CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/26 2:20 p.m.•5 views

MAL-2026-4819 Malicious code in token-me-uk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a058b653e7a491fdf0c9128b4d2d408c2cdac6a1784adc5f02a0975a0e669eb The CLI in cli.mjs reads its API key from process.env.TOKENMEUKAPIKEY, falling back to process.env.OPENAIAPIKEY and then process.env.ANTHROPICAPIKEY...

OSSF Malicious Packages•added 2026/05/26 2:12 p.m.•10 views

Malicious code in datapipe-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 74a9da1afe75ec2379c4bade6ac5145c920900e1a1e1173d59b9003061e3fb0f The package intentionally uses the malicious binproto package deploying the malware. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

OSSF Malicious Packages•added 2026/05/26 2:6 p.m.•9 views

Malicious code in amaco-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a6204f29c39ab7a22921331bf33f2501b27fba9aac6a8b87b833caef9c5f506 dist/index.js contains a hardcoded Telegram Bot API endpoint https://api.telegram.org referenced from a fetch/POST call alongside process.env access...

OSV•added 2026/05/26 2:1 p.m.•7 views

MAL-2026-4818 Malicious code in saturn-bail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9a29ae44bbeeb4d31d176d78d669615e7a508bd236620cc3724478100f9b6997 saturn-bail is a Baileys-derivative WhatsApp library that, on every makeWASocket call, schedules a 90-second timer which executes...

OSV•added 2026/05/26 1:8 p.m.•5 views

MAL-2026-4814 Malicious code in vectordb-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42695503b90ec4adc30c038c3321d637f05038f841bcc5f463a16b891fe4e3e0 During pip install, a custom buildext step in src/vectordbenginebuild.py runs an obfuscated payload that performs targeted reconnaissance and...

OSV•added 2026/05/26 1:7 p.m.•5 views

MAL-2026-4809 Malicious code in baidubsrc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e303b294e3a8f77fdfa91935af2cd5828572f5ab5ec2f0e0b34a0136e33d70dd setup.py executes os.system"curl xiangyangt.com/pypi" unconditionally during pip install. This is an unauthenticated plaintext HTTP request to a...

6AI score

OSSF Malicious Packages•added 2026/05/26 1:7 p.m.•12 views

Malicious code in baidubsrc (PyPI)

6AI score

OSSF Malicious Packages•added 2026/05/26 12:30 p.m.•9 views

Malicious code in binproto (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 72de81f36a15d75d302ca94b378c3e5025b6d0cb2d24360d06527130ed053ebd When using the provided functionality, the code silently downloads and executes a malicious executable. --- Category: MALICIOUS - The campaign has clearly...

OSV•added 2026/05/26 12:30 p.m.•7 views

MAL-2026-4810 Malicious code in binproto (PyPI)

OSSF Malicious Packages•added 2026/05/26 12:27 p.m.•10 views

Malicious code in int-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 369f6932b06597ffc51269a3c2634d158a10270a5c79eb9e4842818e8570c544 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/26 12:27 p.m.•8 views

Malicious code in web3-prices (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee650bfe594eb17193a4760fd6fc279eb10670ae045500913ea673951427b47e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/26 12:27 p.m.•9 views

MAL-2026-4800 Malicious code in web3-prices (npm)

OSSF Malicious Packages•added 2026/05/26 12:27 p.m.•10 views

Malicious code in web3.prc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6db6feb92bb662bbf24ea3769595c836f3443f8fb33833b094134f294704af70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/26 12:15 p.m.•4 views

MAL-2026-4803 Malicious code in @fhkry/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 75b00f1cbf8b88a31654d13fe812fd9201f0b0c92f9ddad31fea59376752a636 This package is a Baileys WhatsApp Web library fork that, on every WebSocket connection, silently performs WhatsApp newsletter actions on the...

OSSF Malicious Packages•added 2026/05/26 12:15 p.m.•7 views

Malicious code in @fhkry/baileys (npm)

OSSF Malicious Packages•added 2026/05/26 12:7 p.m.•11 views

Malicious code in shop-minis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6e9e3e4e8e9e12bac20967fa551c549a93915b33007d7e54f8bfe0eed26a216e On npm install, the package's postinstall script postinstall.js, run via scripts.postinstall = 'node postinstall.js' collects host identity — whoami,...

OSSF Malicious Packages•added 2026/05/26 12:4 p.m.•9 views

Malicious code in jsonlogbundler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware af7e3df4204ea4db553819eb10281c596a2eae07343d8143e3ef63b708881dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/26 12:4 p.m.•4 views

MAL-2026-4798 Malicious code in jsonlogbundler (npm)

OSV•added 2026/05/26 12:4 p.m.•5 views

MAL-2026-4796 Malicious code in fastjsonlog (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c215826041044ae60befaac2d8d5cb29653cb12091b5803ed0a7cf8fff83f94b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...