CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/12 7:2 p.m.•10 views

MAL-2026-5703 Malicious code in eslint-plugin-mistica-local-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1d21f50741178986b63d1f330373131c2f3f502a5b94e76ca921ce185fab123 package.json declares a preinstall hook that runs index.js automatically on npm install. index.js collects host identity os.hostname, os.platform,...

5.3AI score

OSSF Malicious Packages•added 2026/06/12 7:2 p.m.•8 views

Malicious code in eslint-plugin-mistica-local-rules (npm)

5.3AI score

OSSF Malicious Packages•added 2026/06/11 3:14 a.m.•8 views

Malicious code in @403name/ether-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 927758f43d6eaa6514273bd8ab8f3559624055b9bbf8c9ef9a190b645c0a6eef On require'@403name/ether-js', index.js runs an IIFE that targets macOS only returns early on non-darwin and when CI/GITHUBACTIONS env vars are set,...

6.3AI score

OSSF Malicious Packages•added 2026/06/09 5:44 p.m.•9 views

Malicious code in checkout-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f6add4dfcaaf79ce107ac8026032b47540def183a121be2266891644c90f10c8 Package replicates the API surface of an internal Exodus package generateMnemonicSigningKeys, signDirectPaymentMultiChain, signCapture, signRefund,...

5.3AI score

vulnersOsv•added 2026/06/04 12:25 p.m.•5 views

mimic-kit (>=0.1.0 <=0.1.1), modelscope (>=1.9.0 <=1.9.1) +3 more potentially affected by CVE-2026-10801 via ms-swift (>=1.3.0 <=4.2.2)

ms-swift PYPI version =1.3.0, =0.1.0, =1.9.0, =1.3.0, =0.0.1, =0.1.2, =0.1.3 Source cves: CVE-2026-10801 Source advisory: SNYK:PYTHON-MSSWIFT-17152951...

3.6CVSS5.5AI score0.00075EPSS

Exploits0

OSSF Malicious Packages•added 2026/05/26 6:25 a.m.•13 views

Malicious code in ether-bn.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cc5567869e3d616af151887f680ef13bf23f8a19fe5978343254b921c1c7c73 Package name 'ether-bn.js' resembles the widely-used 'bn.js' big-number library, and the README directs users to install yet another name...

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•8 views

Malicious code in warp-contracts-plugin-deploy-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac3a02c9f004d72f8975e0e93fb0810818b509cf295cf9a567c882afaf9a7444 Package name warp-contracts-plugin-deploy-test mimics the legitimate warp-contracts-plugin-deploy and copies its public API surface lib/cjs/index.js...

OSSF Malicious Packages•added 2026/05/25 3:26 p.m.•14 views

Malicious code in jsontoken-extend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59a8a8ab722d33bdd2ea25422aaf7e607a1b1a881446c3561ec8225fb9187742 On require/import of jsontoken-extend, sign.js executes a top-level IIFE that base64-decodes a hardcoded string to https://www.jsonkeeper.com/b/XAMRK...

6.5AI score

OSV•added 2026/05/25 3:26 p.m.•7 views

MAL-2026-4592 Malicious code in jsontoken-extend (npm)

6.5AI score

OSSF Malicious Packages•added 2026/05/25 3:7 p.m.•9 views

Malicious code in web-dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edd19476eeb1c31707abe6fac6f52dbd1950a0dc25f4854ea5269d6400f8ea37 web-dotenv impersonates the widely-used dotenv package: its package.json copies dotenv's repository git://github.com/motdotla/dotenv.git and homepage...

5.6AI score

OSSF Malicious Packages•added 2026/05/24 2:47 a.m.•13 views

Malicious code in license-checker-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 66ac93280c5fc72f65d15486a69369e4d2c2b289fa6f062a6643b63137fc6aa9 Package name mimics the widely-used license-checker while shipping an undocumented lib/compliance.js module that harvests credentials. The module sca...

5.8AI score

OSSF Malicious Packages•added 2026/05/22 3:22 p.m.•12 views

Malicious code in midcorp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc6725ed066ed5aff9452bd82d278fd89c1548768124d8b89cb8e5a5e8c3b05a The package masquerades as a pino-compatible logger package.json keywords fast/logger/stream/json, exports module.exports.pino = middleware, lib...

5.8AI score

OSSF Malicious Packages•added 2026/05/20 6:33 p.m.•11 views

Malicious code in cb-wallet-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d704c0a6a48da0e2fef8eddcd1f98e7d380c3e19f22753f3df51d9893f60ce Package name mimics Coinbase's internal cb-wallet- namespace to capture dependency-confusion resolutions. On npm install postinstall.js and on...

5.8AI score

OSSF Malicious Packages•added 2026/05/20 1:22 a.m.•11 views

Malicious code in polymarket-clob-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e0a3a7bbeb25fb478d59cdd4b62ebb34c13e8e236505813660e81abf61e74ec The package is published as polymarket-clob-client, an unscoped lookalike of the legitimate @polymarket/clob-client maintained by Polymarket, but the...

OSSF Malicious Packages•added 2026/05/19 9:36 p.m.•10 views

Malicious code in pycalendar-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bda873c38a1eee9ecea320371b0473466144f2bd41bc778dff8510cb5dcf4b5f pyproject.toml line 8 declares httpxyz as a runtime dependency dependencies = 'httpxyz',..., and pycalendarapi/utils/httpclient.py imports httpxyz an...

OSV•added 2026/05/19 9:36 p.m.•10 views

MAL-2026-4764 Malicious code in pycalendar-api (PyPI)