CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/25 7:6 a.m.•8 views

MAL-2026-4292 Malicious code in chai-as-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d87a23a90feef04b46f1303ee97b40bb0fe23007381ac6f19e566b038ff83b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/25 7:6 a.m.•7 views

Malicious code in chai-as-buffer (npm)

OSV•added 2026/05/25 7:6 a.m.•5 views

MAL-2026-4293 Malicious code in chai-as-float (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 57fa3a7c5d47c518f43c819b91f8ae0bbdffbcf6fce42a1ebbce89e7d9c29199 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/25 7:6 a.m.•7 views

Malicious code in chai-as-float (npm)

OSV•added 2026/05/25 5:27 a.m.•5 views

MAL-2026-4754 Malicious code in heims (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33e7dda6f116113ebe2bd1ae1ec5238d66f8ada8a87e69a90e49aac1f4eb3f57 The package's WechatUtil.gettoken in src/heims/utils/wechat/wechatutil.py hardcodes a POST to https://token.zhangjianpeng.cn/ with md5appid and...

OSSF Malicious Packages•added 2026/05/25 5:27 a.m.•6 views

Malicious code in heims (PyPI)

OSSF Malicious Packages•added 2026/05/25 4:23 a.m.•7 views

Malicious code in @refactco/refact-os (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 072881a1fd9241acfcd601ad5387b0338a26ff4828763658c3840b43a3cedb1c Running this package's refact-os init CLI scaffolds AI-editor hook configurations .claude/settings.json, .cursor/hooks.json and copies two Python hoo...

OSV•added 2026/05/25 1:49 a.m.•4 views

Exploits0References4

MAL-2026-4623 Malicious code in npm-builderio-qwik-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11a743cdce28dd141d636ff13baaee44df53fbaaed17efdc5a7380281b7097e1 The package's main entry index.js is a working browser exploit, not a library. When loaded in a DOM context, it creates a hidden iframe pointing at...

OSV•added 2026/05/25 1:25 a.m.•9 views

Exploits0References5

MAL-2026-4291 Malicious code in pylogkt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa1c9e5bf0ffd994f076a4a76395b5bcccd2716229439910912bd49aaf52f903 The package masquerades as a logging utility but every call to its logging API log.info/debug/etc triggers Logger.log, which on macOS hosts paths...

6.3AI score

OSV•added 2026/05/25 12:32 a.m.•5 views

MAL-2026-4473 Malicious code in @zizie071/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d5096096e7e958916c5449a7480949135e6af5cd9acd4e1b1edab8c331163 On require, index.js schedules install.js which locates the installer's @whiskeysockets/baileys package on disk and overwrites lib/Socket/newsletter....

OSSF Malicious Packages•added 2026/05/24 6:54 p.m.•9 views

Malicious code in shiroai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cde2f64fd59e62071433f92eab83a4817f0b306ff1735aa8c31ae31dcaf9830 shiroai is advertised as a CLI where the installer authenticates with their own API key via shiroai login . In practice, cli.js ignores any...

OSV•added 2026/05/24 6:54 p.m.•11 views

Exploits0References6

MAL-2026-4669 Malicious code in shiroai (npm)

OSSF Malicious Packages•added 2026/05/24 4:52 p.m.•6 views

Exploits0References6

Malicious code in whatsfly-labfox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44d4a24d293f810bd11587936b79a835fb0671b7af961328f836d57c7b0c4514 Runtime observations from install-time sandbox execution of the package...

OSV•added 2026/05/24 4:52 p.m.•5 views

Exploits0

MAL-2026-4776 Malicious code in whatsfly-labfox (PyPI)

Snyk•added 2026/05/24 3:36 p.m.•5 views

Exploits0

Malicious Package

Overview build-scripts-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

OSSF Malicious Packages•added 2026/05/24 7:26 a.m.•7 views

Malicious code in wallet-agent-ai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bb49d047eeab68307095cf3a30ff0d42d745855890f181e4cb53dc2f6903e91 dist/agent.js contains a hardcoded Telegram Bot API endpoint https://api.telegram.org used in a fetch/POST call near references to process.env. The...

OSSF Malicious Packages•added 2026/05/24 6:5 a.m.•8 views

Malicious code in harness-skil (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e03ab8467953cd2233e07e792a33c7df7be2c99c66da3b814538a169337b93e6 The package's install.js wired to an npm install lifecycle hook requires childprocess, fs, and https, then issues an https.get to a...