CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2025/09/11 1:30 p.m.•3 views

Malicious code in mongose-ci (npm)

6.9AI score

Snyk•added 2025/09/11 1:30 p.m.•1 views

Malicious Package

Overview mongose-ci is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score

Exploits0References2

OSV•added 2025/08/29 6:55 p.m.•1 views

MAL-2025-42025 Malicious code in mongose-cli (npm)

The package mongose-cli was found to contain malicious code...

OSSF Malicious Packages•added 2025/08/29 6:55 p.m.•2 views

Malicious code in mongose-cli (npm)

The package mongose-cli was found to contain malicious code...

OSSF Malicious Packages•added 2024/02/15 12:23 p.m.•2 views

Malicious code in ts-patch-mongose (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51bc93e8c8d28afed9e08e35605df0343e47bb7e02ccd33e5f7cb1f56c7099ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/02/15 12:23 p.m.•7 views

MAL-2024-1005 Malicious code in ts-patch-mongose (npm)

7.2AI score

vulnersOsv•added 2018/10/10 5:28 p.m.•2 views

cucumber-html-reporter-common-functions (>=1.0.24 <=1.0.32), cucumber-report-generator (=1.0.3) +10 more potentially affected by CVE-2017-16077 via mongose (=0.0.2-security)

mongose NPM version =0.0.2-security is affected by a known vulnerability. The following packages have a transitive dependency on mongose and may be impacted: - cucumber-html-reporter-common-functions =1.0.24, =1.0.0, =1.0.7, =1.0.58, =1.0.12, =1.0.17, =1.1.11 - owltech =1.0.0 - reports-server...

7.5CVSS7.1AI score0.00257EPSS

Exploits1

CNVD•added 2018/06/13 12:0 a.m.•2 views

Unspecified vulnerability in mongose

mongose is an embedded web server. A security vulnerability exists in mongose. An attacker can exploit this vulnerability to steal environment variables...

7.5CVSS7.6AI score0.00257EPSS

Exploits1References1

OpenVAS•added 2018/06/12 12:0 a.m.•72 views

Malicious JavaScript Package Detection

Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

10CVSS7.3AI score0.17051EPSS

Exploits4References101

Prion•added 2018/06/07 2:29 a.m.•9 views

Code injection

mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm...

5CVSS7.4AI score0.00257EPSS

Exploits1References1

CVE•added 2018/06/07 2:0 a.m.•52 views

CVE-2017-16077

CVE-2017-16077 concerns the npm package named mongose, described across multiple sources as malware that steals environment variables and exfiltrates them to attacker-controlled locations. The package was unpublished from the npm registry, and advisories emphasize removal from affected environmen...

7.5CVSS7.4AI score0.00257EPSS

Exploits1References1Affected Software1

The Hacker News•added 2011/07/09 7:44 a.m.•3 views

808 Indian Websites Hacked By ZHC MongOse & ZHC Toshiro

808 Indian Websites Hacked By ZHC MongOse & ZHC Toshiro ZHC TOSHIRO & ZHC MONGOOSE from ZHCZCompany Hacking Crew defaced more that 808 Indian Websites to deliver the message Regarding their Protest in Kashmir. Check here for message and Hacked sites list. There are most of Corporate websites in...

The Hacker News•added 2011/07/09 7:44 a.m.•12 views

808 Indian Websites Hacked By ZHC MongOse & ZHC Toshiro

6.7AI score