Lucene search
K

136740 matches found

OSV
OSV
added 2026/04/16 9:43 a.m.9 views

MAL-2026-2724 Malicious code in agdebugger-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be34269bebfc9203228b56604d750ac51bdf4f84cbf58141d3317fc45c8854ad The package agdebugger-frontend was found to contain malicious code...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 9:43 a.m.10 views

Malicious code in agdebugger-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be34269bebfc9203228b56604d750ac51bdf4f84cbf58141d3317fc45c8854ad The package agdebugger-frontend was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:42 a.m.5 views

MAL-2026-2723 Malicious code in actions-label-commenter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0834799a232c7e018eda35f3042f85750f8155d2ec47e2f935389be689671cf The package actions-label-commenter was found to contain malicious code...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 9:42 a.m.8 views

Malicious code in actions-label-commenter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d0834799a232c7e018eda35f3042f85750f8155d2ec47e2f935389be689671cf The package actions-label-commenter was found to contain malicious code...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 9:42 a.m.9 views

Malicious code in aca-review-apps (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4019ca27647236621668ae5e45dd104c23d60ad5b64fd5179ad09efda40cc345 The package aca-review-apps was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:42 a.m.5 views

MAL-2026-2720 Malicious code in aca-review-apps (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4019ca27647236621668ae5e45dd104c23d60ad5b64fd5179ad09efda40cc345 The package aca-review-apps was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:39 a.m.4 views

MAL-2026-2717 Malicious code in @tax-taxdev/tools-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37c3192cab77322b1ecf1742c4eda9aa9e5a6b495e3bf386284a15cf36365dcc The package @tax-taxdev/tools-scripts was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:34 a.m.7 views

MAL-2026-2713 Malicious code in @fuego-tools/analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8b13e975286ea5f50f12e176e5b9399e209b890fc03e8d5f890f02d83a52489 The package @fuego-tools/analytics was found to contain malicious code...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 9:28 a.m.7 views

Malicious code in @3stripes/toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4529c8ef3e0953799338bc7e0cc7d6ce4f1d8797b3e0984d362ebd26df6bec1c The package @3stripes/toolkit was found to contain malicious code...

5.7AI score
Exploits0
OSV
OSV
added 2026/04/16 9:28 a.m.5 views

MAL-2026-2703 Malicious code in @3stripes/components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 31ba4725ff03b9b0a4645734fca9af46fbd145e147f7fb7ee0942853c425f53f The package @3stripes/components was found to contain malicious code...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/16 12:46 a.m.6 views

1router (>=0.3.96 <=1.0.2), 9router-custom (=0.3.55) +2167 more potentially affected by CVE-2026-41240 via dompurify (>=3.0.0 <=3.3.3)

dompurify NPM version =3.0.0, =0.3.96, =0.3.33, =0.5.0, =1.0.0, =1.5.1, =0.18.0-beta.0, =0.0.1, =0.1.0-alpha.1, =0.1.0, =0.1.0, =0.0.0-dev-20240828032938, =0.2.8-experimental.0, =1.2.0, =1.5.1 and more Source cves: CVE-2026-41240 Source advisory: SNYK:JS-DOMPURIFY-16078387...

6.1CVSS7.2AI score0.00263EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/16 12:44 a.m.7 views

Malicious code in terminal-formatter (npm)

terminal-formatter is a malicious npm package that when installed postinstall-hook or imported sends local env variables, files and bash history to https://ghostraper.top and registers a new ssh key in .ssh/authorizedkeys. --- -= Per source details. Do not edit below this line.=- Source:...

5.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 10:5 p.m.8 views

Malicious code in chai-as-type (npm)

chai-as-type is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/c26313f0733957a7d787 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

6AI score
Exploits0References2
OSV
OSV
added 2026/04/15 10:5 p.m.11 views

MAL-2026-2897 Malicious code in chai-beta (npm)

chai-beta is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/XRGF3 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/15 10:5 p.m.5 views

MAL-2026-2888 Malicious code in chai-as-encrypted (npm)

chai-as-encrypted is a malicious npm package that when imported downloads a C2 dropper from https://api.npoint.io/29ebd497b6f232e6b0a9 and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References2
NVD
NVD
added 2026/04/15 4:16 p.m.5 views

CVE-2026-30625

Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands npm, npx accept argument flags that enable...

9.8CVSS0.00974EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 2:57 p.m.13 views

Malicious code in vs-supplier-portal-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd4ce50d0cee946b14aa2dee0c469a73331ff0c63bc65b134b3b50edb5d43c54 The package vs-supplier-portal-web was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 2:57 p.m.8 views

Malicious code in fusion-events (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8c8e696e51251f71e47adebced7b96e693530edba7546edfc180e21202e2048 The package fusion-events was found to contain malicious code. Source: ghsa-malware 88d534717a957da6a2dd2be4f5db4aa652489fa5ac3b30382f4a8e5e06865be2...

5.7AI score
Exploits0References1
Snyk
Snyk
added 2026/04/15 1:56 p.m.6 views

Malicious Package

Overview laserlogsink is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.7AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 1:21 p.m.7 views

Malicious code in react-dom-19 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e6b5a54efd0bd62412ae002a01495b83a035014f59692e4e942aeaf9fd70d0d The package react-dom-19 was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score
Exploits0
Rows per page
Query Builder