Lucene search
K

191 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago7 views

Malicious code in eth-react-redirection (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbd414dae34760c2eda09d2093a62a14d694f759350676e88229319a16594e78 On require, index.js calls callCallerAsOrigin which spawns lib/caller.js as a detached, stdio-ignored child process spawnprocess.execPath, script,...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago8 views

Malicious code in fury_frontend-andes-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29bea4f118854efa6568545722d7210a76e06e64cad4036e0cc0b45c45aafe37 The package's postinstall hook auto-executes index.js on npm install. The script collects the installer's OS username os.userInfo, current working...

6AI score
Exploits0References2
OSV
OSV
added 2026/07/07 12:0 a.m.2 views

MAL-2026-7012 Malicious code in express-mongo-limit (npm)

The npm package express-mongo-limit masquerades as an Express/MongoDB payload sanitization middleware likely typosquatting express-mongo-sanitize but is a credential stealer, remote-code-execution backdoor, crypto clipboard hijacker, and screenshot spyware. It declares a postinstall: node index.j...

6.2AI score
Exploits0References8
The Hacker News
The Hacker News
added 2026/07/01 5:18 p.m.25 views

VEIL#DROP Malware Chain Uses Blogger Platform to Deliver PureLogs Stealer

Cybersecurity researchers have flagged a new multi-stage malware delivery attack chain that uses social engineering and Blogger pages to deliver an information stealer called PureLogs. The activity has been codenamed VEILDROP by Securonix. It's suspected that the initial payloads are distributed...

6.1AI score
Exploits0
EUVD
EUVD
added 2026/06/26 12:32 a.m.5 views

EUVD-2026-39595

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00149EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/25 11:23 p.m.8 views

CVE-2026-13318

A server-side request forgery SSRF flaw was found in KubeVirt's virt-api port-forward handler. When processing a port-forward request to a VirtualMachineInstance VMI, virt-api reads the target IP from vmi.Status.Interfaces0.IP and passes it directly to net.Dial without validation. For VMIs using...

6.4CVSS6AI score0.00149EPSS
Exploits0References3
OSV
OSV
added 2026/06/25 6:11 p.m.5 views

MAL-2026-6468 Malicious code in ts-opus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b0105b34723dd6e1449c3353d1d4df0dcf94ae460a4dfd156566bb4ba372c7 ts-opus 0.0.8 ships an unmodified copy of MikeMcl/big.js README, copyright, and repository URL all reference big.js but injects an additional top-lev...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.7AI score0.00136EPSS
Exploits0References6
OSV
OSV
added 2026/06/25 8:39 a.m.2 views

CVE-2026-53188 RDMA/core: Validate the passed in fops for ib_get_ucaps()

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References6
CVE
CVE
added 2026/06/25 8:39 a.m.7 views

CVE-2026-53188

The CVE-2026-53188 entry concerns a Linux kernel RDMA/core flaw where fops passed to ib_get_ucaps() could be spoofed via a block device sharing a dev_t with a character device (char/block alias). The root cause is insufficient validation of f_ops, allowing a local attacker with access to device n...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

5.8AI score0.00136EPSS
Exploits0References4Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/25 6:43 a.m.8 views

Malicious code in bs58-86 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 057e2e470e0bc9dbfd2ff37955c0c7d051cca944025b9d62c882ffc98c4434e5 Package [email protected] reproduces the name, README, repository URL cryptocoinjs/bs58, and exported API of the widely-used bs58 base58 encoding library...

6.2AI score
Exploits0References3
OSV
OSV
added 2026/06/19 3:3 p.m.10 views

MAL-2026-6211 Malicious code in @apiwizards/auth-middleware (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 718ca10ce0670edf6756b4ff0bd05e43526ebd516396a34074acf844116e7254 @apiwizards/[email protected] ships a single heavily obfuscated index.js obfuscator.io string-array with 317 entries, RC4+base64 decoder,...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/18 4:9 a.m.9 views

MAL-2026-6098 Malicious code in stackus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a8032b910c8971e79e7d8b0e250ce4d61fd2a2206d6b319a5aed50e32490456 On require, lib/writer.js loaded transitively from the package's main pino.js collects the installer's full process.env together with host identifier...

5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:9 a.m.12 views

Malicious code in stackus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a8032b910c8971e79e7d8b0e250ce4d61fd2a2206d6b319a5aed50e32490456 On require, lib/writer.js loaded transitively from the package's main pino.js collects the installer's full process.env together with host identifier...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/16 7:46 p.m.8 views

MAL-2026-5925 Malicious code in motion-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dec07d83d6427eb2c76e0ab74e5f31f424e769c187e6d48df0de3575df2e176 [email protected] masquerades as a pino-style logger exports module.exports.pino, ships proto.js/multistream.js/transport.js/redaction.js/levels.js,...

6.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 3:2 a.m.17 views

Malicious code in vitest-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39810890a1ffc946b3da439738fb619eab1613a775a308d6f248b80b38ce5603 Package vitest-pro is a namespace-abuse lure: its name suggests a vitest extension, but its source tree, README, and main entry lib/nodemailer.js are...

5.3AI score
Exploits0References2
OSV
OSV
added 2026/06/16 3:1 a.m.11 views

MAL-2026-5860 Malicious code in solana-js-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 855cf386497f33e21db48ae8b87c769fd777f52b585f3d8d5f276fd4c9d42628 Package masquerades as a 'Drop-in replacement for @solana/web3.js' and lists its author as 'Solana Labs Maintainers ' to impersonate the legitimate...

5.4AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 3:5 a.m.12 views

Malicious code in sensivity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef8c17866ac1aee489e207f2a4cdb2eefbd17336edd0398b34c40ee5c69a8ef5 On require/import package main is launcher.js with no install hook, the package performs the following without consent: 1 Persistence — runs PowerShe...

5.6AI score
Exploits0References71
OSV
OSV
added 2026/06/11 3:5 a.m.13 views

MAL-2026-5558 Malicious code in sensivity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef8c17866ac1aee489e207f2a4cdb2eefbd17336edd0398b34c40ee5c69a8ef5 On require/import package main is launcher.js with no install hook, the package performs the following without consent: 1 Persistence — runs PowerShe...

5.6AI score
Exploits0References71
Rows per page
Query Builder