CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

15 matches found

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-124875

Malicious code in miranda-nconf-package-puppeteer npm...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-124594

Malicious code in nconf-procyon-postcss-ora npm...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-123939

Malicious code in passport-io-gatsby-nconf npm...

OSV•added 2025/11/12 4:29 a.m.•1 views

MAL-2025-145043 Malicious code in miranda-nconf-package-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4861844fae84d7b05a5030f56b0acc16628a4c8ba3f5d874c50d0f49d20539dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-124598

Malicious code in nconf-nodemon-start-postcss npm...

OSSF Malicious Packages•added 2025/11/12 4:29 a.m.•2 views

Malicious code in miranda-nconf-package-puppeteer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4861844fae84d7b05a5030f56b0acc16628a4c8ba3f5d874c50d0f49d20539dd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-115467

Malicious code in chalk-gemini-nconf-cz-conventional-changelog npm...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-112775

Malicious code in hexo-changelog-sagitta-nconf npm...

EUVD•added 2025/11/12 4:29 a.m.•1 views

EUVD-2025-115594

Malicious code in celeste-markdown-event-nconf npm...

OSV•added 2025/11/12 4:29 a.m.•0 views

MAL-2025-145323 Malicious code in nconf-pm2-betelgeuse-hugo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 579c08e42060107bc857e3612f24ebab9512e18086d759797eb7b738dd5ee1a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-124601

Malicious code in nconf-hercules-prettier-stylelint-slides npm...

EUVD•added 2025/11/12 4:29 a.m.•2 views

EUVD-2025-111135

Malicious code in mini-css-extract-plugin-meteor-capella-nconf npm...

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-1659

Malicious code in bioql PyPI...

7.5CVSS8.1AI score0.00636EPSS

Exploits1References11

OSV•added 2022/04/12 4:15 p.m.•22 views

CVE-2022-21803

This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted...

7.5CVSS6.5AI score

Exploits0References4

ATTACKERKB•added 2022/04/12 3:19 p.m.•2 views

CVE-2022-21803

This affects the package nconf before 0.11.4. When using the memory engine, it is possible to store a nested JSON representation of the configuration. The .set function, that is responsible for setting the configuration properties, is vulnerable to Prototype Pollution. By providing a crafted...

7.5CVSS7.1AI score0.00636EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by