CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSSF Malicious Packages•added 2026/05/26 1:1 a.m.•9 views

Malicious code in weavedb-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...

5.8AI score

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•9 views

Malicious code in ai3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83540d952123c5d1199bbec1a72d0c4c49c428f309b9d68df45e307b852000a7 package.json declares "preinstall": "./.github/scripts/precheck", which points at a 976,568-byte precompiled Linux ELF x86-64 binary shipped inside t...

OSV•added 2026/05/26 1:0 a.m.•7 views

MAL-2026-4719 Malicious code in weavedb-exm-sdk-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•11 views

Malicious code in weavedb-exm-sdk-web (npm)

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•6 views

Malicious code in cwao-units (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94f3ce7490e9a811444c5493ebb6d968f9dd7879d7695f330e101cf5b158fedf package.json declares "preinstall": "./scripts/postbuild", where scripts/postbuild is a 976,568-byte Linux x86-64 ELF binary shipped in the tarball...

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•6 views

Malicious code in wdb-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3ddd306d024c4dd394d19c1adb610389f239fa619d25fff4f75b857a678da0ee package.json declares "preinstall": "./vendor/setup", which on every npm install invokes a 976568-byte Linux x86 ELF binary shipped inside the packag...

OSV•added 2026/05/26 1:0 a.m.•5 views

MAL-2026-4544 Malicious code in cwao (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f48b0fefe9d99bcebeaa878f5bb2ca40df917b40785d6b5b8a31cf6e70a44970 package.json declares "preinstall": "./vendor/setup", which directly executes a 976,568-byte packed Linux x86 ELF binary shipped in the tarball. The...

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•8 views

Malicious code in cwao (npm)

OSSF Malicious Packages•added 2026/05/26 1:0 a.m.•7 views

Malicious code in test-ajs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 851b521e3dde5ea11478cd37cc4bf8da2f0a0ca1864d6c39fa27fd02ef0f9308 test-ajs advertises a 2KB React/Recoil helper dist/cjs/index.js, 2169 bytes, exporting Roid/inject glue over react+recoil but ships a 976KB Linux ELF...

OSSF Malicious Packages•added 2026/05/26 12:59 a.m.•9 views

Malicious code in weavedb-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886f22636b5e4726978e23b10a4311fb7e65c2b10003da72429348fa617884d1 package.json declares "preinstall": "./vendor/setup", which runs a 976KB packed Linux x86 ELF binary sha256...

5.8AI score

OSSF Malicious Packages•added 2026/05/26 12:59 a.m.•11 views

Malicious code in weavedb-node-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d174728fc7469b023ece1980797185c35abd74c56e253bc1dc1b295a46a1dbd2 package.json declares "preinstall": "./tools/setup", unconditionally executing a 976KB UPX-packed, stripped Linux x86 ELF on every npm install. The...

OSV•added 2026/05/26 12:59 a.m.•6 views

MAL-2026-4721 Malicious code in weavedb-node-client (npm)

OSSF Malicious Packages•added 2026/05/26 12:59 a.m.•8 views

Malicious code in weavedb-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59e557cd0501bb17925a19c5d3525fdf18f286b21750a44c0164eb7e165f55d9 package.json declares "preinstall": "./dist/runtime.node", causing npm to execute a 976 KB packed binary on every install. The file uses the .node...

6.1AI score

OSV•added 2026/05/26 12:59 a.m.•4 views

MAL-2026-4725 Malicious code in weavedb-sdk-node (npm)

6.1AI score

Positive Technologies•added 2026/05/26 12:0 a.m.•6 views

PT-2026-43242

Name of the Vulnerable Software and Affected Versions KubeVirt affected versions not specified Description A flaw in the virt-handler component allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual...

9.9CVSS5.8AI score0.00121EPSS

Exploits0References16

Positive Technologies•added 2026/05/26 12:0 a.m.•5 views

PT-2026-43445

Pre-auth RCE in FUXA via Logic Bypass Summary A Critical vulnerability chain exists in FUXA v.1.3.0-2706 that allows an unauthenticated remote attacker to achieve Full Remote Code Execution RCE as root. The exploit succeeds even when the platform is configured in its most secure state Secure Mode...

9.3CVSS6.5AI score

Exploits0References5

OSV•added 2026/05/25 10:0 p.m.•3 views

MAL-2026-4352 Malicious code in xarc-webpack-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b29d869051afe04db57e24dad1092c70992f83465d60989f5120e17d7fa20310 The package ships a preinstall hook node poc.js || true that runs on every npm install. poc.js collects host fingerprint data hostname, username,...

OSSF Malicious Packages•added 2026/05/25 10:0 p.m.•9 views

Exploits0References2

Malicious code in xarc-webpack-cli (npm)

OSV•added 2026/05/25 10:0 p.m.•5 views

Exploits0References2

MAL-2026-4590 Malicious code in json-to-simple-graphql-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9998f4fd6abaaefcf6bd610ce0b558f0e1eb22c9d4dae07a111c27cc7f7322c The package contains a poc.js script that collects host reconnaissance data os.hostname, os.platform, output of whoami via childprocess and POSTs it ...