CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/21 9:36 a.m.•2 views

MAL-2026-4442 Malicious code in @shadowmd/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51bcabb5263ecf1f1259bd5969a921866dbb808da4fda7b9d7708baeb60c21e6 Package name and description impersonate the Open Whisper Systems libsignal-node library. On require, index.js schedules install.js, which locates an...

OSSF Malicious Packages•added 2026/05/21 8:54 a.m.•6 views

Malicious code in @hanssoft/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 063fa3a06df50a8c53c5eb05ac4d1214e6fa1edfb18d03c8484fa2014190659a Package name impersonates the well-known libsignal-node Signal Protocol library and ships a verbatim copy of its README, but the code is unrelated. O...

5.9AI score

OSV•added 2026/05/21 8:54 a.m.•3 views

MAL-2026-4393 Malicious code in @hanssoft/libsignal-node (npm)

5.9AI score

OSSF Malicious Packages•added 2026/05/20 1:18 a.m.•5 views

Malicious code in @shinzepelly/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 957954ced5e6fb2e8ab6a666adf496ca2edc7575a4e202b593d6698b5d89809f Package impersonates the legitimate libsignal-node library description copied verbatim: "Open Whisper Systems' libsignal for Node.js" under an...

Snyk•added 2026/04/17 2:11 p.m.•2 views

Malicious Package

Overview @than-xs/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.7AI score

OSV•added 2026/04/17 2:11 p.m.•0 views

MAL-2026-2848 Malicious code in @than-xs/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c613873d188e4ec1b5e30520478eb5e162c8f2b10cad3dd50e0973d9ca925034 The package @than-xs/libsignal-node was found to contain malicious code. Source: ghsa-malware...

vulnersOsv•added 2026/03/25 3:5 a.m.•2 views

@aokyra/baileys (=2.0.6), @arceos/baileys (>=10.0.0 <=10.0.4) +77 more potentially affected by unknown CVE via @shennmine/libsignal-node (=0.0.1-security)

@shennmine/libsignal-node NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on @shennmine/libsignal-node and may be impacted: - @aokyra/baileys =2.0.6 - @arceos/baileys =10.0.0, =0.1.1, =2.0.3, =1.0.0, =1.0.0, =1.0.3, =1.0.6,...

Snyk•added 2026/03/25 3:5 a.m.•1 views

Exploits0

Malicious Package

Overview @shennmine/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score

vulnersOsv•added 2026/03/25 3:5 a.m.•4 views

@aokyra/baileys (=2.0.6), @arceos/baileys (>=10.0.0 <=10.0.4) +77 more potentially affected by unknown CVE via @shennmine/libsignal-node (=0.0.1-security)

Snyk•added 2026/03/16 1:12 a.m.•1 views

Exploits0

Malicious Package

Overview @sheniraid/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

OSSF Malicious Packages•added 2026/03/16 1:12 a.m.•2 views

Malicious code in @sheniraid/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f232c1235fdee715d838e2f39abd6c3510308c313c075458df080ce28a4c26fa The package @sheniraid/libsignal-node was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/03/16 1:12 a.m.•1 views

MAL-2026-1452 Malicious code in @sheniraid/libsignal-node (npm)

OSV•added 2026/03/16 12:25 a.m.•0 views

MAL-2026-1439 Malicious code in @omhc/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8ea3d7c4e55ca61042360855fdfb951544cf58586c2f782e60ac9cef49c03a The package @omhc/libsignal-node was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2026/03/16 12:25 a.m.•1 views

Malicious code in @omhc/libsignal-node (npm)

OSSF Malicious Packages•added 2026/03/13 6:54 a.m.•1 views

Malicious code in @dinzid04/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 52c73bb6dd5e6b3ba149f8a95cc91deaa505ee81bbdc34eca6e16bd7d2cc1a2f The package @dinzid04/libsignal-node was found to contain malicious code. Source: ghsa-malware...

Snyk•added 2026/03/13 6:54 a.m.•4 views

Malicious Package

Overview @dinzid04/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score

OSSF Malicious Packages•added 2026/03/12 5:13 a.m.•2 views

Malicious code in @kinggupong/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c19c128fca5c3aacdbc42a4005ff6e5fac66da9fb811bf98788503f6dfd00eb The package @kinggupong/libsignal-node was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/03/12 5:13 a.m.•3 views

MAL-2026-1367 Malicious code in @kinggupong/libsignal-node (npm)

Snyk•added 2026/03/06 2:37 p.m.•1 views

Malicious Package

Overview @shenira/libsignal-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.8AI score