CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

283 matches found

OSSF Malicious Packages•added 2026/04/24 1:35 a.m.•8 views

Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

OSV•added 2026/04/24 1:35 a.m.•3 views

MAL-2026-3028 Malicious code in amplitude-ma-ts (npm)

npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...

EUVD•added 2025/11/12 7:18 p.m.•0 views

EUVD-2025-143259

Malicious code in anita-manahudat-ma npm...

OSSF Malicious Packages•added 2025/11/12 7:18 p.m.•3 views

Malicious code in anita-manahuddat-ma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b3de13d54ba9842e6d52f3da49c6c944ccad04b31de8f5a2ad44f9ae82e6955 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-143022

Malicious code in buis-suninna-ma npm...

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-143256

Malicious code in anita-manahuddat-ma npm...

EUVD•added 2025/11/12 7:18 p.m.•3 views

EUVD-2025-143255

Malicious code in anita-manhuat-ma npm...

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-143254

Malicious code in anita-manuat-ma npm...

EUVD•added 2025/11/12 7:18 p.m.•4 views

EUVD-2025-143146

Malicious code in buis-manis-ma npm...

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-140276

Malicious code in miands-ma-nuru npm...

EUVD•added 2025/11/12 6:9 p.m.•1 views

EUVD-2025-144454

Malicious code in hereis-ma-ta npm...

OSV•added 2025/11/12 4:47 p.m.•1 views

MAL-2025-160149 Malicious code in masako-ma-gunung (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c92d3a1b6ff70d760bec5f53ba28bb087419227a7503120d75b0f9e6d13af4b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:47 p.m.•3 views

Malicious code in ma-rasaaya-nurses (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb38a83e5a36ceb61bf8cebbdb056ebf8e0d4000d123a3c28b6d0c6331ad6e9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:47 p.m.•2 views

Malicious code in masako-ma-gunung (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c92d3a1b6ff70d760bec5f53ba28bb087419227a7503120d75b0f9e6d13af4b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:47 p.m.•3 views

Malicious code in uaragifa-ma-sauuf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca8bfb9c48532d86ec4c14b1e631556f67952a4f222d95c1df5a61c4eef900fe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

OSSF Malicious Packages•added 2025/11/12 4:47 p.m.•4 views

Malicious code in uaragifa-ma-sfu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2ce72cb833aa70a4e533f84cddf331ff853fc05a8443952a6c3f25cab5f7eb4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:47 p.m.•2 views

EUVD-2025-147282

Malicious code in uaragifa-ma-saf npm...

EUVD•added 2025/11/12 4:47 p.m.•0 views

EUVD-2025-147281

Malicious code in uaragifa-ma-safu npm...

EUVD•added 2025/11/12 4:47 p.m.•2 views

EUVD-2025-147280

Malicious code in uaragifa-ma-safufrat npm...

EUVD•added 2025/11/12 4:47 p.m.•2 views

EUVD-2025-147278

Malicious code in uaragifa-ma-safurt npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by