CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/04/08 11:45 a.m.•2 views

MAL-2026-2513 Malicious code in gprofiler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4de7c58d59c5e16064d8ecf21d0f57675869c93be663ac27da95d040be7d0aff The package gprofiler was found to contain malicious code. Source: ghsa-malware 42c93390009c40d727cdfd4fedc3b160ff5e7e8730ec94ff196022996855d39c Any...

Snyk•added 2026/04/08 6:27 a.m.•0 views

Embedded Malicious Code

Overview @fairwords/websocket is a WebSocket Client & Server Implementation for Node. Affected versions of this package are vulnerable to Embedded Malicious Code that mirrors the TeamPCP LiteLLM technique. What the postinstall payload does: - Harvests environment variables matching 40+ patterns...

9.8CVSS5.8AI score

Exploits0References2

CNVD•added 2026/04/08 12:0 a.m.•3 views

OpenClaw Authorization Problem Vulnerability (CNVD-2026-16621)

OpenClaw is a command line tool for rights management. A security vulnerability exists in versions of OpenClaw prior to 2026.3.11, which stems from the failure of the system.run approval function to properly bind variable file operands for specific script runners such as tsx, jiti, and others. An...

9.4CVSS5.8AI score0.00179EPSS

Exploits0

Snyk•added 2026/04/07 11:11 p.m.•2 views

Embedded Malicious Code

Overview @velora-dex/sdk is a SDK for the Velora API Affected versions of this package are vulnerable to Embedded Malicious Code that delivers a malicious payload through dist/index.js. An attacker uploaded a compromised version of the package directly to the npm registry. The payload runs a...

9.8CVSS5.9AI score

Exploits0References2

OSSF Malicious Packages•added 2026/04/07 4:1 p.m.•8 views

Malicious code in strapi-plugin-cache (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 322f1a7c9723db125a9be39dcb3f897ca2f65146b7b71874bb3ec26a4825d521 The package strapi-plugin-cache was found to contain malicious code. Source: ghsa-malware...

OSV•added 2026/04/07 4:1 p.m.•1 views

MAL-2026-2504 Malicious code in strapi-plugin-cache (npm)

OSV•added 2026/04/07 12:16 p.m.•2 views

MAL-2026-2505 Malicious code in @aspect-security/argon2 (npm)

The package performs data exfiltration, arbitrary command execution in preinstall script. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b426577fc5361773d25297fdb9fce28835e15d9ab86909c6652f5c1b71c4e543 The package @aspect-security/argon2 was found to contain...

6AI score

OSV•added 2026/04/07 7:43 a.m.•3 views

MAL-2026-2871 Malicious code in devkitx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 533ba14fdd7bd4a9722b6958993e6814b7f5b492ed9664250012deab8161401b The package devkitx was found to contain malicious code. Source: ghsa-malware 6344b4de933cb52dfd12ac4a38d68b3ea57498248f6cb291252a1a56d9963b55 Any...

5.6AI score

OSV•added 2026/04/06 4:7 p.m.•3 views

MAL-2026-2526 Malicious code in request-js-validator (npm)

Copy of 'request' library with injected payload. Spawns detached child process that fetches stage-2 and executes via new Function.constructor'require', payload. Same pattern as express-session-js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

OSV•added 2026/04/06 9:23 a.m.•3 views

MAL-2026-2499 Malicious code in nerite-security-audit (npm)

Collects and exfiltrates sensitive data env vars, SSH keys, keystores, history via HTTPS and DNS. Suspicious domain and disabled SSL validation. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87776a4e480d244c862e76238cd498aa49bd919403dad6de21a85326d6b451ed The...

OSSF Malicious Packages•added 2026/04/06 9:20 a.m.•7 views

Malicious code in totally-safe-util (npm)

Multiple suspicious behaviors: postinstall script, hex obfuscation, OS command execution to open a Rickroll, and attempt to hide execution. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d45a8a1395a8ff66e2ea74cacd9d8de0ebaa9e88e0170a6907b3e4861a2acc5 The packa...

6AI score

OSSF Malicious Packages•added 2026/04/06 9:18 a.m.•11 views

Malicious code in df-sandbox-test (npm)

Multiple evidences indicate malicious behaviors: data exfiltration, sensitive file access, obfuscated code, and suspicious network connections. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 97761ee82976dcee2c3d8438258e8ace733bec2d2c7e1020035e9e390f9fa02f The...

OSV•added 2026/04/06 9:18 a.m.•4 views

MAL-2026-2498 Malicious code in df-sandbox-test (npm)

EUVD•added 2026/04/05 9:30 p.m.•2 views

EUVD-2019-20087

Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inject script tags through the cateid parameter in categorysearch.php or SQL code through the view...

8.8CVSS6.2AI score0.00465EPSS

Exploits1References4

RustSec•added 2026/04/05 12:0 p.m.•9 views

`logtrace` was removed from crates.io for malicious code

logtrace appeared to be downloading a RAT. The malicious crate had 2 versions published on 2026-04-01 that had a total of 30 downloads. There were no crates depending on this crate on crates.io. Thanks to Socket.dev for detecting and reporting this to the crates.io team!...

OSV•added 2026/04/05 12:0 p.m.•4 views

Exploits0

RUSTSEC-2026-0081 `logtrace` was removed from crates.io for malicious code

OSSF Malicious Packages•added 2026/04/05 9:3 a.m.•5 views

Exploits0References2

Malicious code in @needl-ai/common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e1b98ae2755d0fd7d61bc3dfd378dc1bad2eadf7ef0033ba66bbf1383a711e5c The package @needl-ai/common was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score

OSV•added 2026/04/05 9:3 a.m.•3 views

MAL-2026-2716 Malicious code in @needl-ai/common (npm)

5.7AI score