CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

344 matches found

OSSF Malicious Packages•added yesterday•3 views

Malicious code in nodemon-webpatch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b105e115122e719d986bfb11b73b58a67decc47f5a6b609b9f5e3ea496eb43ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

Exploits0References1

OSV•added yesterday•1 views

MAL-2026-5180 Malicious code in nodemon-webpatch (npm)

5.8AI score

Exploits0References1

OSSF Malicious Packages•added yesterday•4 views

Malicious code in nodemon-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66b967b89b3b02913d1a55f4fe65d3e7ecf4e39d25f5fd49bfb2879f73724dc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

Exploits0References1

OSV•added yesterday•1 views

MAL-2026-5174 Malicious code in nodemon-pack (npm)

5.8AI score

Exploits0References1

Tenable Nessus•added 2026/04/19 12:0 a.m.•2 views

Oracle Linux 8 : nodejs:20 (ELSA-2026-8339)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-8339 advisory. - Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-154018 Fixes: CVE-2026-27135 CVE-2026-27904...

9.2CVSS6.7AI score0.00964EPSS

Exploits5References5

Tenable Nessus•added 2026/04/17 12:0 a.m.•3 views

Oracle Linux 9 : nodejs:22 (ELSA-2026-7302)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7302 advisory. - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-152...

9.8CVSS5.9AI score0.00964EPSS

Exploits5References10

Tenable Nessus•added 2026/04/14 12:0 a.m.•0 views

Oracle Linux 9 : nodejs:20 (ELSA-2026-7896)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7896 advisory. - Update to version 20.20.2 Patch nghttp2 to version 1.68.1 and disable tests which would fail due to this change. Resolves: RHEL-164336 Fixes:...

9.2CVSS7AI score0.00964EPSS

Exploits5References5

Oracle linux•added 2026/04/10 12:0 a.m.•6 views

nodejs:22 security update

nodejs 1:22.22.2-1 - Update to version 22.22.2 - introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135 - disabled failing tests in nghttp2 due to newer version - patch for npm/braces CVE-2026-25547 Resolves: RHEL-163369 Fixes: CVE-2026-1528 CVE-2026-2229 CVE-2026-1526 CVE-2026-152...

9.8CVSS6.9AI score0.00964EPSS

Exploits5

Oracle linux•added 2026/04/10 12:0 a.m.•5 views

nodejs:24 security update

nodejs 1:24.14.1-2 - Update bundled nghttp2 to 1.68.1 1:24.14.1-1 - Update to version 24.14.1 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121581 2021.06-5 -...

9.8CVSS6.6AI score0.00175EPSS

Exploits1

Tenable Nessus•added 2026/04/09 12:0 a.m.•1 views

Oracle Linux 8 : nodejs:22 (ELSA-2026-7123)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7123 advisory. - Update to version 22.22.2 Resolves: RHEL-154019 Fixes: CVE-2026-1528 CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-27135 CVE-2026-1528...

9.8CVSS6.8AI score0.00964EPSS

Exploits5References10

Oracle linux•added 2026/04/09 12:0 a.m.•4 views

nodejs:22 security update

nodejs 1:22.22.2-1 - Update to version 22.22.2 Resolves: RHEL-154019 Fixes: CVE-2026-1528 CVE-2026-27135 CVE-2026-27904 CVE-2026-26996 CVE-2026-27135 CVE-2026-1528 nodejs-nodemon 3.0.1-1 - Exclude ix86 arches from building. Related: RHEL-35991 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883...

9.8CVSS5.9AI score0.00964EPSS

Exploits5

Rockylinux•added 2026/02/18 9:5 a.m.•4 views

nodejs:20 security update

An update is available for nodejs, nodejs-nodemon, module.nodejs-packaging, nodejs-packaging, module.nodejs, module.nodejs-nodemon. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9.1CVSS6.6AI score0.00109EPSS

Exploits2

Rockylinux•added 2026/02/18 9:5 a.m.•4 views

nodejs:24 security update

9.1CVSS6.6AI score0.00109EPSS

Exploits2

Oracle linux•added 2026/02/18 12:0 a.m.•6 views

nodejs:22 security update

nodejs 1:22.22.0-1 - Update to 22.22.0 Resolves: RHEL-141879 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 2.0.20-2 - Patch bundled glob-parent - Resolves: CVE-2021-35065 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517 2.0.15-1 - Resolves: RHBZ2005419 - Resolves...

9.1CVSS5.5AI score0.00964EPSS

Exploits5

Oracle linux•added 2026/02/18 12:0 a.m.•5 views

nodejs:20 security update

nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-141917 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 2.0.20-2 - Patch bundled glob-parent - Resolves: CVE-2021-35065 2.0.20-1 - Rebase to 2.0.20 Resolves: CVE-2022-3517 2.0.15-1 - Resolves: RHBZ2005419 - Resolves...

9.1CVSS5.5AI score0.00964EPSS

Exploits5

Oracle linux•added 2026/02/17 12:0 a.m.•9 views

nodejs:24 security update

nodejs 1:24.13.0-1 - Update to version 24.13.0 nodejs-nodemon 3.0.3-3 - Keep BR on just npm 3.0.3-2 - Fix BR for nodejs-npm nodejs-packaging 2021.06-6 - Properly handle @group/package deps in nodejs-symlink-deps Resolves: RHEL-121581 2021.06-5 - nodejs.req to properly detect bundled deps...

9.1CVSS6.4AI score0.00109EPSS

Exploits2

Tenable Nessus•added 2026/02/13 12:0 a.m.•3 views

Oracle Linux 8 : nodejs:22 (ELSA-2026-2421)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2421 advisory. nodejs 1:22.22.0-1 - Update to 22.22.0 Resolves: RHEL-118152 nodejs-nodemon 3.0.1-1 - Exclude ix86 arches from building. Related: RHEL-35991...

9.1CVSS6.9AI score0.00109EPSS

Exploits2References7

Tenable Nessus•added 2026/02/12 12:0 a.m.•2 views

Oracle Linux 8 : nodejs:20 (ELSA-2026-2422)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2422 advisory. nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-130972 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883 Tenable has...

9.1CVSS6.9AI score0.00598EPSS

Exploits3References7

Oracle linux•added 2026/02/11 12:0 a.m.•4 views

nodejs:20 security update

nodejs 1:20.20.0-1 - Update to version 20.20.0 Resolves: RHEL-130972 nodejs-nodemon 3.0.1-1 - Rebase to 3.0.1 - Resolves: CVE-2022-25883...

9.1CVSS5.5AI score0.00598EPSS

Exploits3

Tenable Nessus•added 2026/02/11 12:0 a.m.•3 views

Oracle Linux 8 : nodejs:24 (ELSA-2026-2420)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2420 advisory. nodejs 1:24.13.0-1 - Update to 24.13.0 Resolves: RHEL-135257 1:24.4.1-1 - Initial import of nodejs:24 nodejs-nodemon 3.0.3-1 - Initial import into...

9.1CVSS6.9AI score0.00109EPSS

Exploits2References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by