CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

234568 matches found

OSSF Malicious Packages•added 2026/05/05 11:51 a.m.•4 views

Malicious code in trevlo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3414c71889d8ebf7ad09c9b0bf9ab63f8f6589e1e030e35e40a971b767f51ad1 The package trevlo was found to contain malicious code. Source: ghsa-malware 01d7778a4b391062b3f0b2200861fde5a0b4c750eb4ebab90d36940142ae9293 Any...

Exploits0References1

OSV•added 2026/05/05 11:40 a.m.•1 views

MAL-2026-3339 Malicious code in nf-ui-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d5d1fc3aadbb204f6da1c0db37a6e1b540bdcc3964bd033d5657a067d7e246cc The package nf-ui-components was found to contain malicious code. Source: ghsa-malware 4ab8cac0b0cae1864121f4fd7223e6cb7bb0168d113ece4974f94aae4e2418...

Exploits0References1

Wolfi•added 2026/05/05 1:58 a.m.•6 views

CVE-2026-41673 vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

8.7CVSS5.4AI score0.0004EPSS

Wolfi•added 2026/05/05 1:58 a.m.•9 views

GHSA-F6WW-3GGP-FR8H vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

Wolfi•added 2026/05/05 1:58 a.m.•7 views

GHSA-J759-J44W-7FR8 vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

Wolfi•added 2026/05/05 1:58 a.m.•8 views

GHSA-X6WF-F3PX-WCQX vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

Wolfi•added 2026/05/05 1:58 a.m.•10 views

GHSA-2V35-W6HQ-6MFW vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

Wolfi•added 2026/05/05 1:58 a.m.•9 views

CVE-2026-41674 vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

8.7CVSS5.4AI score0.0002EPSS

Wolfi•added 2026/05/05 1:58 a.m.•11 views

CVE-2026-41672 vulnerabilities

Vulnerabilities for packages: sqlpad, saf, npm...

8.7CVSS5.4AI score0.00074EPSS

Patchstack•added 2026/05/05 12:25 a.m.•5 views

NPM: Axios: Header Injection via Prototype Pollution

NPM: Axios: Header Injection via Prototype Pollution vulnerability discovered by ? in WordPress Npm axios versions = 0.31.0...

7.4CVSS5.8AI score0.00047EPSS

Exploits1References3Affected Software1

OSV•added 2026/05/04 8:23 p.m.•2 views

GHSA-X3H8-JRGH-P8JX OpenClaw's exec allowlist analysis rejects shell expansion in unquoted heredocs

Summary Exec allowlist analysis rejects shell expansion in unquoted heredocs Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact An allowlisted command containing an unquoted heredoc could hide shell expansion in the heredoc body...

Exploits0References3

Github Security Blog•added 2026/05/04 8:23 p.m.•7 views

OpenClaw's exec allowlist analysis rejects shell expansion in unquoted heredocs

Summary Exec allowlist analysis rejects shell expansion in unquoted heredocs Affected Packages / Versions - Package: openclaw npm - Affected versions: = 2026.4.21 - Fixed version: 2026.4.22 Impact An allowlisted command containing an unquoted heredoc could hide shell expansion in the heredoc body...

Exploits0References3Affected Software1

OSSF Malicious Packages•added 2026/05/04 7:42 p.m.•5 views

Malicious code in lazyhtml-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45abfd9582509b7e6ded4a7ce678a25aef82365186bba18330d6f76f1cf3c5ea The package lazyhtml-scripts was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/04 7:6 p.m.•4 views

Malicious code in ms.analytics-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8603a11b43db05d179ab55b635a517ed40832c05fc4365a1ba69d2ec1eb5092 The package ms.analytics-web was found to contain malicious code. Source: ossf-package-analysis...

OSV•added 2026/05/04 7:6 p.m.•4 views

MAL-2026-3338 Malicious code in ms.analytics-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8603a11b43db05d179ab55b635a517ed40832c05fc4365a1ba69d2ec1eb5092 The package ms.analytics-web was found to contain malicious code. Source: ossf-package-analysis...

vulnersOsv•added 2026/05/04 6:27 p.m.•6 views

@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +21 more potentially affected by CVE-2026-26332 via vm2 (>=3.0.0 <=3.10.5)

vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =1.66.16, =1.66.16, =1.72.1 and more Source cves: CVE-2026-26332 Source advisory: SNYK:JS-VM2-16419533...

10CVSS5.8AI score0.00088EPSS

OSV•added 2026/05/04 4:46 p.m.•1 views

MAL-2026-3329 Malicious code in api-typings (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a549cfdf0cbbfa203632d6fe432f69fa60578b8d81b03b75c2bece912aa0c588 The package api-typings was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/04 4:46 p.m.•5 views

Malicious code in api-typings (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a549cfdf0cbbfa203632d6fe432f69fa60578b8d81b03b75c2bece912aa0c588 The package api-typings was found to contain malicious code. Source: ossf-package-analysis...

OSV•added 2026/05/04 4:36 p.m.•2 views

MAL-2026-3328 Malicious code in pocpoc2626 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a43e5357592b2bbbe0c68be3960ac829ab988a15b57d63df5ab954c9d0b5b09 The package pocpoc2626 was found to contain malicious code. Source: ossf-package-analysis...

OSSF Malicious Packages•added 2026/05/04 4:36 p.m.•4 views

Malicious code in pocpoc2626 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a43e5357592b2bbbe0c68be3960ac829ab988a15b57d63df5ab954c9d0b5b09 The package pocpoc2626 was found to contain malicious code. Source: ossf-package-analysis...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by