CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

234824 matches found

OSSF Malicious Packages•added 2026/04/23 4:24 a.m.•5 views

Malicious code in @nklkas/hyperliquid (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecc648f0f62878455b1b388282a720ca552dad5cf17d8545393cb7f57fdbfdab The package @nklkas/hyperliquid was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/23 4:24 a.m.•3 views

Malicious code in changelog-cli-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98a1e229322241da9d146f6aad5c96de566b2707088406fd7de40cbb69445023 The package changelog-cli-logger was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/23 4:24 a.m.•7 views

Malicious code in changelog-utils-structured-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59b5bb27f7c03b12e70af2a6d86b388cad7c4fdd02e8ee381f947d291ce9acd The package changelog-utils-structured-logger was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Exploits0References1

Snyk•added 2026/04/23 4:24 a.m.•4 views

Malicious Package

Overview @nklkas/hyperliquid is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score

Exploits0References2

Snyk•added 2026/04/23 4:24 a.m.•1 views

Malicious Package

Overview changelog-utils-structured-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

9.8CVSS5.4AI score

Exploits0References2

OSV•added 2026/04/23 4:24 a.m.•7 views

MAL-2026-3004 Malicious code in @nklkas/hyperliquid (npm)

5.7AI score

Exploits0References1

Snyk•added 2026/04/23 3:59 a.m.•2 views

Malicious Package

Overview separadordeinfocc is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score

Exploits0References2

OSV•added 2026/04/23 3:59 a.m.•3 views

MAL-2026-3010 Malicious code in separadordeinfocc (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90aec77465d7938875e19e8508965f986ac0e81968433307546a40823fa805e6 The package separadordeinfocc was found to contain malicious code. Source: ghsa-malware...

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/23 3:59 a.m.•5 views

Malicious code in separadordeinfocc (npm)

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/23 3:59 a.m.•4 views

Malicious code in undicy-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d4da47dd47cb80cf3a7a93cd81c2154b7cd905834b35f89f0703a5a8dab5d1e The package undicy-http was found to contain malicious code. Source: ghsa-malware daa1abf913048406268c31888f8b6defc0e69b49ba85dcbdb966fea8a3caf235 An...

5.7AI score

Exploits0References1

Snyk•added 2026/04/23 3:59 a.m.•3 views

Malicious Package

Overview undicy-http is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.4AI score

Exploits0References2

OSV•added 2026/04/23 3:56 a.m.•4 views

MAL-2026-3014 Malicious code in vime-azl (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a86b8ee643a9ac9cb7529c19293e56a1ccefe33d616c0459e90c364f529a55d2 The package vime-azl was found to contain malicious code. Source: ghsa-malware d7731c972c51221a2f0a582c0f7d25c9054e45942accb77b36d8a170074c8ade Any...

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/23 3:49 a.m.•6 views

Malicious code in ts-moduler (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bfa69fb7376ebc308243d78af9402eac9735a83121bbd7cf72a86cc792d10ad The package ts-moduler was found to contain malicious code. Source: ghsa-malware ea28227378d489dcc355b2e56f166d0aadb5c59656ac5033a4090bad165d783c Any...

5.7AI score

Exploits0References1

Snyk•added 2026/04/23 3:49 a.m.•2 views

Malicious Package

Overview ts-moduler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score

Exploits0References2

OSSF Malicious Packages•added 2026/04/22 9:15 p.m.•5 views

Malicious code in @spinstorm/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e56e452f9b6929e66be95ebdf49d432e7bbfeb76fc349123bcc39175f412e802 The package @spinstorm/shared was found to contain malicious code. Source: ossf-package-analysis...

5.7AI score

Exploits0

vulnersOsv•added 2026/04/22 8:19 p.m.•6 views

08cms (=1.0.0), 0uth (>=1.0.5 <=1.2.1) +13074 more potentially affected by CVE-2026-41674 via xmldom (>=0.1.11 <=0.6.0)

xmldom NPM version =0.1.11, =1.0.5, =1.0.0, =1.0.0, =1.7.3, =0.1.0, =0.0.2, =0.0.1, =1.0.2, =1.0.3, =1.0.23, =1.0.1, =1.3.1 and more Source cves: CVE-2026-41674 Source advisory: OSV:GHSA-F6WW-3GGP-FR8H...

8.7CVSS5.4AI score0.00392EPSS

Exploits0

The Hacker News•added 2026/04/22 5:33 p.m.•8 views

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply chain worm has been detected by both Socket and StepSecurity, with the companies tracking the...

6AI score

Exploits0

Snyk•added 2026/04/22 3:3 p.m.•3 views

Malicious Package

Overview @stlm/common-ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score

Exploits0References2

OSSF Malicious Packages•added 2026/04/22 3:3 p.m.•6 views

Malicious code in @stlm/common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 524e7ff666da99814e99aa71977173170ff4d7d51c5730a30bf0375665f89582 The package @stlm/common-ui was found to contain malicious code. Source: ghsa-malware 2d6d7ee043c22bf0b8caf216d27b99ca30f22667d60e5d1d0c76178c5808ae5...

5.7AI score

Exploits0References1

OSSF Malicious Packages•added 2026/04/22 2:49 p.m.•5 views

Malicious code in color-studio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d197fd4183100bf9c61d06d5f63aea39f8b61429628f3a13522d8b511a0482bb The package color-studio was found to contain malicious code. Source: ghsa-malware 3ea22c97ba975ced2d26e899fe9ac900d3e1df68314536f95416cf2b03b65472 A...

5.7AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by