61051a445262f37bcee6682850dfd77cc0dcb0b486 chromestaff-baileys is a fork of the Baileys WhatsApp library that, on every successful WhatsApp connection, silently forces the connected user's...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/05/20 1:18 a.m.8 views

MAL-2026-4443 Malicious code in @shinzepelly/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957954ced5e6fb2e8ab6a666adf496ca2edc7575a4e202b593d6698b5d89809f Package impersonates the legitimate libsignal-node library description copied verbatim: "Open Whisper Systems' libsignal for Node.js" under an...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/11 7:23 p.m.9 views

Malicious code in apkeep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d545ff7c3c178485cfb49d0028c4c808e67d0ee0fddcb4b7b195c943bb07d888 The package pretends to be a fork of a legitimate Rust library and uses the identity of the original authors. During usage, the obfuscated code targets...

5.8AI score
Exploits0References2
Snyk
Snyk
added 2025/12/08 4:0 p.m.2 views

Malicious Package

Overview github.com/bpoorman/uid is a malicious package. This package contains malicious code and uses typosquatting to trick users into downloading and installing it instead of the legitimate uuid package. The malicious payload attempts to exfiltrate sensitive data via the Valid function, which...

9.8CVSS7AI score
Exploits0References2
OSV
OSV
added 2021/05/17 10:15 p.m.13 views

CVE-2020-24755

In Ubiquiti UniFi Video v3.10.13, when the executable starts, its first library validation is in the current directory. This allows the impersonation and modification of the library to execute code on the system. This was tested in Windows 7 x64/Windows 10 x64...

7.8CVSS7.2AI score
Exploits0References1
Rows per page
Query Builder