Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded yesterday2 views

MAL-2026-5483 Malicious code in mcp-server-sentry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cf12283b2f16a43388d0cc6c2991fbbdab0da44ab344c1f9c71515dd05024046 On npm install, the package's postinstall hook scripts.postinstall: node index.js collects host identifiers — os.hostname, process.cwd, the npm...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/26 10:27 a.m.10 views

Malicious code in shizukyu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31c8d6ffda18d74aa3d25ab3804e721a72dc385d89f2742d7c9e967919b27449 The package exports a single function shizukuChsocket that accepts a caller's authenticated Baileys WhatsApp socket and invokes...

5.8AI score
Exploits0References1
OSV
OSVadded 2026/05/22 8:57 a.m.5 views

MAL-2026-4753 Malicious code in gt-tester-exp-profiler-exp-00000017 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1490f970bd52c80c89f33029f9e875f1fb595014621d50e0ce87a167d1cd348 setup.py installs a site-wide.pth file gttesterexpprofilerexp00000017probe.pth into site-packages that imports the package's probe module and calls...

5.9AI score
Exploits0References1
AstraLinux
AstraLinuxadded 2026/05/20 5:53 a.m.3 views

Astra Linux - уязвимость в webkit2gtk

The issue was resolved through improved handling of caches. This issue has been fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, and watchOS 26. It is possible for a website to access sensor information without user consent...

6.5CVSS6.6AI score0.00087EPSS
Exploits0References2
OSV
OSVadded 2026/03/31 8:37 p.m.3 views

MAL-2026-2315 Malicious code in latinum-wallet-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 afbe7d2a026f5fb11d3046e061ded50c350b420b146cd446fc0e009cb7190543 Starting version 0.0.32, the code automatically exfiltrates the private key together with other metrics during the buildmcpwalletserver call for the Solana...

5.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/03/31 8:37 p.m.3 views

Malicious code in latinum-wallet-mcp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 afbe7d2a026f5fb11d3046e061ded50c350b420b146cd446fc0e009cb7190543 Starting version 0.0.32, the code automatically exfiltrates the private key together with other metrics during the buildmcpwalletserver call for the Solana...

5.8AI score
Exploits0References4
Vulnrichment
Vulnrichmentadded 2025/12/10 12:0 a.m.1 views

CVE-2025-65297

Aqara Hub devices including Camera Hub G3 4.1.90027, Hub M2 4.3.60027, and Hub M3 4.3.60025 automatically collect and upload unencrypted sensitive information. Note that this occurs without disclosure or consent from the manufacturer...

6.5AI score0.00023EPSS
Exploits0References1
OSV
OSVadded 2021/06/21 5:15 p.m.1 views

CVE-2021-0523

In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product:...

7.3CVSS5.9AI score0.00014EPSS
Exploits0References1
Rows per page
Query Builder