CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•9 views

Malicious code in ai3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83540d952123c5d1199bbec1a72d0c4c49c428f309b9d68df45e307b852000a7 package.json declares "preinstall": "./.github/scripts/precheck", which points at a 976,568-byte precompiled Linux ELF x86-64 binary shipped inside t...

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•12 views

Malicious code in weavedb-exm-sdk-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...

OSV•added 2026/05/26 1:0 a.m.•8 views

MAL-2026-4719 Malicious code in weavedb-exm-sdk-web (npm)

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•7 views

Malicious code in test-ajs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 851b521e3dde5ea11478cd37cc4bf8da2f0a0ca1864d6c39fa27fd02ef0f9308 test-ajs advertises a 2KB React/Recoil helper dist/cjs/index.js, 2169 bytes, exporting Roid/inject glue over react+recoil but ships a 976KB Linux ELF...

OSV•added 2026/05/25 6:8 p.m.•4 views

MAL-2026-4437 Malicious code in @service-suppliers/set_selected_supplier (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eba319282947a6dfb83a31cec6127e62594cc16160bd9c74cee3feee349c4b07 The postinstall hook in scripts/postinstall.js performs two independently-blocking actions on every npm install. First, it scrapes installer-side...

OSSF Malicious Packages•added 2026/05/25 6:8 p.m.•8 views

Malicious code in @service-suppliers/set_selected_supplier (npm)

OSSF Malicious Packages•added 2026/05/25 5:38 p.m.•8 views

Malicious code in api-rs-node (npm)

A campaign of npm packages sharing a common dropper clob.js that downloads and persistently installs a Windows executable from IPFS on postinstall. The dropper fetches the binary from IPFS CID bafybeif3zkapj364ofnrvbty7oj5h5ufpxlp4s62usk3ulxrru35e3gssa via multiple public gateways Pinata,...

OSV•added 2026/05/25 1:57 p.m.•7 views

MAL-2026-4587 Malicious code in intl-ads (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7e29be11c53c137c2a24258ae423cf422fefcaad06183d67aa5c895a8fe4801 On npm install, the package's scripts.preinstall runs poc.js which collects hostname, username, full network configuration ipconfig/ip a/resolv.conf,...

5.9AI score

OSV•added 2026/05/25 1:48 p.m.•3 views

MAL-2026-4589 Malicious code in itc-actors-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 22687e1f7601dde1753d3775925d62d040892631394937e56e9b9fba74fb85c6 The package contains callback.js which collects host identifiers and user information os.hostname, os.userInfo, os.platform, cwd and transmits them v...

OSV•added 2026/05/25 9:5 a.m.•5 views

MAL-2026-4317 Malicious code in jules-standard (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68192c93adffde34c344bbc8448fe604a749ba448c9fd982f6ba9f8564ff4705 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/25 9:5 a.m.•9 views

Malicious code in ts-result-pipe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97286c3b19bbcf773e8a53257eb3ffbad2ec6c7b39d63ef1a6b36b0b63b60e56 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/25 9:5 a.m.•5 views

MAL-2026-4326 Malicious code in ts-iter-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52fbece62de86bd0498245046503745a1c94d8be949096277c47cd4a01f99dcf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/25 9:5 a.m.•8 views

Malicious code in ts-schema-config (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d68e7e22dfa399a34405dd3c5824b27aa46ef7773d2bad7b4b698c77f17ccf1f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/25 9:5 a.m.•6 views

MAL-2026-4297 Malicious code in @gbrlxvii/ts-env-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a87c7356d89cd5eab9c271d10f1a74e288d09e5cf9333a9ee102ef8a532b31dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2026/05/25 9:5 a.m.•9 views

Malicious code in ts-typeguard-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f74d71bf9db34dbac382712020acc0d441e7921053f6664204f5bbff1906b96f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Snyk•added 2026/05/25 9:5 a.m.•12 views

Malicious Package

Overview ts-iter-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

OSSF Malicious Packages•added 2026/05/25 9:5 a.m.•8 views

Malicious code in @gbrlxvii/ts-env-validator (npm)

OSSF Malicious Packages•added 2026/05/25 9:0 a.m.•11 views

Malicious code in internallib_v95 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 446fa224122b28950a2a22289bd7a9bf4a29861cde218c495651e1e58da37176 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2026/05/25 8:54 a.m.•7 views

MAL-2026-4305 Malicious code in auth0-net-sdk-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9cf6a5c13db1c0846ba64abd842d9980dddd9c0d66d3497d549779ccaea114b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...