Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

OSV
OSVadded 2026/05/25 5:50 p.m.4 views

MAL-2026-4622 Malicious code in normalize-path-seq (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 048493f47bc6a8b0a61c93d14a9bfbbe5edd77baff2d2423870e3cc8b7099b0a On require, index.js invokes initPlugin at the module top level, which performs an HTTPS GET to https://jsonkeeper.com/b/VL3WY, parses the response...

6.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/14 7:24 p.m.5 views

Malicious code in bigint.fs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb3e0cb5c95475ce69c3672be6acfb9283bc6e29a1d7ba7452c922e7dc96a966 On require/import, index.js runs an IIFE that POSTs a getAccountInfo RPC call to https://api.devnet.solana.com for Solana account...

6.3AI score
Exploits0References1
The Hacker News
The Hacker Newsadded 2026/04/07 5:56 a.m.9 views

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

Threat actors are exploiting a maximum-severity security flaw in Flowise , an open-source artificial intelligence AI platform, according to new findings from VulnCheck. The vulnerability in question is CVE-2025-59528 CVSS score: 10.0, a code injection vulnerability that could result in remote cod...

10CVSS6.4AI score0.8771EPSS
Exploits24
Snyk
Snykadded 2026/04/01 12:5 a.m.2 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection through the escapeNodeAttributeValues process. An attacker can execute arbitrary operating system commands by crafting a malicious .sy.zip file containing specially formatted block attribute values, which, when...

9.3CVSS6.2AI score0.00078EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 2025/11/20 12:0 a.m.4 views

TencentOS Server 4: kubevirt (TSSA-2025:0586)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0586 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8.2CVSS7.1AI score0.00607EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2009-3892

Malware in sbrugna...

4CVSS6.4AI score0.00386EPSS
Exploits0References7
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-0987

Malicious code in bioql PyPI...

8.2CVSS8.1AI score0.00245EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/21 7:55 p.m.3 views

CVE-2009-3921

The Smartqueueog module 5.x before 5.x-1.3 and 6.x before 6.x-1.0-rc3, a module for Drupal, does not verify group-node privileges in certain circumstances involving subqueue creation, which allows remote authenticated users to discover arbitrary organic group names by reading confirmation message...

4CVSS6.8AI score0.00386EPSS
Exploits0References1
OSV
OSVadded 2012/04/22 6:55 p.m.1 views

DEBIAN-CVE-2012-0946

The NVIDIA UNIX driver before 295.40 allows local users to access arbitrary memory locations by leveraging GPU device-node read/write privileges...

4.6CVSS6.4AI score0.00107EPSS
Exploits0References1
Rows per page
Query Builder