CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/14 3:49 p.m.•3 views

Malicious code in mrgn-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16fe2927853a543269a7eb66273bfea477dd040bc2e90f40d9b3642e9d138f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

OSV•added 2026/03/16 3:51 p.m.•1 views

MAL-2026-1475 Malicious code in delta666 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb8eaa59df9b36fbda7fdbb9f429aa77b3dd4ce913b22d3e1f7991750136306a The package delta666 was found to contain malicious code. Source: ghsa-malware ed1b6c9a5c4e82e4f1f205e90a5ac9c271dccbf998e06ed81199102594e23d0f Any...

5.7AI score

OSSF Malicious Packages•added 2026/03/03 4:8 a.m.•4 views

Malicious code in solongnerds (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4924a4f78f84d4b49d96f2ced7769ac484017ae28bb6fe63f94e937b199222f The package solongnerds was found to contain malicious code. Source: ghsa-malware 5ef9463bd7feaee40d35efb13e75f19b54fd802eeb788cddc3cbbd1ba90b2ba4 An...

5.7AI score

OSV•added 2026/01/21 4:28 a.m.•2 views

MAL-2026-391 Malicious code in internallib_v962 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9664f22a915362fceed28ec2e15ea4bfbc16dbdd91cb358cba05ef247fec36a5 The package internallibv962 was found to contain malicious code. Source: ghsa-malware 1e08ba6555343cafd51a03a186572eaf33065999ee721770a8d507645826dfd...

5.5AI score

OSSF Malicious Packages•added 2025/12/19 4:20 p.m.•6 views

Malicious code in sonia3-npm-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 339534853ebcb623a903a0515ab9ae854edaac8fdfec58d3edb454c501238d19 The package sonia3-npm-js was found to contain malicious code. Source: ghsa-malware 3b951ad6a6c46f78a032c0c93db496b6b13cfadccf178f195cd6c3f28531ed1e...

OSSF Malicious Packages•added 2025/11/24 1:38 p.m.•3 views

Malicious code in @seung-ju/react-hooks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4adf0b1f6ebc35246707044936c68dfe237eb92c6e65e24e87383fcfb2dbe55f The package @seung-ju/react-hooks was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/11/24 1:18 p.m.•3 views

Exploits0References4

Malicious code in @ensdomains/eth-ens-namehash (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0009bf3870d33e9e174ce53fe0a281b43402e1f8b78f62e6cd296ad8f082588 The package @ensdomains/eth-ens-namehash was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/10/29 11:12 p.m.•2 views

Exploits0References4

Malicious code in xo-ui-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58815a099f64599f6c8c7778c42dc78094abeace3c685c538fe1ee5604b86818 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/29 10:47 p.m.•3 views

Exploits0References2

Malicious code in xo-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a2dc971622a44de97536e68fb7287ef32a7a1bdabe0d0386eadf248219cea54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/29 10:46 p.m.•3 views

Exploits0References2

Malicious code in @acme-types/acme-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1b754e0118dde98a24e6f1ea46eb2ed30d7b59cd938fbc627e6dc4429251482 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/29 10:46 p.m.•2 views

Exploits0References4

Malicious code in prefer-arrow (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd4c923d3d6c399e77c6af5aa1cbd1e4712cb7bd89045f7ad31667227e6e3bd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/28 2:10 a.m.•2 views

Exploits0References2

Malicious code in @jameson777/mytest8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b156e6ec35304232881859a1a11917ad7244fcea63f2683ef1a381098858d9d The package @jameson777/mytest8 was found to contain malicious code. Source: ghsa-malware...

OSSF Malicious Packages•added 2025/10/24 2:13 a.m.•3 views

Exploits0References3

Malicious code in tenantadm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ce8c0c0c24aa09e7e543bac2dca10d2642ad336d071e8bc5ffac9be251ff10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/24 2:13 a.m.•2 views

Malicious code in mender-setup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95b2a0aeb7e210157ad59facfa9c0e679873c34a71078e93e3410440365970a9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/13 3:1 a.m.•2 views

Malicious code in mad-8.2.1.2.2.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1fd4259c0de84b69ec4997af8ecf958bef9b6dd06c7ed580c56cfdb9baedc2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/10/07 4:11 a.m.•4 views

Malicious code in eslint-plugin-consumerweb (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5f0908b28feb167dcbd08913b9ddf69ed6e3dab2f79a88d0b757e0869acb4e55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/09/25 4:10 a.m.•1 views

Exploits0References3

MAL-2025-47540 Malicious code in @sev-ui-verse/invoice-models (npm)

The package @sev-ui-verse/invoice-models was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f330a934831b8458a3b0de11c4efd1a661b00d1e2b7df7aa32b18a2278b789f3 Any computer that has this package installed or running should be considere...

OSV•added 2025/09/11 1:30 p.m.•1 views

Exploits0References3

MAL-2025-47078 Malicious code in mongose-ci (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1880a71882771a0b6b447fc3c6c5990ae665d189d01f143b84684d99c0015a63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/07/15 1:0 a.m.•2 views

Malicious code in vitejs-plugin-refresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 243a4e663f29ec03aed634b87165dccaf6f345b2e1c92479b95ef6fd28474ba5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...